ABOUT PROJECT

The purpose of this privacy policy (“Privacy Policy”) is to inform about the principles of data processing in connection with the performance of tasks under the project financed by the European Commission under the Internal Security and Police Fund under the name ” “Tailored CBRNe Protection Measures for Hotels and Conference Centers” (Project no. 101100555 — HOTHREAT — ISF-2022-TF1-AG-PROTECT; hereinafter referred to as HOTHREAT ). Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (general regulation on the protection of data, “GDPR”), we would like to inform you that:

1. Joint Controllers

The joint controllers of the personal data of individuals participating in research and events organized as part of the HOTHREAT project are its Consortium Partners:

1. UNIWERSYTET LODZKI (UL), established in UL PREZYDENTA GABRIELA NARUTOWICZA 68, LODZ 90 136, Poland, VAT number: PL7240003243, represented by Prof. Łukasz Korporowicz, Vice-Rector for Research and Donat Kałuża, MSc, Bursar Data Protection Office contact e-mail: iod@uni.lodz.pl (further herein: Joint Controller 1)
2. DYNAMIC SAFETY CORPORATION SP.ZO.O. (DSC), established in DWORKOWA 11/20, WARSZAWA 05077, Poland, VAT number: PL5211011948, represented by Agata Antoniak, Data Protection Office contact e-mail: dsc@dsc-vr.pl (further herein: Joint Controller 2)
3. POLARIS HOSPITALITY ENTERPRISES SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA (hereinafter referred to as Polaris), established in UL. SKALNICOWA 21, WARSZAWA 04 797, Poland, VAT number 9522075527, represented by Marzena Celej; Data Protection Office contact e-mail: patrycja.soltysinska@kancelaria-psse.pl (further herein: Joint Controller 3)
4. CENTRUM KONFERENCYJNO-SZKOLENIOWE BOSS SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA (hereinafter referred to as Hotel Boss), with its registered office in Zwanowiecka 20, WARSZAWA 04 849, Poland, VAT number PL9521109336, represented by Balbina Jozwiak; Data Protection Office contact e-mail: dyrektor@hotelboss.pl (further herein: Joint Controller 4)
5. SAFETY CORE SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA (hereinafter referred to as Safety Core), with its registered office in LESNY JAR 35, OLSZEWNICA STARA 05-123, Poland, VAT number PL5361959063, represented by Katarzyna Klimas; Data Protection Office contact e-mail: office@safetycore.pl (further herein: Joint Controller 5)
6. ISEM-INSTITUT PRE MEDZINARODNU BEZPECNOST A KRIZOVE RIADENIE, NO (ISEMI), with its registered office in VYSOKOSKOLAKOV 41, ZILINA 010 08, Slovakia, VAT number: SK2024121704, Data Protection Officer: Lubomir Zapotocny e-mail: zapotocny@isemi.sk (further herein: Joint Controller 6)
7. INSTITUTO NACIONAL DE TECNICA AEROESPACIAL ESTEBAN TERRADAS (hereinafter referred to as INTA), with its registered office in CR AJALVIR KM 4 2, TORREJON DE ARDOZ MADRID 28850, Spain, VAT number ESQ2822003F, represented by Julio Ayuso Miguel; Data Protection Office contact e-mail: clopd@inta.es (further herein: Joint Controller 7)
8. LIHSA HOTELES SA (hereinafter referred to as ATIRAM HOTELS), with its registered office in CALLE CAPITAN ARENAS 20, BARCELONA 08034, Spain, VAT number A08796518, represented by MARIA GASPART BUENO; Data Protection Office contact e-mail: maria.gaspart@atiramhotels.com (further herein: Joint Controller 8)
