Privacy Policy

1. Privacy Notice Pursuant to Article 13 of Regulation (EU) 2016/679

The content of this website is produced under the ALLIES project, which has received funding from the ISF (Internal Security Fund)

  1. Data controller and Data protection officer

LAW AND INTERNET FOUNDATION, PIC 996838155, established in 54 Balgarska Morava Str., Fl. 7, Sofia 1000, Bulgaria, VAT number: BG130511877, as Data Controller (“Data Controller”), will process your personal data collected in this website, operated by the partner SYNYO (SYNYO GmbH – Otto-Bauer-Gasse 5/14 – 1060 Vienna, Austria Phone: +43 1 9962011 DPO Email: contact@synyo.com) that has been appointed as Data Processor. The Data Controller has appointed a Data Protection Officer (“DPO”) who can be contacted to obtain clarifications regarding the processing of your Personal Data and the retention periods at the following e-mail address: allies@netlaw.bg

2. Processed personal data and Purposes of processing

We inform you that the Data Controller will process your personal data, falling within the definition set out in art. 4(1) of Regulation (EU) 2016/679 (hereinafter “GDPR”), in this case:

  • name
  • surname
  • email address

the processing of Your personal data will take place using electronic and IT tools and will be store in Google Sheet.

The purpose of the processing is to send you a periodic newsletter on project activities or to follow up with you on any inquires send via the website’s contact form.

3. Legal Bases for the Processing and how data are processed

For the purposes set out above, the legal basis for processing Your personal data is your consent pursuant to art. 6(1)(a) of the GDPR.

The processing of Personal Data will take place – according to the principles of fairness, lawfulness, and transparency – through the support of IT and manual tools, with logic strictly related to the purposes of the processing and, in any case, guaranteeing the confidentiality and security of the data. and compliance with specific obligations established by law. The availability, management, access, storage, and usability of data is guaranteed by the adoption of technical and organizational measures to ensure appropriate levels of security pursuant to Articles 25 and 32 of the GDPR, as well as, in relation to the specific processing purposes identified by the applicable legislation. The processing is carried out by persons duly authorized and instructed by the Data Controller and in compliance with the provisions of art. 29 GDPR.

4. Disclosure of personal data

Your personal data may be shared with:

– other ALLIES project consortium PARTNERS that to pursue project objectives need to process data: those subjects act as data processors pursuant to art. 28 of the GDPR. Upon your request you can access the updated and complete list of processors. Requests must be sent to Data Controller at the addresses indicated above;

5. Transfer of data outside the EU

Your personal data may be transferred by the Data Controller to ALLIES partners (Data Processor) located outside the European Economic Area, in particular:

Israel, Ukraine, Georgia, North Macedonia.

The European Union has – so far – recognized Israel to provide an adequate level of data protection:

https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en

For transferring data in the other countries listed above that do not guarantee an essentially equivalent level of protection to that guaranteed in the EEA, Recital 108 and Article 46 (1) GDPR provide that in the absence of an EU adequacy decision, a controller or processor should take measures to compensate for the lack of data protection in a third country by way of appropriate safeguards for the data subject. A controller or processor may provide appropriate safeguards, without requiring any specific authorisation from a supervisory authority, through its use of one of the transfer tools listed under Article 46 (2) GDPR, such as standard data protection clauses. For transferring data in the other countries listed above standard contractual clauses (known as “SCC”) are used as a ground for data transfers from the EU to these third countries according to Article 46 of the GDPR.

6. Data Retention

Your personal data will be kept only for the time necessary to pursue the purposes set up in point 2 above, respecting the principle of minimization referred to in Art. 5(1)(b) of the GDPR.

In particular Personal Data collected will be kept for 24 months after the end of the project (scheduled for August 31st, 2026)

More information is available from the Data Controller that can be reached at the addresses indicated above.

7. Data Subject Rights

The GDPR recognizes a number of rights to Data Subjects pursuant to art. 15-22 of the Regulation. In particular, you may request the access (Art. 15), the rectification (Art. 16), the erasure (Art. 17, Right to be forgotten), the restriction of processing of the data in the cases provided by Art. 18 of the GDPR. Based on Art. 18 (2) the conditions of restricted processing will be strict. Although it seems a technical solution, it will provide an interlocutory treatment of risk, while the data subjects decide the actual treatment.

According to Art. 20 You have the right to receive your personal data, which you have provided to a controller, in a structured, commonly used and machine-readable format. You have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided. You have the right to a judicial remedy and the right to receive compensation when you consider that your rights under this Regulation have been infringed as a result of the processing of your personal data in non-compliance with this Regulation pursuant to Art. 79 of the  GDPR.

You also have the right to lodge a complaint with the competent Supervisory Authority pursuant to article 77 of the Regulation.

8. Contact possibility via project website

The project website alliesproject.com contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

9. Google Analytics and external scripts

This website uses functions of Google Analytics of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States, which support interest-based advertising and advertising based on user browsing behaviour. Google Analytics uses a third-party cookie from DoubleClick to evaluate data regarding users’ browsing behaviour on different websites. These data can be used to prepare statistical statements on demographic data and areas of interest of website users.

We expressly draw your attention to the fact that we cannot view data related to individual users and that the statistical data we use cannot be traced back to specific users.

You can disable the DoubleClick cookie at any time:

For more information about Google’s terms of use and privacy, please visit: