Privacy Policy

The Escape Consortium underlines the importance of protecting data and aims to handle data in a careful and responsible way such that the privacy of visitors of the website www.escapepandemics.com is protected.

In this privacy policy, we inform you how we deal with your personal data, what is the purpose of this data and to what extent these will be used in accordance to the EU Regulation on General Data Protection. We will also clarify how you can make use of your right to modify or delete the data at any time.

Responsibility and accountability

This website is operated by Universiteit Hasselt as coordinator of the ESCAPE project with its head office located at Martelarenlaan 42, 3500 Hasselt, Belgium.

You can contact us via email: dpo@uhasselt.be for any question regarding your privacy.

This website is part of a consortium agreement between the following partners, each of which acts as a joint Data Controller within the meaning of applicable privacy laws :

Universiteit Hasselt (BE)
Universiteit Antwerpen (BE)
Rijksinstituut voor Volksgezondheid en Milieu (RIVM) (NL)
Instituto per l’Interscambio Scientifico (IT)
Institut National de la Santé et de la Recherche Médicale (FR)
Insitutio Nacional de Saude Dr. Ricardo Jorge (PT)
London School of Hygiene & Tropical Medicine (UK)
Universität Bern (CH)

The purpose of the consortium is to improve the efficiency and scalability of early pandemic control plans by providing evidence-based guidelines, standardised research protocols, retrospective insights and digital solutions that will support scientists in producing and integrating evidence and inform health authorities in making decisions to avert or reduce disease burden and societal burdens. The project will provide knowledge and tools that will improve Europe's preparedness for a pandemic of pathogen X. Moreover, the project will help promote a multi-stakeholder intelligent community that will enable better knowledge sharing and collaboration between policy makers, the scientific community, the media and the public, enabling a much more effective response to future pandemics.

The protection of your Personal Data is of importance for Universiteit Hasselt, the ESCAPE consortium and its affiliates (together hereinafter “ESCAPE”) and we treat your privacy with utmost care.

We have established this Privacy Notice to explain to you how ESCAPE treats your Personal Data. The Privacy Notice applies to the Personal Data that you provide and that we process about you as a natural person when you visit our website and register for our newsletter.

Which Personal Data do we collect when you visit our website?

We process the Personal Data that you provide to us when you interact with us via this website by completing and sending us a contact or request form or when registering for our newsletter. These Personal Data include:

Identity data you provide (surname, first name, email address, occupation, etc.).
Any other Personal Data that you may include in a contact or request form.

Like almost every website, our website also uses cookies. Some of these are necessary to make your website visit possible, other allow us to optimize your browsing experience or the way we interact with you. Find out more about our cookies in our cookie policy.

Why do we collect your Personal Data?

Depending on your relationship with us (e.g. website visitor, business contact, job applicant, etc.), we might process your Personal Data based on the purposes and legal bases described hereunder:

Who are you?	Purposes of processing	Legal basis
Website visitor	Subscribe you to our newsletter	Your consent to receive the newsletter expressed by submitting the subscription form.
Website visitor	Process your requests submitted through our contact form	Your consent expressed by submitting the contact form.

With whom do we share your Personal Data?

ESCAPE will provide access to or share Personal Data between ESCAPE consortium partners and on an as-needed basis with third parties, such as trusted service providers, consultants and contractors who are granted access to ESCAPE consortium partners' facilities and systems or which provide services to ESCAPE consortium partners, and with government agencies or authorities, competent courts and others as required by law or if it is necessary to fulfill your request.

Third party service providers include IT services and website hosting companies, (internet) connectivity providers, provider of data analytics (Google) and tracking services, providers of press release and newsletter distribution networks, as well as service providers that provide technical and administrative support for the Website and underlying IT systems. These service providers provide their services from lo-cations within and outside of the European Economic Area (“EEA”), including the USA.

ESCAPE will only share your Personal Data with third parties whom ESCAPE has contractually restricted from using or disclosing the Personal Data except as necessary to perform services on our behalf or to comply with legal requirements.

What if your Personal Data is transferred outside the European Economic Area (EEA)?

ESCAPE may need to transfer your data to countries outside the EEA, where the privacy protection is less developed, including the USA.

ESCAPE relies on available legal mechanisms to enable the legal transfer of Personal Data across borders. To the extent that ESCAPE relies on the Standard Contractual Clauses (also called the Model Clauses), to authorize the transfer of Personal Data, ESCAPE will comply with those requirements, including where there may be a conflict between those requirements and this Privacy Notice.

In the absence of the aforementioned appropriate safeguards, ESCAPE may where permitted by applicable data protection laws (including the GDPR) rely on a deroga-tion applicable to the specific situation at hand (e.g. the data subjects’ explicit con-sent, the necessity for the performance of an agreement, the necessity for the defense of legal claims).

How do we secure your Personal Data?

We use reasonable and appropriate technological and operational security measures to keep your Personal Data protected against any unauthorized access or unlawful use. Such measures include:

Ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption where necessary;
Ensuring the physical security of our offices and other sites;
Maintaining a data protection policy for, and delivering data protection training to, our employees; and
Limiting access to your Personal Data to those at ESCAPE who need to use it in the course of their work.

