Privacy Policy

1. Introduction

Welcome to the SMERF Diagnostic Tool. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, and safeguard your information in accordance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).

2. Data Controller and Data Protection Officer

  • Data Controller: Wrocław University of Science and Technology, 27 Wybrzeże Stanisława Wyspiańskiego St., 50-370 Wrocław, Poland.
  • Data Protection Officer (DPO): Eng. Riccardo Masiero. For any inquiries regarding data protection, please contact gdpr@crit-research.it.

3. Personal Data Collected

We collect the following personal data when you register and use the SMERF Diagnostic Tool:

  • Identification Data: First name, last name, job title, and company name.
  • Contact Information: Email address and/or phone number.
  • Usage Data: Information on how you interact with the tool, including login times, activity logs, and responses provided in the questionnaire.

4. Purpose and Legal Basis for Processing

Your personal data is processed for the following purposes:

  • Service Provision: To provide and maintain the functionality of the SMERF Diagnostic Tool.
  • Analysis and Improvement: To analyze your responses and company performance, enabling us to suggest tailored activities for improvement.
  • User Support: To assist you with inquiries or issues related to the tool.

The legal bases for processing your data are:

  • Performance of a Contract: Processing is necessary for the performance of the service you requested (Article 6(1)(b) GDPR).
  • Legitimate Interests: Processing is necessary for our legitimate interests in improving our services and providing tailored recommendations (Article 6(1)(f) GDPR).

5. Data Sharing and Disclosure

We do not sell or rent your personal data. However, we may share your information with:

  • SMERF Consortium Partners: Trusted partners involved in the SMERF project for the purposes outlined above.
  • Service Providers: Third-party service providers who assist us in operating the tool and analyzing data, bound by confidentiality agreements.
  • Legal Obligations: When required by law or to protect our rights and safety.

6. Data Retention

Your personal data will be retained only as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. Specifically, data will be retained for no longer than five years after the conclusion of the SMERF project.

7. Data Subject Rights

Under the GDPR, you have the following rights:

  • Access: To obtain confirmation whether your personal data is being processed and access to that data.
  • Rectification: To request correction of inaccurate personal data.
  • Erasure: To request deletion of your personal data under certain conditions.
  • Restriction: To request the limitation of processing your personal data.
  • Data Portability: To receive your personal data in a structured, commonly used, and machine-readable format.
  • Objection: To object to the processing of your personal data under certain circumstances.

To exercise these rights, please contact our DPO at gdpr@crit-research.it.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no system can be completely secure, and we cannot guarantee absolute security.

9. International Data Transfers

As the SMERF project may involve partners from countries outside the European Economic Area (EEA), your personal data may be transferred to and processed in countries that may not have equivalent data protection laws. In such cases, we ensure appropriate safeguards are in place to protect your data, such as standard contractual clauses or your explicit consent.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically to stay informed about how we are protecting your information.

11. Contact Information

For questions or concerns about this Privacy Policy or our data practices, please contact: