Skip navigation

Privacy Policy

BioClima Privacy & Data Protection Policy

Effective date: 1. 1. 2025

The BioClima Project ("we", "us", "our") is committed to protecting your privacy and personal data. This policy explains how we collect, use, and safeguard your data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR), Horizon Europe requirements, and relevant national legislation.

1) Data Controller

BioClima Project Team
Email: mildorf(at)kgm.zcu.cz
Project Coordinator: Tomas Mildorf, Project Manager at the Department of Geomatics at the University of West Bohemia

For any questions regarding data protection, please contact the project team at the email above.

2) What Personal Data We Process

We collect and process only the minimum personal data required for secure platform operation, event management, and project reporting:

  • Authentication data: login/account identifiers, hashed passwords or tokens.
  • Identity & contact data: name, surname, email address, organisation/affiliation.
  • Technical data: IP address, browser type, access times, and log files for functionality and security.
  • Communication data: information provided through email or contact forms.
  • Event data: optional information such as dietary/access needs or participation details.
  • Media (if applicable): photos, audio or video recorded during BioClima events, only with prior consent.

Special categories of data (e.g., health information) are not processed unless explicitly required (e.g., for accessibility) and only with consent and safeguards.

3) Purposes and Legal Bases

We process data solely for the following purposes:

  • Platform operation and authentication — performance of a contract (Art. 6(1)(b) GDPR) or legitimate interest (Art. 6(1)(f)).
  • Security, troubleshooting, and service improvement — legitimate interest (Art. 6(1)(f)).
  • Responding to enquiries — legitimate interest or consent (Art. 6(1)(f)/(a)).
  • Event organisation and communication — performance of a contract or consent.
  • Photos, audio and video use — consent (Art. 6(1)(a)).
  • Horizon Europe reporting, auditing, and compliance — legal obligation (Art. 6(1)(c)).

You may withdraw consent at any time without affecting processing prior to withdrawal.

4) Data Sharing and Recipients

We do not sell or trade your personal data.

Data may be shared only with:

  • BioClima consortium partners, who are bound by GDPR-compliant agreements.
  • Service providers (processors), such as hosting or IT providers, operating under written data processing contracts.
  • Public authorities or the European Commission, when required for Horizon Europe obligations (e.g., audits, reporting).

5) Cookies and Analytics

We use only essential technical cookies required for authentication and secure session management.
No tracking, profiling, or advertising cookies are used.

Visit statistics are measured using Matomo Analytics, which is self-hosted on BioClima servers and configured without cookies. Analytics rely solely on aggregated server request counts.

6) Data Retention

We retain personal data only as long as necessary for the stated purpose:

  • Authentication/account data: kept for the duration of your access, then deleted or anonymised.
  • Server logs: retained up to 6 months for security.
  • Communication records: kept until resolved and up to 1 year afterwards.
  • Event data: deleted within 1 month after the event.
  • Media (photos/video): retained until consent is withdrawn or material is no longer used.

7) Data Security

We apply appropriate technical and organisational safeguards, including:

  • Secure hosting within the European Economic Area (EEA).
  • Encryption and access control.
  • Limitation of access to authorised personnel.
  • Regular security monitoring and audits.

8) International Data Transfers

Your data is stored and processed within the EEA (European Economic Area). If exceptionally transferred outside the EEA, adequate safeguards will be applied (e.g., Standard Contractual Clauses) and you will be informed in advance.

9) Your Rights

You have the following rights under GDPR:

  • Access to your personal data.
  • Rectification of inaccurate data.
  • Erasure (‘right to be forgotten’).
  • Restriction or objection to processing.
  • Data portability, where applicable.
  • Withdrawal of consent, without affecting prior lawful processing.
  • Complaint to your national supervisory authority (for Czechia: ÚOOÚ).

To exercise these rights, please contact us at [insert contact email].

10) Horizon Europe Project Compliance

As part of the Horizon Europe programme, BioClima processes limited personal data to fulfil obligations such as:

  • Project management, reporting, and auditing by the European Commission.
  • Documentation of participation and dissemination of results.
  • Ethical and data management plan compliance, including pseudonymisation/anonymisation where feasible.

No personal data will be made public unless necessary, lawful, and consented to.

11) Updates

This policy may be updated to reflect legal, technical, or operational changes. The effective date will be revised accordingly, and the current version will always be available on the BioClima website.