Privacy policy

Introduction

This text sets out information about the privacy policy that applies to all users who access or visit e-vote-id2024.org (hereinafter the website or this website) by means of any device. This is a complementary text to the legal notice and other legal texts on policies that may exist on this website.

This website does not request personal data from users without their knowledge and express consent, nor does it share data with third parties.

Data controller

In compliance with Organic Law 15/199, of 13 December, on the Protection of Personal Data, and Regulation (EU) 2016/679 of 27 April 2016 (GDPR), we hereby inform you that Fundació URV (hereinafter, the data controller) is responsible for the processing of personal data, stored and managed in one or more automated files under the guardianship and ownership of the data controller.

Purpose of the data

Users' personal data are used to maintain an informative relationship with them. Only if the user has given their consent, they will also be used to send them commercial information about products or services that may be of interest to them.

For each user of this website, data relating to their browsing, such as IP address, login, operating system, browser, time of use or viewing preferences, may be automatically saved for statistical purposes and/or to facilitate the browsing of these persons.

Legitimation of data

Data processing is carried out for the fulfilment of legal obligations on the part of the controller, as well as when the purpose of the processing requires your consent, which must be given by means of a clear affirmative action.

Data retention

The personal data of users shall be kept for the time necessary to enable the functions or needs for which they were intended, for as long as there is a mutual interest in maintaining this relationship between the user and the website or the products and services offered by the data controller, or until the files that keep them expire.

Deletion of data

The deletion of personal data, by express request, expiry or termination of the activity, shall be carried out, taking the necessary security measures to guarantee its total destruction.

Sharing to third parties

The data controller informs that no personal data is shared with third parties and that, in case of sharing, it will be done with the express consent of the person concerned. Exceptions to this are the legal requirements of the Ombudsman, judges and courts.

The data relating to the browsing of the users of this website are stored and managed by means of computer tools owned by the person responsible, thus avoiding sharing them with third parties.

Data rights

Users may, at any time, exercise their ARCO rights (access, rectification, cancellation and omission), as well as the right to the portability and forgetting of their personal data, by proving their identity and contacting the data controller by post to C. de l’Escorxador s/n, 43003 (Tarragona) or by email to the address [email protected].

The data controller shall comply with its obligations with a prudent margin of time, in order to make it possible to comply with the requested requirements in a firm and effective manner. In the event of considering that the processing of personal data does not comply with the regulations in force, users may contact the supervisory authority (AEPD) to file a complaint.

Commitments

Users undertake to ensure the truthfulness and accuracy of the data provided in the fields of the web forms, and expressly, freely and unequivocally declare their agreement by ticking the checkboxes without which no form can be processed. The responsible party will always assume that users comply with this commitment.

Users of this website accept the application of this privacy policy, in force at all times. Given the impossibility of informing or notifying in a particular way about new changes in this policy, users undertake to review it before using the website again, avoiding such use in the event of non-compliance with the policy in force at that time.

The data controller, as the party responsible for the personal data, undertakes to use the necessary means within its power to guarantee the confidentiality of the data and its appropriate use, complying with the current GDPR and LOPD regulations and specifically with the principles described in article 5 of the GDPR and article 4 of the LOPD, whereby the data are processed in a lawful, fair and transparent manner in relation to the data subject, with an appropriate, relevant and limited use to the necessary use and the purposes for which they were collected.

The data controller undertakes to implement adequate and updated organisational systems, techniques and resources to apply the security measures established in the GDPR and the LOPD, in order to protect the rights and freedoms of users regarding their data.

Cookies

Find all the information about cookies, what they are, what types there are, what cookies are used and how they can be disabled in the cookies policy on this website.

Use of IP

An IP address is the number that the provider of the internet service that the user assigns to his modem in a fixed or dynamic way (whereby the number may vary). This number does not, by itself, necessarily identify the user connecting.

The server(s) where this website is hosted automatically detects the IP address of each access, and this number is recorded in a file with the activity carried out, together with the date, time and web information linked to each interaction.

This information is saved temporarily, with the aim of detecting errors and obtaining statistical information about the pages visited, the order of visits, the origin of access, etc. Web server logs are deleted at a time determined by the Linux operating system. Regarding statistical use, the IP is anonymized, hiding the last 3 figures, while the data linked to the IP that can be associated (location, device, browser, resolution, etc.) is eliminated after 30 days, retaining only the statistical information. resulting.

Tracking exclusion

To comply with user rights, a form is provided below to exclude browsing data from any record for statistical purposes.

Applicable law and jurisdiction

The applicable law in the event of any dispute or conflict of interpretation of this privacy policy, as well as any question related to the privacy and treatment of personal data on this website, shall be Spanish law. For the resolution of any conflict that may arise, users agree to submit to the courts and tribunals closest to the domicile of the responsible party.

Organizers

Karlsruhe Institute of Technology
Kozminski University
University of Luxembourg
Universitat Rovira i Virgili

Sponsors

Port of Tarragona
KASTEL Security Research Labs