GDPR Compliance Statement for Platform for Erasmus Projects (PEP)

• Introduction

  [Your Company Name] is committed to ensuring the protection of personal data and respecting the privacy of all users of the Platform for Erasmus Projects (PEP) website or application (the "Service"). We have implemented measures to comply with the General Data Protection Regulation (GDPR), which is applicable to all companies that process personal data of European Union (EU) residents. This GDPR Compliance Statement outlines our commitment to GDPR and the principles it establishes.

• Data Collection and Processing

  We collect and process personal data only for legitimate purposes, as outlined in our Privacy Policy. The data collected includes, but is not limited to, full name, email address, nationality, institution, field of study, preferred project duration, previous projects, selected interests, and languages. We ensure that we have a lawful basis for processing personal data, including obtaining consent from users when required.

• Data Minimization

  We only collect and process the necessary personal data required for the specific purposes outlined in our Privacy Policy. We do not collect or store excessive amounts of data, and we review our data collection processes regularly to ensure compliance with data minimization principles.

• Data Accuracy

  We take reasonable steps to ensure that the personal data we collect and process is accurate, complete, and up-to-date. Users have the right to access their personal data and request corrections or updates as needed.

• Data Retention

  We store personal data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in our Privacy Policy. We regularly review our data retention policies and practices to ensure compliance with GDPR requirements.

• Data Security

  We implement appropriate technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include, but are not limited to, secure data storage, access controls, encryption, and security training for our employees.

• Data Subject Rights

  We respect the rights of data subjects under GDPR, including the right to access, rectify, erase, restrict processing, and data portability. Users may exercise their rights by contacting us at [Your Company Email].

• Data Breach Notification

  In the event of a personal data breach, we will promptly notify the relevant supervisory authority and affected data subjects, in accordance with GDPR requirements.

• Data Protection Officer

  We have appointed a Data Protection Officer (DPO) responsible for overseeing our GDPR compliance efforts. If you have any questions or concerns about our data protection practices, you may contact our DPO at [DPO Email Address].

• Third-Party Data Processors

  We ensure that any third-party data processors we engage are GDPR compliant and maintain appropriate security measures to protect personal data. We enter into data processing agreements with such third parties, as required by GDPR.

• International Data Transfers

  In cases where personal data is transferred to countries outside the EU, we ensure that adequate safeguards are in place to protect the data in accordance with GDPR requirements.

• Conclusion

  [Your Company Name] is committed to GDPR compliance and the protection of personal data. We continually review and update our data protection policies and practices to ensure alignment with GDPR principles and requirements. If you have any questions or concerns about our GDPR compliance, please contact us at [Your Company Email].