Project Up2DigiSchool logotype

Privacy Policy

Description of the Up2DigiSchool project

The international Up2DigiSchool project – “A viable pedagogical approach for digital school education based on the experience of Up2U” – is funded with the ERASMUS+ Programme agreement number 2021-1-PL01-KA220-SCH-000027868. The project is executed between February 2022 and February 2025.
The project delivers web applications (such as a learning scenarios portal, a website, and others) mainly for teachers, educators, school leaders and students from 13 years old. The project also communicates with such target groups in various ways to achieve its research goals.

Scope of this Privacy Policy

This Privacy Policy sets out the criteria and the conditions under which the Up2DigiSchool project collects, processes, stores, and transfers your personal data, how the confidentiality of such information is ensured as well as any law and/or regulation implemented or enacted in accordance with the GDPR (General Data Protection Regulation).

What Personal Data do we process and for what purpose?

We will be processing the following personal data:

1. for communicating with you via emails, newsletters, questionnaires, etc.
a. name;
b. email address;
c. preferred language;
d. role (such as a teacher, student etc.);
e. affiliation (school, institution, etc.).

2. for creating and maintaining your user profile in our web applications
a. the data as above, but also:
i. nickname, username;
ii. profile picture;
iii. learning outcomes and other data you decide to share via our web applications.

3. for application maintenance and for security reasons
a. cookies;
b. IP Address;
c. access date & time;
d. record (log) of actions taken within applications.

Providing the information above is necessary and if you choose not to provide certain information, you may not be able to use certain services or participate in certain activities.

Data Controller

The purpose and means of processing your data are determined by six joint data controllers from different European countries. Each data controller defined their contact point. The joint data controllers and their contact points are the following:

  1. INSTYTUT CHEMII BIOORGANICZNEJ POLSKIEJ AKADEMII NAUK, Poznan Supercomputing and Networking Center, ul. Z. Noskowskiego 12-14, 61-704 Poznan, Poland (PSNC). Contact to the data protection officer: tel. +48 61 8582044, email: dpo@ibch.poznan.pl
  2. KAUNO TECHNOLOGIJOS UNIVERSITETAS, K Donelaicio 73 44249 Kaunas, Lithuania (KTU). Contact to the data protection officer: gytis.cibulskis@ktu.lt
  3. KAUNO RAJONO SVIETIMO CENTRAS, Saules str. 12 LT-50239 Kaunas, Lithuania (KRSC). Contact to the data protection officer: rasa.sasnauskiene@centras.krs.lt 
  4. NATIONAL TECHNICAL UNIVERSITY OF ATHENS – NTUA, Heroon Polytechniou 9 Zographou Campus, 15780 Athina, Greece (NTUA). Contact to the data protection officer: mary@netmode.ntua.gr 
  5. ELLINOGERMANIKI AGOGI SCHOLI PANAGEA SAVVA AE, Dimitriou Panagea Str 15351 Pallini, Greece (EA). Contact to the data protection officer: vagelis@ea.gr 
  6. UNIVERSITA DEGLI STUDI DI ROMA LA SAPIENZA, Piazzale Aldo Moro 5, 00185 Roma, Italy (URoma). Contact to the data protection officer: alessandro.filippetti@uniroma1.it

Legal basis

Your personal data will be processed on the basis of:

  1. if you are 16 or older – your consent;
  2. if you are under 16 – the consent provided by the holder of parental responsibility over you.

Additionally, we process your personal data on the basis of legitimate interest consisting of providing to the users technical solution enabling them to use our web applications (based on voluntary decision of each user) as well as administrative and security maintenance of the applications what is not overridden by the interests or fundamental rights and freedoms of the user (data subject).

When and how do we share Personal Data?

Your personal data, when necessary, will be shared with third parties that are following the same practices and have implemented the security and data protection requirements to ensure the adequate protection of your personal data. Your personal data, when necessary, may be also transferred to a third country but only to third parties that implement suitable safeguards such as approved certification mechanisms or standard data protection clauses. Due to the nature of the applications being used some data (name and email) may be visible to other users of the applications (e.g. your name and your posts in a forum).

Personal Data Retention

Your personal data will be processed at least until the end of the project (currently planned for February 2025), or as long as the web application services are provided (currently planned at least one year since the project ends). After this period your personal data will be anonymized and used only for statistical purposes.

Security

To ensure the security of your personal data, we have in place the following measures:

  1. minimisation and pseudonymization of personal data we collect;
  2. multi-layers of firewalls to avoid the unauthorised external access;
  3. managing, limiting and controlling access to personal data;
  4. backup and redundancy;
  5. regular testing of the effectiveness of the measures implemented;
  6. safety and encrypted communication channels.

Your Rights

You have the right to: 

  1. request access to your data; 
  2. ask us to rectify information; 
  3. withdraw your/parental consent which is not affecting the lawfulness of the processing based on the consent before its withdrawal.

Those rights can be exercised by contacting any of the contact points listed in section “Data Controller”. Additionally, you have the right to lodge a complaint with a supervisory authority from any of the countries listed in section “Data Controller”.

Privacy Policy updates

This Privacy Policy may be reviewed and updated from time to time – in such case the Privacy Policy will be labeled as “Revised (date)”. The initial version of this notice was created in February 2022.