The personal data controllers are all entities in the FundingBox capital group as the Joint Controllers. All FundingBox entities have agreed on common data processing purposes.

In all matters regarding personal data, you can contact us using the following email address: privacy@fundingbox.com.

The essence of the arrangement is available here.

 

This information applies to the website colours-eccch.eu (hereinafter referred to as the “Website“).

All terms should be understood in accordance with the Website Terms of Use available at: https://colours-eccch.eu/terms-of-use/.

• Purposes, legal basis and retention of data processing

Purpose of processing and legitimate interests	Legal basis for processing	Retention period
Enabling the use of the website and ensuring its proper functioning.	The legitimate interest of the data controller (art. 6(1)(f) of GDPR).	1 year from the last visit to the Website.
Replying to an inquiry or other notification sent using the contact form.		For the period of maintaining ongoing relationships (e.g. answering questions, presenting offers, exchanging correspondence), and after the termination of the relationship for a period of one year.
Determining and pursuing or defending against claims.		Until the limitation period for claims expires.
To send newsletters	Consent (art. 6.1.a of GDPR).	Until consent withdrawal or an effective objection.
Enabling registration and participation in the Community of Practice (e.g. via Discord or other collaborative platforms).
Acceptance and consideration of the request based on the GDPR.	Obligation under the GDPR to provide the data subject with information (art. 6(1)(c) of GDPR).	5 years from the date of completion of responding to the request.

• Who has access to personal data?

Joint Controllers will transfer personal data only to trusted recipients such as marketing and event agencies, IT service providers, accountants, law firms, postal and courier companies (who process personal data on the controllers’ behalf).

Due to the fact that we use the services of Google LLC, your data may be transferred to the USA. We have concluded an agreement with Google – the so-called Standard Contractual Clauses. This means that in accordance with the decision of the European Commission No. 2021/914 EU of June 4, 2021, your personal data may be processed by this company in the USA. More information about the decision at:
https://fundingbox.com/trust/transfer-outside-eea/. 

To realize the Project, data can be shared also with Project Partners (complete list of the project partners is available at the email address: privacy@fundingbox.com) and European Commision and its bodies and Agencies.

• External links

The Website may contain links to other websites. Such websites operate independently of the Controller and are not supervised by the Controller in any way. These websites may have their own privacy policies and regulations, which we recommend that you read.

• What rights do you have regarding the processing of your personal data?

Due to the fact that we process your personal data, you have the right to:

1. request access to your personal data,
2. demand the rectification of their personal data,
3. request to remove or limit the processing of your personal data,
4. complain with the supervisory authority
   (https://edpb.europa.eu/about-edpb/about-edpb/members_en).

You also have a right to object to processing of your personal data for all purposes indicated above (according to the Article 21 of GDPR).

• How can you notify us of your desire to exercise your rights?

You can exercise your rights in person at the Controller’s office, by post or e-mail (the Controller’s contact details are provided at the beginning).

In response to your request, you may be asked to provide data necessary to identify your personal data (including finding them) or verify your identity (confirming that you are the person you claim to be).

• Where does the Controller obtain data?

As a rule, the Controller obtains data directly from you. If we obtain data from another source, you will be informed separately and clearly.

• Is providing data voluntary?

Providing data is generally voluntary. Whenever data is provided:

• voluntary, but necessary to achieve specific purposes (e.g. e-mail contact via an online form) or
• obligatory (e.g. it will result from legal provisions)

you will be informed about this separately and clearly (e.g. on the form through which personal data will be collected).

• Cookies policy

• General information

Cookies are small text files that are placed on your device by websites you visit. They are commonly used to make websites work or be more efficient, as well as to provide information to website owners.

• For what purpose does the Controller use cookies?

We use two types of cookies:

• necessary cookies are essential for the basic functioning of the Website. They enable core features such as security, network management, and accessibility. Without these cookies, the Website cannot perform properly,
• optional cookies, are used to enhance your experience. They help us understand how you interact with the Website, allowing us to improve our services and personalize your experience. You can choose to enable or disable these cookies at any time.

Our use of essential cookies – unlike optional cookies – does not require your consent.

 

Taking into account the purpose of using files, the Controller may use two categories of cookies:

• functional cookies – these cookies are set by us to implement additional functionalities or improve the functionality and performance of the website, but they are not directly related to the requested service,
• targeting cookies – these cookies are set to provide analytical data for behavioral advertising and remarketing. They collect all kinds of browsing information necessary to create profiles and understand user habits in order to develop an individual and specific advertising procedure. The profile created in relation to your interests and browsing behavior is used to tailor the advertising you see when you access other websites.

 

The indicated data is not combined with information such as name and surname, e-mail address and other data enabling easy identification of the person visiting the website.

• What cookies do we process?

