Privacy and Personal Data Protection

—   You may find the Portuguese version here.

Privacy and Personal Data Protection

The NOVA University Lisbon (“UNL”) is committed to protect your personal data and to respect your privacy. The UNL collects and further processes personal data pursuant to Regulation (EU) 2018/1725 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data.

In this sense, we are committed to guaranteeing the privacy and protection of the personal data of the holders in the context of the Final Conference of the Project “Partnerships for Science Education” (PAFSE), in accordance with best practices and applicable legislation, including the General Data Protection Regulation (GDPR), including the data collected through the visit and access to the meeting website accessible at https://pafse.eu focused on publicizing the Final Conference of PAFSE Project and the respective registration of participants.

In this context, the purpose of this Privacy Policy is to provide information on how UNL processes the data collected, the purpose for which it is processed, the categories of data subjects and the categories and types of data, with whom it is shared, the retention period, as well as the different ways in which users can get in touch to find out about and exercise their rights.

Data Controller

UNL is responsible for the processing of personal data, with registered office at Campus de Campolide, 1099-085 Lisboa, telephone: +351 213 715 600.

Data Protection Officer

UNL has appointed a Data Protection Officer, whose contact should be made directly via e-mail to dpo@unl.pt on all matters relating to the processing of personal data processed under this Privacy Policy.

Forms of Data Collection

Within the scope of the Final Conference of PAFSE Project, personal data is collected in two ways:

  • Directly from the data subjects:During the collection of personal data in the participants’ registration process, by filling in the registration form participants’ personal data is collected, such as name, contact and other relevant information;During the registration process on the event’s website, by filling in participants provide personal information, such as name, email address, telephone number;During access to UNL facilities, through access to the facilities in the process of registering participants’ personal data, such as their names and contact information to ensure security and access control to the venue;In catering services, such as lunches and coffee breaks, according to the event’s final schedule, through catering supplies, participants’ personal data is collected, such as food preferences or dietary restrictions;In tracking while browsing the event’s website, through browsing the event’s website, personal data of participants may be collected, such as IP address, browsing history and usage preferences;

    In capturing the image and voice of participants during the event, through the collection of images and audio and video recordings of participants for photographic records, interviews, press coverage, among others;

    In the recording of plenary sessions for streaming the event, through access to the recordings of the plenary sessions of the Final Conference of PAFSE Project to stream the event, which may include personal information of the participants present in the recordings.

  • Indirectly from data subjects:During the registration process for member organizations, through the collection of personal data of representatives, as well as other members registered by them;Access to video, audio and photographic recordings by partner organizations: through a protocol with partner organizations, access can be gained to the content of video and audio recordings, as well as photographs of the event taken by them;Recording of plenary sessions for streaming of the event: through access to recordings of the plenary sessions of the Final Conference of PAFSE Project for streaming of the event, which may include personal information of the participants present in the recordings.

Categories of Data Subjects and Categories of Data

The personal data collected relates to the following categories of data subjects: members of the partner organizations (legal representatives, points of contact for the management team, communications and marketing manager, managers, employees, service providers); members of the member organizations (representative members, as well as other non-representative members who are registered by them); users registered on the website; users registered on the webapp; registered participants; speakers; third parties represented in exhibitors and sponsors; volunteers; journalists.

The personal data collected covers the following common categories of data: Civil Identification: Includes the full name and surname of the data subjects; Contact Information: Includes the personal and professional or institutional email address and telephone, essential for direct communication; Academic and Professional Data: Describes the professional or academic activity of the data subjects, detailing the position or function in the institutional or professional context: Browsing and Tracking Data: Comprises technical information, such as IP (Internet Protocol) addresses, unique identifiers and security logs, as well as session and user cookie data, used to monitor and track the online activity of the holders when accessing the event website; Authentication Information: Consists of access credentials, such as username and password, together with the associated user profiles, which ensure the authentication and identification of the holders in the digital context; Physical Data: related to the image and voice of the participants in photographs, audio and videos captured during the event.

Personal data, especially relating to the image of participants, will be used for subsequent dissemination in digital media, such as photos, audios or videos, on social networks and institutional channels exclusively related to the promotion and dissemination of the Final Conference of PAFSE Project.

Purposes for Processing Personal Data

The personal data processed in the context of the Final Conference of PAFSE Project is for the purpose of managing institutional communication and events.

Grounds for Lawful Processing

The processing of personal data for the Final Conference of PAFSE Project complies with the principles of lawfulness, fairness, transparency and limited storage periods. In this context, the processing of personal data is lawful on the basis of:

in Article 6 of the GDPR, points e) and c), as it is necessary for the exercise of functions in the public interest and the fulfillment of legal obligations to which UNL is bound, in particular, those of “Promoting scientific and technological culture and the diffusion and dissemination of scientific and technical knowledge” under the terms of Article 3, paragraph 2, point g) of Decree-Law no. 55/2013, of April 17.

