TA/RA Data Protection Policy
The EU General Data Protection Regulation (GDPR) applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. The GDPR applies to all handling of personal data such as how to collect, handle, store and delete the data.
INTERACT processes personal data in order to fulfill the project assignment. The legal ground is that it is in the public interest under the EU legislation or national legislation (Ref EU). INTERACT has identified six categories when GDPR is relevant for INTERACT, described in detail on the INTERACT and GDPR page.
The whole INTERACT Transnational and Remote Access application, evaluation and reporting process, including the INTERACCESS on-line application system, follows the EU GDPR. The information on TA/RA related issues and procedures concerning the EU GDPR is provided here, in our TA/RA Data Protection Policy.
The information taken into special account in relation to the EU GDPR mainly involves the TA/RA applicants details, in which the INTERACT solution is as follows:
- Keep registered information to a minimum with a clear purpose
- Inform subject why the data is collected (if not obvious)
- Inform subject who will have access/receive/handle the information
- Inform subject how long the information will be stored
- Applicant details are accessed/received/handled by only those mentioned when collecting the data
- Passwords are protected in the cloud
- All applicants’ data will be deleted five years after the end of INTERACT project