- General
1.1 The Stichting European Health and Data Evidence Network (hereinafter referred to as the “EHDEN Foundation”, or “EHDEN”) cares about your privacy and wants you to be familiar with how we collect, use, and disclose information, including your Personal Data (as defined below). This Privacy Policy describes our practices in connection with information that we or our service providers collect through the website [http://www.ehden.eu/] and the European Health Data & Evidence Network Portal [https://portal.ehden.eu/] (hereinafter, the “Website”) operated and controlled by us from which you are accessing this Privacy Policy. By providing personal information to us or by using the Service, you acknowledge that you have read and understand this Privacy Policy.
1.2 The Website is not directed to individuals under the age of eighteen (18), and we request that these individuals not provide personal information through the Website. If your child has submitted Personal Data (as defined below) and you would like to request that such Personal Data be removed, please contact us as explained below under Contacting Us.
- What data do we collect?
2.1 The information that you give to us, e.g. when some areas of the Website may ask you to submit such information, such as but not limited to your name, your e-mail address, your phone number and your organisation (the “Personal Data”), in order for you to benefit from some specified features, such as newsletter subscriptions.... Also, when you create an account, login in the website, contact us, send us an email, call us. A separate consent will by requested where appropriate.
2.2 Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any sensitive personal information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, or trade union membership, or biometric or genetic data for the purpose of uniquely identifying an individual) on or through the Website or otherwise to us.
2.3 We and our service providers may collect certain information automatically as you navigate around the Website. Please read the Cookie Policy [http://www.ehden.eu/cookie-policy/] for detailed information about the cookies and other tracking technologies used on the Website. The Cookie Policy [http://www.ehden.eu/cookie-policy/] includes information on how you may disable these technologies. If you do not disable them and continue to use our Service, we will infer your consent to their use.
We and our service providers may also automatically collect and use information in the following ways:
- Through your browser: Certain information is collected by most browsers, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, and Internet browser type and version. We may collect similar information, such as your device type and identifier, if you access the Website through a mobile device. We use this information to ensure that the Service functions properly.
- IP address: Your IP address is a number that is automatically assigned to your computer by your Internet Service Provider. An IP address is identified and logged automatically in our server log files whenever a user visits the Website, along with the time of the visit and the pages visited. Collecting IP addresses is standard practice and is done automatically by many online services. We use IP addresses for purposes such as calculating Website usage levels, diagnosing server problems, and administering the Website. We may also derive your approximate location from your IP address.
- Device Information: We may collect information about your mobile device, such as a unique device identifier, to understand how you use the Website.
- Why do we process your personal data?
3.1 We may use your personal data from or about you for the following purposes:
- to respond to your inquiries and fulfil your requests, such as sending you newsletters or e-mail alerts.
- to send you important information regarding our relationship with you or regarding the Website, changes to our terms, conditions, and policies and/or other administrative information.
- for IT purposes, such as enhancing the Website and identifying Website usage trends.
3.2 We will only process the collected data for the purposes as described above and will not further process the data in a manner that is incompatible with those purposes.
3.3 The data will only be processed in so far necessary to achieve the above-mentioned purposes. Your data will also be kept up to date where necessary (for which your input may be required and asked).
3.4 The personal data will be processed fairly, lawfully and in a transparent manner, meaning that at least one of the following legal bases applies:
- we have received your explicit consent for the processing of your personal data.
- we are obliged to process your personal data according to applicable law or court order.
- the personal data are processed in view of the legitimate interests of the EHDEN Foundation.
- Who can access your Personal Data and why?
4.1 We may disclose information collected through the Website in so far necessary to achieve the above-mentioned purposes:
- to the EHDEN Foundation, for the purposes as listed above.
- to our service providers (processors) who provide services such as website hosting and moderating, data analysis, IT services, e-mail and direct mail delivery services, auditing services, and other services, in order to enable them to provide services; as we believe to be necessary, if permitted or required by applicable law.
4.2 In transferring data to processors, we will conclude a contract with such processor setting out the subject matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller. We will only use processors providing sufficient guarantees to implement appropriate technical and organizational measures so that the processing of the data meets the legal requirements.
4.3 In addition, we may use and disclose your information as we believe to be necessary or appropriate: (a) to comply with legal process or applicable law, which may include laws outside your country of residence; (b) as permitted by applicable law to respond to requests from public and government authorities, which may include authorities outside your country of residence; (c) to enforce our terms and conditions; and (d) to protect our rights, privacy, safety, or property, and/or that of the EHDEN Foundation, you, or others. We may also use and disclose your information in other ways, after obtaining your consent to do so.
- Do we transfer your Personal Data?
