Articulate

GDPR Information Clause

Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation – GDPR) and Regulation (EU) 2018/1725, we hereby inform you that:

§1 Entities Processing Data

  1. The Data Administrator is the European Commission, Directorate-General for Education, Youth, Sport and Culture – DG EAC.
  2. The data Processor is Nederlands Jeugdinstituut – National Agency Erasmus+ Youth, National Agency Code NL02, PO Box 19221, NL 3501 DE Utrecht, The Netherlands, erasmusplus@nji.nl, acting as the Dutch National Agency responsible for Erasmus+ Youth.
  3. The sub-processor is Civitas & Publica Foundation, Netherlands, represented by Alexandra Sitch, projets.civitas@gmail.com, +31 654 346 410, acting as the project coordinator and beneficiary of the grant agreement concluded with the Dutch National Agency for Erasmus+ Youth.

§2 Categories of Data

  1. Identification and contact data: first name, last name, date of birth, institutional affiliation, e-mail address, telephone number.
  2. Professional and organisational data: information related to participation in training activities, learning outcomes, evaluations, and records of participation in project events.
  3. Image data: photographs and video or audio recordings documenting participation in project activities, within the scope of the consents granted.
  4. Special categories of data: information concerning health, disability, dietary requirements or other accessibility needs, processed only to the extent necessary to ensure safety, accessibility and proper organisation of project activities.

§3 Data Source

  1. Data is obtained directly from project participants or partners involved in its implementation, as well as through IT tools used as part of project activities.

§4 Purposes and Basis of Processing

  1. Project implementation and accountability of the project 2024-3-NL02-KA210-YOU-000279274 “ART-iculate”, including recruitment, organisation of educational and training activities, monitoring, evaluation, reporting, auditing and archiving – pursuant to Article 6(1)(c) and Article 6(1)(e) of the GDPR, in connection with applicable Erasmus+ programme rules, EU financial regulations and obligations arising from the grant agreement.

Specifically, personal data may be processed for:

  1. ensuring the safety and accessibility of participants, including educational, organisational, dietary, health-related or disability-related adaptations;
  2. organisational and substantive communication with participants and project partners;
  3. implementation of educational, training, piloting, dissemination, evaluation and follow-up activities;
  4. preparation of attendance lists, certificates, Youthpass certificates, reports, evaluation forms and other project documentation;
  5. promotional and informational activities, including publication of photographs, video or audio recordings, only within the scope of separate consent granted by the participant or, in the case of minors, by their legal guardian;
  6. establishment, pursuit or defence of legal claims, as well as archiving evidence required for project accountability and audit purposes.

§5 Voluntary Provision of Data

  1. Providing personal data is voluntary but necessary to participate in the project. Refusal to provide data makes participation impossible where the data is required for recruitment, organisation, safety, reporting or accountability purposes. Consent for the use of image is separate and voluntary.
  2. Data are stored for the duration of the project and for the legally required archiving period applicable to Erasmus+ projects, not shorter than 5 years after the project's completion. In the case of proceedings, audits, controls or claims, data will be retained until their final conclusion and the expiry of limitation periods.
  3. Data are not transferred outside the European Economic Area, unless the use of specific digital tools requires such transfer and only where appropriate safeguards under GDPR are ensured.
  4. Data subjects have the right to: access their data, rectify them, erase them (unless exceptions under Article 17(3) GDPR apply), restrict processing, transfer data where applicable, object to processing under Article 21 GDPR, and lodge a complaint with the competent data protection supervisory authority.
  5. A data subject may object at any time to data processing based on Article 6(1)(e) or Article 6(1)(f) GDPR for reasons related to their particular situation. In case of an objection to data processing for informational and promotional purposes, the project coordinator will cease processing the data for those purposes.
  6. Data are not used for automated decision-making or profiling producing legal effects. Analysis of activity within digital systems is used only for the organisation, monitoring and evaluation of the educational process.

§6 Security Measures and Final Provisions

  1. Civitas & Publica Foundation applies appropriate technical and organisational measures, including access control, secure storage of documents, limited access to personal data, supervision of IT tools and staff awareness regarding data protection.
  2. For underage participants, consent from a legal guardian is required for participation in the project. Publication of a participant's image requires separate consent. Lack of consent for image publication does not exclude participation in project activities.
  3. Requests regarding personal data should be sent via email to: projets.civitas@gmail.com, with the subject line “GDPR – ART-iculate”. Responses will be provided within the period required under applicable data protection law.