Last updated: July 19, 2023
Data processing and extent of data usage
When you visit our website or use any of the services offered by the AI4EOSC consortium, we collect and use personal data only when and to the extent necessary to perform the relevant service or function. The term “personal data” refers to all individual information about a specific or identifiable natural person, such as contact information or the information entered in and then submitted through (contact) forms.
As far as we collect, process or use personal data, we observe the applicable statutory provisions, in particular the EU General Data Protection Regulation (GDPR), and applicable national legislation. Personal data will not be passed on to third parties or used beyond the original purpose of their acquisition. If a forwarding to third parties should be necessary to answer an inquiry or to carry out a service, the legal bases will be the ones reproduced in the next item. In particular, the data you provide to us will not be used for advertising purposes.
We may pass on personal data collected via our website to state institutions, authorities and courts, insofar as we are obliged to do so or insofar as this is necessary for efficient legal defense or assertion of rights. We may use as processors technical service providers to operate this website.
Purposes of data processing by the data controller and third parties
We process your personal data exclusively for the purposes stated in this data privacy statement. Your personal data will not be transferred to third parties
for purposes other than those stated. We will only pass on your personal data to third parties if:
- you have given your consent to this,
- the processing is necessary for the execution of a contract with you,
- the processing is necessary to fulfill a legal obligation, or
- the processing is necessary to safeguard legitimate interests and there is no reason to assume that you have an overriding interest worthy of protection in not passing on your data.
Deletion or blocking of data
According to the principle of data minimization and others. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as provided for by various storage periods provided for by law. After the respective purpose has ceased or these periods have expired, the corresponding data will be routinely blocked or deleted in accordance with statutory provisions.
Cookies
Like many other websites, we use so-called “cookies”. A cookie is a small file that is stored on your computer. The content of this file is transferred to our web server each time you visit our website. Cookies cannot be used to start programs or transfer viruses to a computer. The information contained in cookies helps us, among other things, to make navigation easier for you and to display our web pages correctly. Under no circumstances will the data collected by us be passed on to third parties or linked to personal data without your consent.
You can deactivate the use of cookies in your Internet browser settings. However, as a consequence the display of certain content and the usage of certain services offered through our website may then be impaired.
Collection of general information when you visit our website
When you access our website, information of a general nature are automatically collected by means of a cookie. These information include, for example, the type of your web browser, the operating system used and the domain name of your Internet service provider. The information collected do not allow any conclusions to be drawn about your person and are technically necessary for the correct delivery of content requested by you from our website. In particular, this information is processed for the following purposes:
- Ensuring a trouble-free connection to the website
- Ensuring a smooth use of our website
- Evaluation of system security and stability
We do not use your data to draw conclusions about your person. Access to these data is limited to the data controller and, if applicable, subcontracted processors. Anonymous information of this kind may be statistically evaluated by us in order to optimize our Internet presence and the underlying technology.
Specific treatments
Collection and evaluation of usage data
We collect and analyze usage data from your interactions with our online platform to enhance your user experience, improve our services, and ensure the security of our platform. This data may include information such as: Pages visited, features used, time spent on the platform, device and browser information. We use this data to: Understand user behavior and preferences, identify trends and usage patterns, measure the effectiveness of our services and detect and prevent fraudulent or malicious activities. We do not share these data with any third party.
Server-side logging
When you access a page of our website, our web servers record the address (URL) of the requested page, date, time, duration, size of the request, any error messages and, if applicable, the operating system and browser software of your computer as well as the website from which you visit us in a log file. When you access any other service, including but not limited to SSH connections, web services, storage services like FTP or WebDAV, data processing services, batch systems, Grid and Cloud resources we store the request and action performed, the date, time, duration and any error obtained. In both situations we also store the IP address of your computer in our log files. The IP address is a number that your Internet provider assigns to your computer temporarily or permanently.
Establishing contact and contact forms
If you contact us by e-mail or contact form, you give us your voluntary consent to collect and store your e-mail address, your name and any other personal data for the purpose of contacting us. Your e-mail address and name are used to assign the query and its subsequent response. The information you provide will be stored for the purpose of processing your inquiry and for possible follow-up questions. After the completion of your request, this personal data will be deleted.
Links
Our website contains links to other Internet sites. The operators of the EGI internet presentation have no influence on the content of the linked pages. These were carefully checked before the activation of the links. Nevertheless, it cannot be excluded that the operators of the respective pages have made changes to the content that violate applicable law or the philosophy of EGI. EGI dissociates itself from such contents.
AI4EOSC account registration
If you request a AI4EOSC account to access or make use of our services, you give us your voluntary consent to collect and store your e-mail address for verification purposes and for the purpose sending you further instructions, including an individual link to the full registration form. As part of the registration process, we will collect and store other personal data for the purpose of creating and managing your account. If you request to delete your account, this personal data will be deleted.
LLM4EOSC Component data treatment
LLM4EOSC API Service
The LLM4EOSC API service does not collect or store any information sent to the service, with the exception of server-side logs. These logs include the address (URL) of the requested endpoint, date and time of
the request, duration of the request, size of the request and any error messages that are produced by the request.
LLM4EOSC Chatbot
The LLM4EOSC Chatbot service stores user chat history and relevant documents (RAG documents) solely to provide the service to the user. These data are subject to the following conditions:
- They will not be accessed by platform operators.
- They will not be shared with third parties (Purposes of data processing by the data controller and third parties apply)
- They will not be used for any purpose other than providing the service to you. They will not be processed, exploited or utilized by the AI4EOSC project or any consortium members, except to provide the service to you.
These data will be removed immediately when the user deletes the respective asset (i.e., chat history or document) from the service. No data retention policy is applied and data will be deleted immediately
Encryption
In order to protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS.
Your rights
You can exercise the following rights at any time by contacting our data protection officer using the contact details provided at the end of this statement:
- Information about your data stored with us and their processing
- Correction of incorrect personal data
- Deletion of your data stored by us
- Restriction of data processing, if we are not yet allowed to delete your data due to legal obligations
- Objection to the processing of your data by us
- Data transfer, if you have consented to data processing or have concluded a contract with us
If you have given us your consent to process your personal data, you can revoke it at any time with effect for the future.
You can complain at any time to the supervisory data protection authority (DPA) responsible for you. Your responsible DPA depends on your country and state of residence, of your workplace or of the presumed violation. A list of the supervisory authorities (for the non-public sector) with addresses can be found at the following link: https://edpb.europa.eu/about-edpb/about-edpb/members_en
Changes to our data privacy statement
We reserve the right to adapt this data privacy statements so that it always complies with the current legal requirements and reflects our services, for example when introducing new services or changing existing services provided through this website. Revisiting our website will then be subject to the new
data privacy statement.
Data Protection Officer
If you have any questions about data protection or would like to know which personal data we have stored about you, please contact our data protection
officer: delegadoprotecciondatos(at)csic.es.