However, due to the nature of internet communications, we cannot guarantee or warrant that the transmission of your Personal Data to us is secure.

For how long do we keep your Personal Data?

The Personal Data you provide to ESCAPE is only kept for as long as it is reasonably necessary for the purposes for which it is collected, taking into account our need to comply with contractual obligations, resolve customer service issues, comply with legal requirements and provide new or improved products and services to users. This means that we may retain your Personal Data for a reasonable period after you stopped using the escapepandemics.com website. After this period, your Personal Data will be deleted from all systems of ESCAPE without notice.

What rights can you exercise?

Based on the applicable Belgian and European privacy legislation, and provided that you meet the requirements set by this legislation, you can contact us to exercise the following rights:

Withdrawing your consent for the Processing of your Personal Data, to the extent that the Processing of your Personal Data was initially based upon your consent.
Seeking access to, correcting, deleting or restricting your Personal Data.
Objecting to any Processing for direct marketing.
Objecting to any Processing based on our legitimate interest.
Seeking the portability of your Personal Data, which you have communicated to us and that we have Processed.
Lodging a complaint with the supervisory authority in the European member state of your habitual residence, your place of work or the alleged infringement of applicable data protection legislation.

You can send your requests to exercise your above mentioned rights, together with evidence of your identity, by email at dpo@uhasselt.be or by post to Universiteit Hasselt, Data Protection Officer, Martelarenlaan 42, 3500 Hasselt.

We will examine the admissibility of your request based on the applicable Belgian and European privacy legislation. We will then inform you, in principle within a month, if we can answer positively to your request.

Third party applications and websites

This Website contains links to other websites operated by third parties, including but not limited to certain social media sites such as Facebook, Twitter, Linkedin, YouTube, etc. This Policy does not apply to any website, other than this one. Third party websites are governed by their own terms and conditions. You should therefore always carefully check the privacy and cookie policies of third party websites before accepting to be redirected to them.

We also display social media buttons on our Website. When you click on any of those buttons, your personal data may be transferred to these companies and they may also set cookies or other tracking technologies on your browser. The privacy policies and terms of use of each of those companies govern the collection and use of your personal data when you click on their buttons on our Website.

Prior to installing third party cookies or enabling you to click through to a third party website, we will have requested your consent to do so. Where consent was not given, the cookies will not be installed and the click through to third party websites will only occur after a pop-up notifying you that you are leaving the ESCAPE space and requesting whether you wish to continue.

Notice for parents, guardians and children

Our website is intended for visitors who are at least 18 years of age, or the age of majority in their jurisdiction of residence. Universiteit Hasselt as coordinator of the ESCAPE project does not knowingly solicit information from or market products or services to children. If you do not meet the age requirements set out above, please do not enter your Personal Data on this website.

How may ESCAPE change this Privacy Notice?

As ESCAPE expands and improves its website, or as legal requirements change, we may need to update this Privacy Notice. This Privacy Notice may be modified from time to time without prior notice. We encourage you to review this Privacy Notice on a regular basis for any changes. The date of the latest version will be identified at the bottom of the Privacy Notice.

Do you have any questions?

If you have any questions about this Privacy Notice or data protection at ESCAPE, you can contact our Data Protection Officer either by mail:

Universiteit Hasselt (Attn. Data Protection Officer)

Martelarenlaan 42

3500 Hasselt

Belgium

or by e-mail at dpo@uhasselt.be

You also have the right to lodge a complaint with the supervisory authority in the European member state of your habitual residence, your place of work or the alleged infringement of applicable data protection legislation:

In Belgium, the Supervisory Authority is:

Belgian Data Protection Authority
Rue de la Presse 35 / Drukpersstraat 35
1000 Bruxelles / 1000 Brussel

Tel. +32 2 274 48 00

Fax +32 2 274 48 35

contact@apd-gba.be
www.dataprotectionauthority.be

Glossary

Here you can find an explanation on the terms used above in the Privacy policy:

Cookies are small text files that websites place on your device as you are browsing. They are processed and stored by your web browser. In and of themselves, cookies are harmless and serve crucial functions for websites.
Data Controller means Hasselt University as coordinator of the ESCAPE project, to the extent that we determine the purposes and means of the processing of your Personal Data.
Personal Data is information through which a natural person is identifiable or may be identified. Hasselt University collects, uses and processes your Personal Data in order to provide you with services, products or information that you request.
Portability: The right to data portability allows you to obtain data that a data controller holds on you and to reuse it for your own purposes. The data must be received “in a structured, commonly used and machine-readable format”.
Processing means everything we do with your Personal Data as further explained in this Privacy Notice. It may include actions such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Standard Contractual Clauses: The European Commission can decide that standard contractual clauses offer sufficient safeguards on data protection for the data to be transferred internationally. It has published sets of such standard clauses covering different transfer scenarios.

Applicable Privacy laws

Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation” or “GDPR”), GDPR as it forms part of the law of England and Wales (“UK GDPR”) and the Swiss Federal Act on Data Protection (“nFADP”)