1. Introduction
We at xt-ehr.eu (“we”, “our”, or “us”) are committed to safeguarding your privacy. This Privacy Policy outlines how we process your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable data protection laws within the European Union.
By using our website https://www.xt-ehr.eu/ (“Website”), you acknowledge that you have read and understood this policy.
2. Comments
The data controller responsible for your personal data is:
Full Legal Entity Name: The National eHealth1) eHealth is the use of ICT in health products, services and processes combined with organisational change in healthcare systems and new skills, in order to improve health of citizens, efficiency and productivity in healthcare delivery, and the economic and social value of health. 2) WHO definition: cost-effective and secure use of information and communications technologies in support of health Read More Authority of Cyprus, acting as the coordinator of the Xt-EHR Consortium.
Registered Address: 67A Limassol Avenue, 2121, Aglantzia, Cyprus
Email: info@neha.org.cy
3. Categories of Personal Data We Collect
We may collect and process the following categories of personal data:
- Identity Data: name, title, affiliation (if provided)
- Contact Data: email address, phone number (if submitted)
- Technical Data: IP address, browser type, operating system, device identifiers
- Usage Data: browsing behavior, pages visited, referral sources
- ·Communication Data: messages or inquiries sent via our contact forms
We do not intentionally collect sensitive personal data unless explicitly provided for a legitimate purpose.
4. Purpose and Legal Basis for Processing
We process your personal data only when legally permitted. The most common legal bases include:
| Purpose | Legal Basis (Art. 6 GDPR) |
| Responding to inquiries | Consent or legitimate interest |
| Website analytics & performance | Legitimate interest |
| Newsletter or updates | Consent |
| Legal compliance | Legal obligation |
You may withdraw your consent at any time without affecting the lawfulness of prior processing.
5. Cookies and Tracking Technologies
We use cookies and similar technologies for functionality, analytics, and security purposes. Where legally required, we obtain your prior consent before placing non-essential cookies.
You can manage or withdraw your consent at any time via our Cookie Preferences panel.
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal or reporting obligations. After this period, data is securely deleted or anonymized.
7. Your Rights as a Data Subject
Under GDPR, you have the following rights:
- Access to your personal data (Art. 15)
- Rectification of inaccurate data (Art. 16)
- Erasure (“right to be forgotten”) (Art. 17)
- Restriction of processing (Art. 18)
- Data portability (Art. 20)
- Objection to processing (Art. 21)
- Withdrawal of consent at any time (Art. 7)
To exercise your rights, contact us at: info@neha.org.cy. You also have the right to lodge a complaint with your local supervisory authority.
8. Security of Your Data
We implement appropriate technical and organizational measures to protect your data, including but not limited to:
- Encryption (TLS/SSL)
- Access controls
- Secure data storage
- Regular security audits
9. Changes to this Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated via our website. The date of the latest revision is indicated at the top of this document.