5.1 Your personal data will not be transferred to other third parties unless required or allowed by applicable law.
5.2 Some non-European Economic Area (EEA) countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here [https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en]. If the processing of your personal data would take place in a third country (e.g. a country outside the European Economic Area) which does not offer an adequate level of protection, this processing shall be carried out in accordance with the requirements and appropriate safeguards under the applicable data protection legislation, such as, entering into EU standard contractual clauses.
5.3 With your explicit consent (in so far required), we may also use and disclose information collected through the Website in other ways and for any other purpose. In addition, we may use and disclose information that is not considered to be personally identifiable and thus not personal data for any purpose. If we combine information that is not in personally identifiable form with information that is identifiable (such as combining your name with your geographical location), we will treat the combined information as personal data as long as it is combined.
- What are your rights with regard to your personal data?
6.1 You have the right to request, review, correct, update, or delete the personal data that you have provided via the Website as described below:
- Right to inspection: If you are capable of proving your identity, you obtain the right to acquire information about the processing of your data. Consequently, you have the right to the processing objectives, the data categories, the categories of recipients to which the data are sent, the criteria that determine the period of data storage and the rights that you can exercise with regard to your data.
- Right to correct personal data: Inaccurate or incomplete data may be corrected. It is first and foremost the User’s responsibility to make the necessary modifications to his or her “User Profile”. You may also contact us with a request to modify the data.
- Right to delete personal data: You also have the right to obtain the deletion of your personal data under the following circumstances:
- your personal data are no longer necessary for the intended purpose.
- you revoke your consent to process your data and there is no other legal basis for processing your data.
- you have legitimately exercised your right of objection.
- your data has been unlawfully processed.
- your data must be deleted arising from a legal obligation.
- Deleting data is primarily related to visibility; the deleted data may remain temporarily stored.
- Right to restrict processing: In some cases, you have the right to request restrictions on the processing of your personal data. This certainly applies in the case of a dispute relating to the accuracy of data, if the data are necessary in the context of a legal procedure or during the time necessary for EHDEN to determine that you are validly able to exercise your right of deletion.
- Right to object: You have the right to object at any time to the processing of your personal data for “direct marketing” purposes, profiling purposes or purposes arising from the legitimate interests of the data controller. EHDEN will stop processing your personal data unless it can demonstrate that there are compelling legal reasons to process that prevail over your right to object.
- Right to data portability: You have the right to obtain the personal data provided to EHDEN in a structured, common, and machine-readable form. In addition, you have the right to transfer such personal data to another data controller unless this is technically impossible.
- Right to withdraw consent and opt-out or unsubscribe to mailing communication: You are entitled to withdraw your consent at any time, purposes and you will receive an unsubscribe link in every communication e-mail you will receive from us.
6.2 Where consent is asked from you and you are a child below the age of 16 years, your holder of parental responsibility needs to give or authorise such consent.
- How can I exercise my rights?
7.1 Should you wish to exercise your rights, you must submit a written request and proof of identity by email to [enquiries@ehden.eu] or by using our ehden.eu/contact-us contact form. We will answer as soon as possible and no later than thirty (30) days after having received your request.
7.2 Option of lodging a complaint: If you are not satisfied with the processing of your personal data by EHDEN Consortium, you are entitled to lodge a complaint with a supervisory authority competent for your country or region. Please click here [http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080] for contact information for such authorities.
- How do we secure your data?
8.1 We use a variety of measures to keep your Personal Data confidential and secure, including restricting access to your Personal Data on a need to know basis and following appropriate security standards to protect your data.
8.2 We take every reasonable step to ensure that your Personal Data is only processed for the minimum period necessary in connection with:
- the purposes set out in this Privacy Policy.
- any additional purposes notified to you at or before the time of collection of the relevant Personal Data or commencement of the relevant processing; or
- as required or permitted by applicable law; and thereafter, for the duration of any applicable limitation period. In short, once your Personal Data is no longer required, we will destroy or delete it in a secure manner.
8.3 In case of a personal data breach, we will notify the personal data breach to:
- the competent supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons and
- you, the data subject without undue delay if the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons.
- Statement
9.1 Please note that some sites may collect and use data differently. These sites will have a local privacy policy explaining these practices. If the user leaves the Website and visits a website operated by a third party, the EHDEN Foundation cannot be held responsible for the protection and privacy of any information that users provide when visiting such third-party websites. Accordingly, users should exercise caution and review the privacy statement applicable to the website in question.
- Updates to this Privacy Policy
10.1 This Privacy Policy may be changed and updated from time to time. Changes and updates will be announced on our Website. Any changes or updates to this Privacy Policy will become effective when the revised Privacy Policy is posted on the Website. This policy was last updated on July 2, 2026.
- Contact us
11.1 If you have any questions about this Privacy Policy, please contact us by sending an e-mail to enquiries@ehden.eu [or by using our contact form (available at https://www.ehden.eu/contact-us/].