Cookie Name / Pattern	Provider	Purpose	Retention	Category
lastClipboardTimestamp	Local site	Tracks last clipboard action	Session	Functional
WP_PREFERENCES_USER_*	WordPress	User dashboard preferences	Persistent	Functional
et-cloud.viewMode	Elegant Themes	Remembers UI editing mode	Session	Functional
et_*	Elegant Themes	Theme/editor settings	Varies	Functional
customizerVisitCount	WordPress	Tracks customizer usage	Session	Functional
etfb-autosave-1	Elegant Themes	Autosave feature	Session	Functional
wpEmojiSettingsSupports	WordPress	Emoji support	Session	Functional
aiDataOptions	Local/plugin	AI/plugin configuration	Persistent	Functional
et-pb-recent-items-font_family	Elegant Themes	Font preferences	Session	Functional
wp-settings-time-1	WordPress	Preferences timestamp	1 year	Functional
wp-settings-*	WordPress	Interface customization	1 year	Functional
et-pb-recent-items-colors	Elegant Themes	Colour preferences	Session	Functional
et-editor-available-post-*	Elegant Themes	Editor availability	Session	Functional
wordpress_test_cookie	WordPress	Tests browser cookie support	Session	Functional
wordpress_logged_in_*	WordPress	Authentication	Session	Functional
Google Fonts API	Google	Font loading	Session	Functional
__hs_cookie_cat_pref	HubSpot	Cookie category preferences	6 months	Functional
__hsmem	HubSpot	Recognizes logged-in HubSpot members	1 year	Functional
hs-messages-is-open	HubSpot	Chat widget state	30 minutes	Functional
*_key	WordPress/plugins	Authentication key	Session	Functional
hs_ab_test	HubSpot	A/B testing	Session	Functional
__hs_do_not_track	HubSpot	Do-not-track setting	Persistent	Functional
sdsc	LinkedIn	Security for SSO	Session	Functional
cmplz_functional	Complianz	Functional cookie consent	1 year	Functional
cmplz_preferences	Complianz	Preference cookie consent	1 year	Functional
cmplz_consented_services	Complianz	Stores accepted services	1 year	Functional
cmplz_policy_id	Complianz	Tracks policy version	1 year	Functional
cmplz_banner-status	Complianz	Banner visibility	1 year	Functional
__hssc	HubSpot	Tracks session count	30 minutes	Analytical
__hstc	HubSpot	Main visitor tracking cookie	6 months	Analytical
messagesUtk	HubSpot	Visitor ID for chat	6 months	Analytical
googlesitekit_*	Google Site Kit	Analytics/Search Console caching	Persistent	Analytical
lms_analytics	LinkedIn	Analytics for LinkedIn embeds	Varies	Analytical
AnalyticsSyncHistory	LinkedIn	Syncs LinkedIn analytics	30 days	Analytical
li_gc	LinkedIn	LinkedIn consent cookie	2 years	Analytical
cmplz_statistics	Complianz	Consent for analytics cookies	1 year	Analytical
lms_ads	LinkedIn	Advertising analytics	Varies	Marketing
_guid	LinkedIn	Identifies visitors for ads	90 days	Marketing
li_alerts	LinkedIn	Marketing notifications	1 year	Marketing
bcookie	LinkedIn	Browser ID for tracking/ads	2 years	Marketing
li-oatml	LinkedIn	Ad targeting	30 days	Marketing
BizographicsOptOut	LinkedIn	Opt-out for marketing data	Persistent	Marketing
li_sugr	LinkedIn	Ad relevance tracking	90 days	Marketing
UserMatchHistory	LinkedIn	Identity syncing for ads	30 days	Marketing
linkedin_oauth_*	LinkedIn	OAuth + tracking	Varies	Marketing
lidc	LinkedIn	Routing + tracking	24 hours	Marketing
bscookie	LinkedIn	Secure browser identifier	2 years	Marketing
X-LI-IDC	LinkedIn	Routing/tracking	Session	Marketing
cmplz_marketing	Complianz	Marketing cookie consent	1 year	Marketing

 

• Controlling and deleting cookies

Most browsers offer the ability to accept or reject all cookies. The user can manage the saving of cookies in the browser settings.

However, please remember that blocking all cookies may cause difficulties in the operation of the Website or completely prevent the use of some of its functionalities.

Managing and deleting cookies varies depending on the browser you use. Detailed information on how to manage cookies can be obtained by using the Help function in your browser or by visiting the website https://allaboutcookies.org/, which explains how to control and delete cookies in most browsers.

 

You can also read information about cookie management directly on the websites of individual web browsers:

• Google Chrome,
• Microsoft Edge,
• Mozilla Firefox,
• Opera,
• Apple Safari.

• Operational data

Even if cookies are not installed, the website Controller may gain access to data describing how the Website is used (“operational data”), in particular:

• the IP address assigned to your device or the external IP address of your Internet provider,
• domain name,
• browser type,
• access time,
• type of operating system.

To maintain the highest quality of our Website, we occasionally review log files to see which pages are visited most frequently. We might also gather navigational data, such as the links and references you click on and other activities you perform on the Website. This helps us understand how to make our services better and more user-friendly. Our legal basis for this is our legitimate interest (Article 6(1)(f) of the GDPR) in enhancing the usability and functionality of our online services.

• Personal data protection

In certain exceptional situations, information obtained through cookies and operational data may be considered personal data under the GDPR. If this information is classified as personal data, the Controller will act as the personal data controller. Even if there is uncertainty about whether a specific category of information qualifies as personal data, the Controller will protect this information as if it were personal data.

 

Processing the above categories of data, as necessary for the proper display of the Website (necessary cookies), is based on the legitimate interest of the Website Controller (Article 6(1)(f) of the GDPR). For this purpose, we may occasionally analyze log files to:

• Determine which browsers are used by visitors to the Website,
• Identify the most and least frequently visited tabs or subpages,
• Ensure the Website is free from errors,
• Stop the distribution of malicious codes,
• Interrupt denial-of-service attacks.

You have the right to object to the processing of your personal data as described above.

Recipients of this data may include entities providing IT services to the Controller.

• Deleting operational data and data obtained through the cookie mechanism

The retention period of cookies, i.e. the period after which these files will be deleted, has been specified in point 3 above.

If we obtain your personal data as part of the services described above, they will be deleted or anonymized no later than after the expiry of the limitation period for potential claims related to the use of the Website or earlier if you submit an effective objection.