Protection of personal data

Confidentiality and protection of personal data

The Executive Unit for the Financing of Higher Education, Research, Development and Innovation (UEFISCDI) protects the confidentiality of personal data (PD) brought to its knowledge. Within this fundamental obligation, UEFISCDI undertakes to protect and properly use personal data that have been collected through its websites / platforms.

Our intention is to collect only the personal data that are minimally necessary in order to be able to carry out the activities of UEFISCDI in optimal conditions so that we can offer you services according to your expectations.

Please read this section to learn more about how we collect, use, transmit and protect the personal data we have obtained.

Principles

UEFISCDI's privacy policy is based on the following principles:

  • The processing of personal data is done legally, fairly and transparently
  • The collection of personal data is done for specific, explicit and legitimate purposes; personal data are not being subsequently processed in a way incompatible with these purposes
  • Personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
  • Personal data are accurate and updated if necessary
  • Personal data are kept in a form that allows identification only for the period necessary to fulfill the purposes for which the data are processed
  • Processing is carried out in a way that ensures adequate security of personal data, including protection against unauthorized or illegal processing and against accidental loss, destruction or damage, by taking appropriate technical or organizational measures.

The reasons for which personal data are processed by UEFISCDI are technical implementation, financial implementation (payment) and monitoring for the National Plan for Research-Development and Innovation for the period 2015 - 2020 (PNCDI III) as well as other national and international funding mechanisms / instruments, reporting, debt recovery, as well as ex-post monitoring for financing instruments previously developed by UEFISCDI, in accordance with Order no. 5804 of November 23, 2016 on the approval of the Regulation on the organization and functioning, the list of positions and the organizational chart of the Executive Unit for Financing Higher Education, Research, Development and Innovation. Thus, the data processing is performed for the following purposes, without being limited to them (according to the specific indications in the information packages):

  • receiving funding applications
  • verification of funding applications
  • selection of funded projects
  • establishing contractual obligations
  • approval to start financed projects
  • conducting field visits
  • verification of the award procedures performed by the beneficiaries
  • reporting on the progress of measures
  • authorization of payment to beneficiaries
  • making payment to beneficiaries
  • recording payment commitments and payments
  • IT management of payments made to project beneficiaries
  • information and promotion of financing instruments
  • evaluation of the bids submitted within the award procedures
  • carrying out contracts for the purchase of services, goods or works

The basis for processing consists of the application for financing, the financing contract, supply or service and the applicable legal provisions. Thus, in order to facilitate the development of activities related to the financing application, the financing contract, supply or provision and in order to fulfill the legal obligations, we communicate these data to public authorities, third parties or proxies.
We also process personal data for the purpose of informing and promoting the services offered by UEFISCDI and the events we organize, the basis of which is your consent.

Please note that the information collected is intended only for use by UEFISCDI and is communicated only to the following categories of recipients: third party providers directly or indirectly involved in the processes related to the above mentioned purposes (IT service providers, consultancy service providers, etc.), public authorities empowered by law or with which UEFISCDI has concluded collaboration protocols in order to fulfill the specific tasks conferred by European and national legislation, as well as the European Commission, in order to monitor and control the financing programs carried out by UEFISCDI.
Your data may be transferred abroad to the European Commission in accordance with applicable European law.

Depending on the purpose pursued, UEFISCDI processes the data of the following categories of persons:

  • representatives (individuals) of applicants and beneficiaries of national and international funds who submit projects to UEFISCDI
  • representatives (individuals) of team members, beneficiaries of national and international funds involved in projects at UEFISCDI
  • representatives (natural persons) of the providers or providers of services, goods or works, directly or indirectly involved in the contractual relations with UEFISCDI
  • media representatives
  • representatives (individuals) of public and private partners involved in the implementation of NRDP

We mention that, in order to determine the period for which personal data will be processed and stored, we take into account the contractual duration until the fulfillment of the contractual obligations and the purpose, the archiving deadlines provided by the relevant legal provisions, and the period of national and international programs. funded by UEFISCDI.

The personal data collected during the funding process of each competition (submission, evaluation, contracting monitoring) are specifically mentioned in each information package for each competition, depending on the objectives of the funding instrument and the objectives of reporting and monitoring.

