Augmented Reality system for Law Enforcement Agent

Privacy Policy

Privacy

Personal Data Protection

Thank you for visiting the DARLENE website. This is the DARLENE website privacy policy.
This privacy policy is part of the DARLENE website Terms of Use and solely concerns processing of personal data within the DARLENE project due to the operation of the website. This covers personal data that you provide us with through the website, and the personal data that you see on our website.
We are committed to processing personal data responsibly, securely, and proportionately throughout our activities in compliance with the EU General Data Protection Regulation (GDPR) 679/2016.

  • Personal Data: Personal Data is any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, indicatively by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • Personal data breach: Personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.
  • Controller: Controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • Processor: Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
  • Processing: Processing is any operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Third party: Third Party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
  • Consent: Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

DARLENE is a research project within the Horizon 2020 Programme, running from September 2020 to August 2023. This research project aims to investigate means by which Augmented Reality (AR) can be deployed in real time to aid in Law Enforcement Agencies (LEAs) decision-making. By combining AR capabilities with powerful Machine Learning algorithms, sensor information fusion techniques, 3D reconstruction, wearable technology and personalised context-aware recommendations, DARLENE aims to offer European LEAs a proactive security solution to reduce and prevent crime.

If you contact us through the website, we will collect your full name, your contact details such as and the message you provide us with. We will not collect metadata that you do not expressly provide us with (e.g., IP/MAC addresses).
The content we upload or otherwise make available through the website might contain personal data, such as the names of our researchers and their work.
The data you provide us through this website to subscribe to our newsletter will be collected and processed by eBOS Technologies Limited who can be contacted at info@ebos.com.cy. The data you provide us with when subscribing to our contact list is collected and processed by Trilateral Research Ltd who can be contacted at darlene@trilateralresearch.com. The data you provide for either the newsletter and/or the contact list will be processed solely for the purposes of the DARLENE project.

For the personal data received through the contact form, we declare that the following lawful basis of our processing are embraced:

  • Consent (Art.6.1.a of the GDPR) – When you consent directly to the processing of your personal data, for example, when you subscribe to our newsletter. If you provide us with sensitive personal data, falling within Art. 9 of the GDPR (such as dietary requirements for an event), we will process it with your explicit consent (in line with Art. 9.2.a of the GDPR).

For other types of personal data we communicate through the website, the following lawful bases of our processing are embraced:

  • Consent (Art.6.1.a of the GDPR) – When we have received consent to publish personal data – e.g., a blog post from one of our researchers.
  • Legal obligations (Art.6.1.c of the GDPR) – We may process personal data in order to meet a legal obligation, e.g., promoting project results to multiple audiences, including the media and the public.
  • Legitimate interests (Art.6.1.f) – We process personal data when it is necessary for us to achieve the following legitimate interests (as long as they are not overridden by the data subject’s interests):
    • Enhancing our research delivery, by providing information about DARLENE’s activities on the website
    • Undertaking dissemination activities such as the DARLENE newsletter
    • Sending invitations and providing access to guests attending our events and webinars
    • Monitoring the activity on this project website

We take reasonable security measures to protect your personal information at any times. For this reason, we have put in place technical and organisational security policies and procedures to protect personal data (name/surname/e-mail) from loss, misuse, alteration or destruction. We follow international standards and practices to ensure the security of our networks. Wherever possible, we ensure that access to your personal data is password-protected. We encrypt EU-classified data and such data are restricted only to a limited number of individuals who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information. We install and regularly update all security and anti-virus software in use on all of our systems. Nevertheless, the security of data transmitted over the Internet cannot be completely guaranteed. We monitor our systems for possible vulnerabilities and attacks.

Please note that the DARLENE consortium is conducting a data protection impact assessment (in line with Art. 35 of the GDPR) over the duration of the project, wherein the consortium will identify and assess any ethical or data protection risks and find solutions to overcome any such risks.

We process your personal data only for as long as necessary to serve the respective purpose of processing. In addition, we are subject to various storage and documentation obligations, including those arising from the European Commission and related to Horizon 2020 rules and procedures. These obligations can apply for up to 5 years after the project has finished (unless further retention is requested by the EU auditors).

As the records and documentation containing personal data have been collected within the delivery of a European Commission project, we expect that the Commission will process it in compliance with Regulation No 2018/1725 on the protection of natural persons with regard to the processing of personal data by Union institutions, bodies, offices and agencies. After the expiry of the retention period, and unless further legitimate grounds for retention arise, we will dispose of personal data in a secure manner.

