Privacy Policy

Effective date: 30 / 08 / 2019

Please read this privacy policy (“Policy”) carefully to understand our policies and practices regarding your personal data and how we will treat it. This Policy applies to individuals who interact with the Challenge Fund website  (“you”).

The Embassy of Sweden in Tirana, Albania is the data controller for the above-mentioned webpage, which the latter determines how and why personal data is processed. This Policy explains how your personal data is collected, used, and disclosed by the Embassy (the “Embassy”, “We”, “Us”). It also tells you how you can access and update your personal data and make certain choices about how your personal data is used.

This Policy applies to the use of the website owned and created by the Embassy for purpose of facilitating the implementation of the project “EU for Innovation”, for the provision of funding to innovative start-ups and innovation service providers.

  1. Information about Personal data

Personal data is every type of information relating to an identified or identifiable natural person that can be directly or indirectly identified. If a registered piece of information reveals in any way, or makes it possible to find out, who the information is about, this is personal data. Examples of personal data include names, surname, age, date of birth, addresses, email addresses, phone number, personal identity numbers, location data, etc. and other factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Further, any information from computer/mobile device that you use to access our website, such as the Internet protocol (IP) address used to connect your computer or device to the Internet, operating system type, and web browser type and version shall be considered as personal data. If you access our website via a mobile device such as a smartphone, the collected information will also include, where permitted, your phone’s unique device ID, geo-location, and other similar mobile device data.

  1. Our personal data processing

‘Processing personal data’ essentially refers to everything that can be performed with such data whether or not by automated means. This may include collecting, registering, storing, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, erasure or destruction, aligning or printing data. A person who processes personal data is either the personal data controller or the personal data processor.

When you use our site and open an account, or file an application in order to be able to benefit from our services we collect the Personal Data mentioned under section 1 above.

Further the Embassy also process personal data when someone:

  • navigates to the site;
  • responds to any feedback you send Us, if you have asked Us to;
  • contacts the challenge fund team;
  • account login information;
  • provides you with information if you want it;
  • monitors the use of the site to identify security threats;

We will process any Personal Data you provide to us for the following purposes:

  • to process your application with the intention to be able to enter into agreements for provision of funding with successful applicants;
  • to contact you if required in connection with your application or to respond to any communications you might send to us;
  • to get a better understanding of where our visitors come from and to help us better design and organize our website;

By accessing our website, you provide your consent for the processing of your Personal Data in compliance with the terms and purpose defined in this Policy.

  1. Responsibility for personal data

The Embassy as personal data controller shall ensure that all personal data processing takes place in accordance with the applicable legislation.

  1. Use of cookies

This website uses cookies to distinguish you from other users of the website. This helps Us to provide you with a good experience when you browse our website and also allows Us to improve the website.

  1. Information about cookies

A cookie is a small file of letters and numbers that, if you agree to their use, is stored on your browser or the hard drive of your computer or device. They contain information that is transferred to your hard drive.

The cookies that We could use can be split into the following categories:

  • Necessary cookies. These are cookies that are required for the operation of the website. They include, for example, cookies that enable you to log into parts of the website.
  • Analytical cookies. These cookies allow Us to recognize and count the number of visitors to the website and to see how they move around within the website when they are using it. This helps           Us to improve the way the website works, for example, by ensuring that users are finding what         they are looking for easily.
  • Third party cookies. These are used to third parties (such as Google) to enable their services to work, for example Google Captcha on forms, Analytics or Google Maps. Some third parties use their cookies for advertising purposes. We have no control over these cookies and the third party’s privacy policy, where you may have the option to opt-out of their data collection.
  1. The cookies we use

We use the following cookies: Session Cookies.

Please note that third parties (including, for example, providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

  1. How you can block cookies

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies.

However, please be aware that blocking cookies may affect your ability to use the website. In particular, you may not be able to access all or parts of the website or use the functionalities contained on it.

  1. Periods of retention

We will only retain your personal data for as long as:

  • it is needed for the purposes set out in this Policy;
  • as required by law.