Article 6 of the GDPR, point f) regarding the image and voice data of participants, as it is necessary for the legitimate interests pursued by UNL related to the subsequent dissemination of the event in digital media, such as photos, audios or videos, on social networks and institutional channels, contributing to increasing the reach and visibility of the event, allowing a wider audience to have access to the information and moments shared at the Final Conference of PAFSE Project, promoting an environment of interaction and connection between participants and the scientific community in general.

The personal data collected in the context of the event is also processed for statistical purposes.

Rights of Data Subjects

As holders of personal data, they may exercise the following rights, within the limits of the law:

Right of access: the data subject has the right to obtain confirmation from UNL (data controller) about the processing of their personal data, as well as to access this data and request information about its processing.

Right to rectification: the data subject has the right to obtain the rectification of inaccurate personal data and to complete incomplete data.

Right to erasure: the data subject has the right to obtain the erasure of their personal data, without prejudice to the retention periods established.

Right to restriction of processing: the data subject has the right to obtain restriction of processing.

Right to portability: the data subject has the right to receive personal data concerning them collected through this website in a structured, commonly used and machine-readable format. They also have the right to have their personal data transmitted directly to other data controllers.

Right to object: the data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them, including profiling.

Right to complain to the National Commission for the Protection of Personal Data (www.cnpd.pt) if they consider that any of the rights listed have been violated.

Jointly Responsible for Treatment

Personal data are subject of joint processing operations between UNL and Centro de Formação de Escolas António Sérgio (CFEAD) in the context of the Final Conference of the PAFSE Project, based on instruments that safeguard the sharing of personal data as co-organizers of the event. This partnership establishes joint responsibility for processing, with UNL designated as the single point of contact via email dpo@unl.pt. UNL receives communications from data subjects and forwards requests to CFEAD, jointly defining the appropriate response depending on the subject. Data subjects can exercise their rights with any of the co-organizers of the PAFSE Project Final Conference, using the specific contact details of each one.

UNL processes personal data during participant registration, website registration, navigation tracking, image and sound capture during the event, and recording of plenary sessions. CFEAS, as a peer entity, also publicizes the Final Conference of the PAFSE Project on communication channels and certifies the Short-Term Action (ACD) for the purposes of the teaching career under Order 5741/2015 of May 29, for the purposes of career progression , teachers from the 2nd and 3rd cycle of basic education and secondary education, and the data is used for this purpose, as well as to publicize the activities of this institution.

Subcontractors

Personal data is also transmitted to subcontractors for processing in the name and on behalf of the UNL. Subcontractors processing personal data on behalf of the UNL are obliged to submit, in writing, sufficient guarantees that appropriate technical and organizational measures have been taken to comply with the applicable legislation on privacy and the protection of personal data and to ensure that the rights of the data subject are upheld.

Transfer of data to third countries

For the processing of personal data within the scope of this website and for the purpose indicated, there is no transfer of personal data outside the European Union.

Retention period

The retention period for personal data is that set by law or regulation or, failing that, that which is necessary for the pursuit of the purpose for which it was collected and processed. However, UNL may keep some of the data for longer periods, without prejudice to applying the appropriate guarantees for the rights and freedoms of the data subject, under the terms of the legislation in force.

In the case of processing for statistical purposes, the data may be kept for longer periods, without prejudice to applying the appropriate guarantees for the rights and freedoms of the data subject, under the terms of the legislation in force.

Measures adopted to guarantee the security of personal data

To guarantee the protection of personal data, UNL implements strict, internationally recognized rules that apply to all those who legally handle personal data.

Accordingly, technical and organizational security measures are implemented to protect the personal data made available to UNL, as well as the confidentiality, integrity and authenticity of the data processed. Personal data stored by the UNL is encrypted and anonymized whenever possible, and subject to access control based on the principle of least privilege. UNL continually reviews the quality and information security practices it adopts in order to ensure, on the one hand, continuous improvement, and on the other hand, that it keeps up with new cyber threats and implements the necessary countermeasures.

Notification and complaint

Without prejudice to sending a direct notification to the UNL, through the contact dpo@unl.pt, you can complain directly to the National Data Protection Commission (www.cnpd.pt), using the contacts provided by this entity for this purpose.

Changes to the Privacy Policy

This Privacy Policy may be subject to updates, so regular consultation is advised. Changes are deemed to take effect from the date they are posted on this website, with express reference to the date of the update.