9. KENTRO MELETON ASFALEIAS (hereinafter referred to as KEMEA), with its registered office in P KANELLOPOULOU 4 ST, ATHINA 10177, Greece, VAT number EL999333507, represented by Eleni Sirmali; Data Protection Office: Vasiliki Zomenou contact e-mail: dpo@kemea-research.gr (further herein: Joint Controller 9)
10. HELLENIC POLICE (hereinafter referred to as HPOL), with its registered office at 4 KANELLOPOULOU AVENUE, ATHENS 101 77, Greece, VAT number: 090169846 and legally represented by Sotirios Nikolakopoulos; Data Protection Office contact e-mail: dpo@astynomia.gr, horizon.admin@astynomia.gr (further herein: Joint Controller 10)
11. KONNGRUENT MANAGEMENT SRL (hereinafter referred to as KONNGRUENT), with its registered office in NERA NR.2, CAMERA 1, BLOC OD5 SCARA 3, ETAJ 2, AP.90, BUCHAREST 061787, Romania, VAT number RO42042206, represented by Sorin Zorca; Data Protection Office contact e-mail: sorin@zorca.ro (further herein: Joint Controller 11)
12. SIGORIA SECURITY SOLUTIONS (hereinafter referred to as SIGORIA), with its registered office in GDANSKA 91/93 LOK.35, LODZ 90-613, Poland, VAT number PL7272845844, represented by Sebastian Kawczyński; Data Protection Office contact e-mail: alipinski@sigoria.eu (further herein: Joint Controller 12)
13. CSI CENTER FOR SOCIAL INNOVATION LTD (hereinafter referred to as CSI), with its registered office at 62 Rigenis Street, 1st Floor, Nicosia 1010, Cyprus, VAT number CY10365601I, represented by Demetris Hadjisofocli; Data Protection Office contact e-mail: Christos.elkhattab@csicy.com (further herein: Joint Controller 13)
14. APHRODITE HILLS RESORT LIMITED (hereinafter referred to as Aphrodite H), with its registered office in GEORGIOU GENNADIOU, 10, AGATHANGELO FLAT/OFFICE 303, LIMASSOL 3041, Cyprus, VAT number CY10039398F, represented by Isavella Aristidou; Data Protection Office contact e-mail: privacy@atlanticahotels.com (further herein: Joint Controller 14)
15. ETAIREIA TOURISTIKIS ANAPTIKSIS KAIPROVOLIS PERIFERIAS LEYKOSIAS LTD (hereinafter referred to as NTB), with its registered office in 38 GRIVAS DHIGENIS & DELIGIORGI 3, NICOSIA 1509, Cyprus, represented by Mr Sotiris Christoforou; Data Protection Office contact e-mail: info@ntb.org.cy (further herein: Joint Controller 15)
16. Department d’Interior – Generalitat de Catalunya (hereinafter referred to as INT) with its registered office in C / Diputació 355, 08009 Barcelona, Spain, VAT number ESS0811001G, represented by Tamara Garcia; Data Protection Office contact e-mail: dpd.interior@gencat.cat (further herein: Joint Controller 16)
17. KOMENDA WOJEWODZKA POLICJI W LODZI (hereinafter referred to as KWPL), with its registered office in Lutomierska 108/112, Lodz 91-048, Poland, VAT number 7260004458, represented by colonel Tomasz Jędrzejewski; Data Protection Office contact e-mail: iod@ld.policja.gov.pl (further herein: Joint Controller 17)
18. Fondazione SAFE (hereinafter referred to as “SAFE”), with its registered office in Via Maggiore 73, 48121 RAVENNA, Italy, and its operational office in 37038 SOAVE (VERONA), Italy, VAT number 02600460394, represented by Andrea D’Angelo; Data Protection Office contact e-mail: silvia@safe-europe.eu (further herein: Joint Controller 18)
19. MINISTERIO DA ADMINISTRATION INTERNA (hereinafter referred to as “PSP”), with its registered office in Rua Capelo 11, Lisboa 1249-110, Portugal, VAT number 600006662, represented by Arménio Liceia; Data Protection Office contact e-mail: ajliceia@psp.pt (further herein: Joint Controller 19).
    hereinafter collectively referred to as “Joint Controllers”).