Collection and use of Personal Data

We obtain personal data about you as a result of:

  • participation in the project competitions we run
  • attendance at events organized by us
  • registration in the platforms we manage
  • collaboration in various UEFISCDI projects, campaigns and initiatives
  • other situations concerning institutional activity

Once you have registered and / or submitted personal data on our platforms / event registration / participation forms, you have also agreed to their use, and we undertake to maintain their confidentiality. Your personal data is not used for any purpose other than if we obtain your permission or if it is required by lawful institutions.
UEFISCDI collects confidential personal information when it is necessary or permitted to collect such information by law. You are under no circumstances to provide information to UEFISCDI unless you agree to the lawful use of UEFISCDI and the transfer and storage of such information in UEFISCDI databases. If you wish to know whether the provision of confidential information to UEFISCDI is or may be necessary or appropriate for certain specific purposes, please contact UEFISCDI at the address below.

Automatic PD collection

In some cases, UEFISCDI automatically collects certain types of information when you visit the website or register / create accounts on our platforms or through the e-mails you send to our contact addresses. Automated technologies may include the use of web server-generated log files to collect IP addresses, cookies, and web beacons. The collection of this information will allow us to better understand and improve the performance, level of use and efficiency of the UEFISCDI website and platforms and to measure the efficiency of our dissemination activities.

IP addresses

An IP address is a number assigned to your computer whenever you access the Internet. It allows computers and servers to recognize and communicate with each other. The IP addresses from which visitors appear to come can be registered for IT security and system diagnostics. This information can also be used in a consolidated form to analyze the trend and performance of the website.

Cookies

A "cookie" is short text that a website enters into your browser's cookie file and allows the site to remember who you are. Cookies cannot be used to run programs or introduce viruses on your computer. UEFISCDI uses cookies only in accordance with applicable laws. Cookies alone do not tell us your email address or otherwise identify you personally. If you visit the UEFISCDI website, we use cookies to achieve consolidated statistics that help us determine which domains of the site are preferred by the visitor. You have the option to accept or not cookies. You can configure your browser to inform you when you receive a cookie or to reject it. But you should know that If you do not accept cookies, you may not be able to fully access all the features of our website.

Web beacons

A web beacon is a small image file within a web page that can be used to collect certain information on your computer, such as your IP address, when the content was visited, the type of browser, and the existence of cookies previously installed by the same server. UEFISCDI uses web beacons exclusively in accordance with applicable laws. UEFISCDI or its service providers may use web beacons to track the effectiveness of third-party websites that provide us with recruitment or marketing services or to compile consolidated visitor statistics and manage cookies. You have the option to make some web beacons unusable by rejecting the associated cookies. The beacon web file may still record an anonymous visit from your IP address, but the information provided by the cookie will not be recorded. In some of our communications, we may confirm a recipient's email address through links embedded in messages. We collect this information to measure user interest and to facilitate future user information.

PD transmission and transfer

We do not disclose personal information to unaffiliated third parties, unless this is necessary for our legitimate institutional needs, to meet your requests and / or if required or permitted by law or professional standards. In some cases, UEFISCDI may also forward personal data about you to other funding agencies. In addition, UEFISCDI may transfer certain PD beyond geographical borders to other agencies, which work with us, in compliance with the international conditions for respecting the confidentiality of PD. UEFISCDI does not sell PD to any third party. UEFISCDI will also not transfer PD provided by you to third parties for marketing purposes.

Options

You have several options regarding the use of our website. You are not required to provide any personal data when you visit our website. If you opt for an electronic newsletter, you will only be asked for an e-mail address, with the possibility of unsubscribing at any time, following the instructions included in each communication. As specified above, if you wish to prevent cookies from tracking you as you browse our website, you may reset your browser to refuse all cookies or to indicate the transmission of a cookie. You should note, however, that if you choose to decline the presence of cookies, certain parts of our website may not operate at normal parameters.

We offer you the possibility to select from a range of topics the ones you are interested in. In the Newsletter Options section, placed under the Account information button, you can customize the type of information you want to receive from the platform by choosing from: BrainMap new features, News for reviewers, New calls for project proposals (R&D, innovation, higher education, other), News about the ministry advisory councils, Open Science / Open Access, Events on higher education, R&D, innovation, Public consultations, Surveys.
The information contained in this newsletter is provided by us as a service/promotion to its users. We try to provide you quality and useful information, we do not guarantee of results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance for a particular purpose.

Children

UEFISCDI understands the importance of protecting the confidentiality of personal data about children, especially in an online environment.

Access

If you have sent personal data to UEFISCDI, you have the right to reasonable access to such data to rectify any inaccuracies or subsequent changes. You can also make a request to update or delete the information about you by contacting protectiadatelor@uefiscdi.ro, and we will make all reasonable and practical efforts to respond promptly to your request, as long as it complies with applicable laws and professional standards as well as transparency rules in accessing funds through funding mechanisms developed by UEFISCDI.