After the retention period, personal data is regularly cleaned up, culled and de-identified.

  1. Children’s privacy protection

Our services are not designed for, or intentionally targeted at, children 13 years of age or younger. We do not intentionally collect or maintain data about anyone under the age of 13.

  1. Use of social media plug-ins

We currently use the following social media plug-ins: Facebook, and Instagram. We use the so-called two-click solution. In other words, when you visit our site, initially no personal data is passed on to the providers of the plug-ins. Only when you click on the activation button of the social networks, personal data will be transmitted by you to the respective plug-in provider and stored there. We use the social media plug-ins to make our information offerings more interesting through interaction with you and other users. We would like to draw your attention to the fact that the social networks store the data of their users (i.e personal information, IP address etc.) according to their data usage guidelines. You can find out about the processing of data through social networks at their respective links.

We have no influence on the data collection and its further use by the social networks. If you go to another website from this one, read the privacy policy on that website to find out what it does with your information.

We ask you therefore to check exactly what personal data you provide to the social networks through the use of our site. If you do not want the social networks to receive personal information through your communication through our site, you should contact us.

  1. Disclosure of your personal data

The data we collect may be shared with other government departments, agencies, public bodies or other financial institutions in order for Us to implement the “EU for Innovation” project. It may also be shared with our technology suppliers.

We will not:

  • sell or rent your data to third parties;
  • share your data with third parties for marketing purposes.

We will share your data if we are required to do so by law – for example, by court order, or to prevent any crime.

  1. Personal data transfer

We design, build and run our systems to make sure that your data is as safe as possible at all stages, both while it’s processed and when it’s stored.

Personal data may also be released to contracting partners or IT suppliers.

Our system where the site is hosted is installed at the supplier’s premises in Chicago, United States of America; therefore, personal data is transferred to the supplier. In this case, the supplier is a personal data processor and processes personal data on behalf of the Embassy and in line with the Embassy’s instructions. When We transfer your personal data to other countries, We take reasonable steps to ensure that applicable laws are being followed.

Your consent to this Policy followed by your submission of such information represents your agreement to that transfer.

  1. Security measures

Technical and organizational measures are taken to ensure that all information processed by Us is protected from unauthorized access, changes, disclosure or destruction.

All development of systems, services and activities takes place with respect for personal privacy and taking account of the data protection legislation.

We also make sure that any third parties that we deal with keep all personal data they process on our behalf secure.

  1. Your rights

You have the right to request:

  • information about how your personal data is processed and a copy of that personal data (Right of access and information);
  • that anything inaccurate in your personal data is corrected immediately (Right to rectification).

You can also:

  • raise an objection about how your personal data is processed (Right to object to processing);
  • request that your personal data is erased if there is no longer a justification for it (Right to erasure);
  • ask that the processing of your personal data is restricted in certain circumstances (Right to restricting of processing);
  • obtain and reuse your personal data for your own purpose (Right to data portability).

The Embassy will – at your request or of its own initiative – correct or supplement personal data that is discovered to be incorrect, incomplete or misleading.

In some cases, you are entitled to have your personal data deleted. This means that you have the right to request that your personal data be removed if it is no longer needed for the purposes for which it was collected. However, there may be legal requirements that do not allow a mission abroad to delete your personal data immediately. The mission abroad will then cease processing that is for purposes other than following the legislation.

You are always entitled to present any complaints concerning the Embassy’s processing of your personal data. You can either contact the Embassy directly or contact the data protection officer. You can also lodge a complaint with the Swedish Data Protection Authority.

  1. Changes to this policy

This Policy is effective as of 10.10.2019 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this site.

We reserve the right to update or change our Policy at any time and you should check this Policy periodically. Your continued use after We post any modifications to the Policy on this site will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Policy.

If we make any material changes to this Policy, We will notify you by placing a prominent notice on our website.

  1. Contact information or make a complaint

Contact Us if you: (i) have a question about anything in this Policy; (ii) think that your personal data has been misused or mishandled.

The contact details are available at the address: [email protected]

You can also contact our Data Protection Officer at the address: [email protected]