All partners will treat information received from other partners as confidential and will not disclose it to third parties, unless it is obvious that the information is already publicly available or there is a legal obligation to do so. Your personal data will also not be sold to third parties. The partners are expected to impose the same obligations on their employees and suppliers.
We may occasionally share personal data with trusted third parties, such as those listed below, to help us deliver efficient and quality services. When we do so, we will ensure that recipients are contractually bound to safeguard the data we entrust to them before we actually share the data. We may engage with several or all of the following categories of recipients:

  • Parties that support us as we provide our services (e.g., cloud-based software services such as Dropbox, Microsoft SharePoint, Google Analytics, BlueHost, Mailchimp)
  • Our professional advisers, including lawyers, auditors and insurers
  • Payment service providers
  • E-mail management services (e.g., Moosend)
  • Law enforcement or other government and regulatory agencies (e.g., tax authorities) or other third parties as required by, and in accordance with, applicable law or regulation
  • The European Commission when we are required to do so in relation to our work within H2020 projects.

By default, we store personal data on servers located in the EU. However, we may also transfer personal data to reputable third-party service providers, notably SharePoint, who may be located outside of the EU.
Wherever such personal data transfers are based on Standard Contractual Clauses within the meaning of Commission Decision 2010/87, we are keeping track of their validity, especially in the light of any national Data Protection Authority decisions on the matter and in line with the European Court of Justice (CJEU) decision in Case C-311/18 DPC v Facebook Ireland and Maximilian Schrems.

As a data subject, you can exercise the rights outlined in this section of the privacy policy. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your data subject rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make an initial request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.

You have the right to withdraw your consent for the processing of your data at any time and without suffering any consequences (in accordance with Article 6(1) of the GDPR). If you would like us to cease processing your data, you can let us know by sending an email request to info@darleneproject.eu. In such case, the data we have collected from you will no longer be used for DARLENE and will be erased, unless you agree that your personal data can be used for the purposes of the project after being thoroughly anonymised.

Furthermore, you have the right to access, to rectify, to erase, to restrict the processing, the right to data portability and the right to object (according to Articles 15 -22 of the GDPR). In practice, these are implemented through an email request to info@darleneproject.eu Note that the exertion of some rights (e.g. the right to object) may require provision of further information to allow identification of the data subject. Also note that, since a legal basis for the processing of personal data in the DARLENE project is Art. 6.1.f of the GDPR, you have the right to object to processing of personal data concerning him or her unless the DARLENE consortium demonstrates compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

You are also legally entitled to lodge a complaint with a supervisory authority (Article 77 of the GDPR). A list of national supervisory authorities can be found here.

We aim to keep the information that appears on the DARLENE website as complete and up to date as possible. If errors are brought to our attention, we will take all reasonable steps to make any necessary corrections within a reasonable time. Please be aware that the information published on our website is for informational purposes only. None of the information contained on the website constitutes legal or professional advice, nor can we accept responsibility for how it might be used, and we are not responsible or liable for any errors or omissions in any of the information provided on the website. We cannot be held liable for any direct or indirect damage that may result from use of this site. Links to other websites are provided in good faith and for information only. A link to another website does not mean that we endorse or accept any responsibility for the content or use of such website.

While we take all possible steps to minimise disruption caused by technical errors and cybercrime (e.g. hacking or phishing), we cannot guarantee that our website will not be interrupted or otherwise affected by such problems. Please note that access may be suspended temporarily and without notice in the case of system failure, website maintenance or repair or for reasons beyond our control.

The use of our website is governed by the law of Cyprus. Any dispute arising from or related to the use of this website shall be subject to the non-exclusive jurisdiction of the Cypriot courts.

Our websites may contain links to other sites, including the sites of the consortium partners, which are not governed by this privacy policy. Please review the destination websites’ privacy policies before submitting personal data on those sites. Whilst we try to link only to sites that share our standards and respect for privacy, we are not responsible for the content, security or privacy practices employed by other sites.

The DARLENE consortium may regularly review this privacy policy. We will post any updates to it on this webpage. You are advised to review this privacy policy periodically for any changes. This privacy policy was last updated on 13th of October 2020.

If you have any concerns as to how your data is processed, you can contact us by e-mail at
info@darlene-project.eu.