Data security and integrity

UEFISCDI has implemented and is implementing / updating reasonable security policies and procedures to protect personal information against loss, misuse, alteration or unauthorized destruction. To the greatest extent possible, access to your personal data is strictly limited to those people who need to know it. The persons who have access to these data maintain their confidentiality according to the UEFISCDI Code of Ethics. We will also keep the personal data only for as long as is necessary to comply with a person's request or until that person requests their removal, but taking into account the legal deadlines in force.

Links to other websites

We would like to inform you that the UEFISCDI website contains links to other websites, which are not governed by this Privacy Statement, but by other privacy statements that may be different. We encourage users to review the privacy policy of each website they visit before disclosing personal information.

Changes to this policy

UEFISCDI may amend this Privacy Statement to reflect our current practices in this area. When we make changes to this statement, we will change the date the information was updated at the top of this page. We recommend that you periodically re-read this Privacy Statement to find out how UEFISCDI protects your information.

The GDPR Regulation offers the user a number of rights, which we briefly present below:

  • the right to information and access to personal data, on the basis of which confirmation can be obtained from us that we process or not personal data, having access to those data and information on the methods and purposes of their processing
  • the right to rectification of data, which may be exercised in order to obtain, without undue delay, the rectification of inaccurate data or the completion of personal data which are incomplete
  • the right to delete data (the right to "be forgotten"), by virtue of which the deletion of personal data can be obtained, without undue delay, for one of the following reasons:
    • i.the data are no longer necessary for the purpose for which they were collected or processed;
    • ii.the user withdraws his/her consent and there is no other legal basis for the processing;
    • iii.the user opposes the processing and there are no legitimate reasons prevailing with regards to the processing;
    • iv. personal data have been processed illegally;
    • v. personal data must be deleted in order to comply with a legal obligation;
    • vi. personal data have been collected in connection with the provision of information society services.
  • the right to restrict the processing may be exercised in the following situations:
    • i. when the accuracy of the data is contested, for a period that allows us to verify their correctness;
    • ii. the processing is illegal and the user opposes the deletion of the data, instead requesting the restriction of their processing;
    • iii. we no longer need personal data for the purpose of processing, but the user requests them to establish, exercise or defend a right in court;
    • iv.when the user opposes the processing for reasons related to his/her particular situation, for the period of time in which it is verified whether the legitimate rights of the operator prevail in this case.
  • the right to object, under which the user may object to the processing of personal data, including the creation of profiles, on grounds relating to his/her particular situation, in cases where the processing is necessary to perform a task in the public interest, when it takes place for the purpose of the legitimate interests pursued by us or by a third party. In such cases the processing will be done only if it is justified by legitimate and compelling reasons, which prevail over the interests, rights and freedoms of the user, or when the purpose of the processing is to establish, exercise or defend a right in court.
  • the right to data portability, which allows the user to receive personal data concerning him and which he has provided in a structured, commonly used and automatically readable format and to transmit this data to another operator, under the conditions where the processing is based on consent or a contract and is carried out by automatic means.

Under this right, personal data concerning the user may be transmitted directly from one operator to another where this is technically feasible.

Changes regarding they privacy policy

This personal data privacy policy may be updated as a result of changes in the relevant legislation in the field or changes in the structure and functions of the Application. In the event of changes to the personal data processing policy, users will be notified by e-mail and / or notifications within the application before the changes take effect.
We encourage users to check this page regularly to keep up to date with our latest personal data processing practices.

Questions regarding the privacy policy and its application

UEFISCDI is committed to protecting the online privacy of your personal data. If you have questions or comments on how we manage your personal data, please contact us at protectiadatelor@uefiscdi.ro. You may also use this address to send us any questions regarding compliance with our Online Privacy Statement.
Wherever terms such as UEFISCDI, us, ours and us / us appear on this website , they refer to the Executive Unit for the Financing of Higher Education, Research, Development and Innovation.

Terms and definitions

Personal data: any information about an identified or identifiable natural person, directly or indirectly, in particular by reference to an identifying element, such as a name, an identification number, location data, an online identifier , or to one or more specific elements, proper to his physical, physiological, genetic, mental, economic, cultural or social identity.
Processing: any operation or set of operations performed on personal data or personal data sets, with or without the use of automated means, such as the collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or provision in any other way, alignment or combination, restriction, deletion or destruction.
Consent: any specific, informed and unambiguous manifestation of free will by the user, by which he accepts, via a statement or some unequivocal action, that the personal data concerning him be processed.
User: A person, with full capacity to exercise, aged at least 18 years, who expresses his consent to the use of PD registered with UEFISCDI.
Supervisory authority: an independent public authority established by a Member State under Regulation (EU) 2016/679.

[T: 0.1786, O: 89]