2. Common arrangements between the Joint Controllers

As part of the Consortium Agreement concluded between the co-administrators, we agreed on the scope of our responsibility regarding the fulfilment of obligations under the GDPR, including in particular we agreed that:

a) Joint Controller 1 is responsible for the overall processing of personal data needed for the performance of all project tasks;

b) Joint Controller 1 is responsible for ensuring a dedicated IPR and Data Management Coordinator who will act as the Data Protection Officer for the purposes of the HOTHREAT project. IPR and Data Management Coordinator will act as a shared contact point for all HOTHREAT data protection queries. IPR and Data Management Coordinator can be reached at HOTHREAT@biol.uni.lodz.pl;

c) Joint Controller 1 is responsible for providing a dedicated website on which this Privacy Policy will be posted;

d) Co-administrators 1 through to 18 are responsible for the processing of personal data as part of their respective project tasks, described in the Annex B to the Grant Agreement with the European Commission.

e) Co-administrators 1 through to 18 are responsible for fulfilling the information obligation towards individuals participating in HOTHREAT research and/or events and for enabling them to exercise their rights related to the processing of their data by the Joint Controllers.

3. Categories of Personal Data

The joint controllers process the following categories of personal data:

• In the case of HOTHREAT events: name, surname, telephone number, e-mail address, image and affiliation;
• In the case of HOTHREAT research: identification and contact details (first name/names, surname, telephone number, e-mail address, correspondence address), professional affiliation, area of professional expertise including relevant prior experience; hereinafter referred to as “Personal Data”.

4. Purposes and legal grounds for the processing of Personal Data

Personal data of persons participating in HOTHREAT research and events will be processed by the Co-administrators for the purposes of:

a) recruitment to HOTHREAT events,

b) organizing and conducting HOTHREAT events,

c) issuing documents confirming participation in HOTHREAT events,

d) dissemination and outreach activities in line with the overall HOTHREAT aims, which include:

• • increasing the level of protection in places of hotels and conference centres
  • forming an outstanding cooperation of scientists, security experts and practitioners, public services and hotels and conference centres
  • preparing a comprehensive protection system, increasing prevention, protection, deterring and responding to various types of terrorist threats and incidents that may occur in hotels and conference centres, including attacks with chemical, biological, radiological and nuclear agents.

Personal data of persons participating in HOTHREAT events and research will be processed in line with purposes a) -d) for the purpose of performing the contract with the European Commission.
The Joint Controllers will not process personal data for other purposes incompatible with the purposes described above, unless such processing is required by law or unless the Joint Controllers are authorised to do so by persons participating in HOTHREAT events or research, respectively.

5. Enabling Third Party Access

For the purposes indicated in this Policy, Joint Controllers may transfer Personal Data to the following categories of third parties:

• external contractors providing tools for rendering services, testing deliverables or management and sharing data, to achieve the purposes indicated in para 4 above, to whom the Joint Controllers entrust processing based on data processing agreements;
• entities and bodies authorized to receive Personal Data from Joint Controllers or authorized to request access to Personal Data on the basis of generally applicable provisions of law.

6. Period of personal data storage

Personal data of subjects participating in HOTHREAT events or research will be kept by each of the Joint Controllers for the duration of the project or consent to use the image, and after this period for the period and to the extent necessary to pursue a legitimate interest Co-administrators, which is defence against potential claims related to the performance of the contract.

7. Your rights

Individuals participating in HOTHREAT research or events have the following rights related to the processing of their Personal Data by the Joint Controllers:

(i) the right to access and obtain a copy of the Participant’s personal data,

(ii) the right to rectify, delete and limit the processing of the Participant’s data,

(iii) the right to object to the processing, (iv) the right to transfer data, (v) the right to lodge a complaint with the President of the Office Personal Data Protection – on the terms set out in the GDPR. In the case of data processing on the basis of consent, persons participating in HOTHREAT research and events have the right to withdraw it.

8. Requirement to provide data

Providing the Joint Controllers with personal data for the purpose of participating in HOTHREAT research and events is voluntary, but necessary to take part in the relevant event or research.

Terms and Conditions

The information on the website serves solely for general informational purposes. The HOTHREAT Consortium disclaims responsibility for errors or omissions in the website content.
Under no circumstances shall the HOTHREAT Consortium be liable for special, direct, indirect, consequential, or incidental damages arising from the use of the website or its contents. The Consortium reserves the right to modify the website contents without prior notice.
External Links Disclaimer: The website may contain links to external websites not provided or maintained by the HOTHREAT Consortium. The Consortium does not ensure the accuracy, relevance, timeliness, or completeness of information on these external websites.
Errors and Omissions Disclaimer: While every effort is made to ensure the website content is current and accurate, errors may occur. The HOTHREAT Consortium disclaims responsibility for errors, omissions, or inaccuracies in the information, given the dynamic nature of laws, rules, and regulations.
Fair Use Disclaimer: The HOTHREAT Consortium may use copyrighted material for purposes such as criticism, comment, news reporting, teaching, scholarship, or research. Users intending to use copyrighted material beyond fair use must obtain permission from the copyright owner.
Views Expressed Disclaimer: Opinions expressed in the website belong to authors and do not necessarily reflect official policies or positions of any other entity, including the HOTHREAT Consortium.
No Responsibility Disclaimer: The information on the website is not a substitute for professional advice. The HOTHREAT Consortium disclaims liability for damages arising from access or use of the website.
Contact Us: If you have questions about this website, please contact us at HOTHREAT@biol.uni.lodz.pl