All the tasks done within this project will comply with Regulation (EU) 2016/679 (General Data Protection Regulation) and with ethical principles and relevant national, EU and international legislation. The procedures will be defined respecting the following schema:
Data collected and processed for the purposes of the project have to be accurate, reliable, and kept up to date Retter Teknoloji Anonim Sirketi (Retter) will be responsible for the quality of data and the fair and transparent processing of data and has to ensure that data will be corrected, revised and/or updated when requested by a data subject or deemed to be necessary as a result of regular audits and reviews.
The data generated and collected during the project may be classified into two groups:
In each phase of the project, from data collection to data analysis up to the final demo activities, the rights and freedoms of the data subject and mainly his/her dignity and privacy will be respected and protected according to the law and the current ethical guidelines.
In order to protect privacy and the right to data protection, data will be anonymized. This anonymization will be carried out just after their collection and in any case before the further processing of data by who hence will have access only to de-identified data.
No person/data subject will participate without his/her legally effective explicit and informed consent or the consent of data subject's guardian/judicial supporter or his/her legally authorized representative. Retter shall ask for such consent to give to the prospective subject or the representative the possibility to consider sufficiently whether or not to participate, minimizing therefore the possibility of coercion or undue influence.
Whenever possible, the assent of the participants should be obtained in addition to their consent or legal representatives. Participants must be asked for consent if they reach the age of majority in the course of PROJE ISMI. Dissent should be respected.
Retter will collect, retain and use personal data only for the explicit, legitimate, clearly specified and documented purpose(s) of this project as laid down in the Description of Work of the project.
The data use will be in line with the data subject’s original consent, given on the attached form that will be in the patient language to ensure the full comprehension of its statements.
Data may not be processed for purposes which are not compatible with the project’s purposes and/or further (re)used for other purpose(s) that is/are not covered by the consent.
Only personal data that are adequate, relevant and limited to the minimum necessary in relation to the purposes of the project shall be collected and processed. Personal data will be kept in a form which permits direct or indirect identification of data subjects for no longer than is necessary for the purposes of the project.
If they are no more necessary personal data will be erased/destroyed unless and to the extent that it is necessary for the documentation of the research process or for the establishment, exercise or defence of legal claims.
The underpinning principle of all research is that the rights of the individual take priority over the research needs. Persons involved will not be disadvantaged if they refuse to let researchers collect their data. They have the right to withdraw their consent and stop participating to the research project at any time without any consequences or loss of benefits. Data subjects may exercise their right to access to their data collected and stored for the purposes of the project as well as the right to object to the further processing and/or to request rectification or erasure of their data.
Researchers must ensure that data subjects understand the implications of taking part and consenting to the collection of their data. Data collection must be fair and transparent for the persons concerned. Researchers involved in data collection and processing must ensure that data are accurate and reliable. Researchers are responsible and accountable for complying with these guidelines.
Researchers will have access only to data that they are specifically mandated and/or authorized to use. Access to the database is restricted to who are specifically mandated/authorized to have access and process personal data for the purposes of the project. Nobody is allowed to transfer, to disclose or to make available data to third parties outside the Project.
Retter is responsible for data security according to the guidelines and having regard to the sensitive data we deal with we will adopt and implement all the appropriate technical and organizational measures to protect users and their data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure, or access. Security measures are valid until to the destruction/ erasure of the data. Data security will be preserved through anonymization, encryption, and regulation of the medium of transfer.
Retter is accountable for compliance with the law and the guidelines and is responsible for taking the necessary technical and organizational measures and the accuracy and reliability (“data quality”) of the data collected and distributed.