EUnetCCC

Privacy Policy

Last updated: 27 Oct 2025

Thank you for visiting the WP8 website of the European Network of Comprehensive Cancer Centres (EUnetCCC). This website is dedicated to the dissemination of the activities of Work Package 8 (WP8), which focuses on the development and implementation of collaborative cancer care networks across Europe, under the EUnetCCC Joint Action funded by the European Union’s EU4Health Programme.

This privacy policy is part of the EUnetCCC WP8 website and solely concerns the processing of personal data that occurs in connection with the operation of this website. This document explains how Oslo University Hospital ("We" "Us"), the coordinator of WP8 and administrator of this website, uses personal data collected through your interactions with the website.

In this privacy policy you will find information on:

  • Who is legally responsible for the data processing (data controller)
  • The data that is automatically collected and logged when you visit the website
  • The data that is collected when you contact us or subscribe to our newsletter
  • The legal basis for processing personal data
  • How we protect your data
  • How long we retain personal data
  • Whether we share or transfer data
  • Your rights as a data subject
  • Your right to lodge a complaint

1. Who we are?

The European Network of Comprehensive Cancer Centres (EUnetCCC) is a European Joint Action co-funded by the European Commission through the EU4Health Programme. Its aim is to build a structured, collaborative network of Comprehensive Cancer Centres (CCCs) across Europe to ensure equal access to high-quality cancer care, foster innovation, and support sustainable oncology systems.
Work Package 8 (WP8) is a core component of the EUnetCCC initiative and is responsible for the development and implementation of pilot cancer care networks across selected regions in the EU. These pilots are designed to serve as scalable models for integrated, multidisciplinary cancer care, aligning with the European Cancer Plan. WP8 is coordinated by Oslo University Hospital (OUS), one of the leading healthcare and research institutions in Scandinavia, with a long-standing commitment to cancer research, digital health, and patient-centred care. As coordinator of WP8, OUS is the legal entity responsible for the content, security, and administration of this public-facing website. This website is intended to inform professionals, stakeholders, and the public about WP8 activities, outcomes, events, and related publications, as well as to promote transparency and encourage engagement across borders. Data Controller: Oslo University Hospital (OUS) [Insert contact email] [Insert address]

2. What Data We Collect

a) Automatically Collected Data

When you access the WP8 website, we may automatically collect certain technical data, including:

  • Date and time of access
  • IP address
  • Browser type and version
  • Operating system and device type
  • Referrer URL
  • Pages visited and time spent
  • Volume of data transmitted

This information is collected through cookies and analytics tools. Please refer to our Cookie Policy for more details.

b) Data You Provide Voluntarily

If you contact us via the contact form or subscribe to our newsletter, we collect:

  • Your name
  • Your email address
  • Your message or submission
  • Organisation and country (if relevant)

We do not collect metadata or sensitive personal data (e.g., health, race, political opinions) unless explicitly stated.

3. Purpose of Data Collection

We process personal data for the following purposes:

  • To ensure the functionality and security of the website
  • To respond to your queries and messages
  • To send you our newsletter, if you subscribe
  • To improve and analyse engagement with our site (anonymised statistics)

4. Legal Bases of Processing

Your personal data is processed for the following purposes:

Purpose Legal Basis
Responding to inquiries Legitimate interest (Art. 6.1.f)
Sending project updates (e.g., newsletters) Consent (Art. 6.1.a)
Organising participation in events Consent / Legitimate interest
Analysing engagement and reporting metrics Legal obligation (Art. 6.1.c)
Stakeholder engagement & pilot coordination Public interest task (Art. 6.1.e)

*Article 6.1 – Legal Bases for Processing under the GDPR

Consent (Art. 6.1.a)
"The data subject has given consent to the processing of their personal data for one or more specific purposes."

Legitimate interest (Art. 6.1.f)
"Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party..."

Legal obligation (Art. 6.1.c)
"Processing is necessary for compliance with a legal obligation to which the controller is subject."

Public interest task (Art. 6.1.e)
"Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller"

5. How We Protect Your Data

We implement appropriate technical and organisational measures to safeguard personal data. This includes:

  • Secure servers hosted within the EU
  • Encrypted transmission (SSL)
  • Access limited to authorised personnel
  • Regular security updates and antivirus monitoring

Nevertheless, data transmission over the internet is not entirely secure, and we recommend avoiding sensitive data submissions unless strictly necessary.

6. Data Retention

We retain personal data only as long as necessary for the stated purposes:

  • Contact form data: 6 months after last communication
  • Newsletter subscriptions: until unsubscribed
  • Technical logs: anonymised or deleted after 12 months

Data may be retained longer if legally required (e.g., for audit or reporting obligations).

7. Sharing and Transfers

We may share data with:

  • Project partners within the EUnetCCC consortium
  • Third-party service providers (e.g., web hosting, analytics)
  • The European Commission (in aggregated/anonymised format if required)

We do not sell or rent your data. All third parties are contractually bound to safeguard your data. We do not transfer your data outside the European Economic Area (EEA).

8. Your Rights as a Data Subject

Under the GDPR, you have the right to:

  • Access your personal data (Art. 15)
  • Rectify inaccurate or incomplete data (Art. 16)
  • Request erasure of your data (Art. 17)
  • Restrict processing (Art. 18)
  • Object to processing (Art. 21)
  • Data portability, where applicable (Art. 20)
  • Withdraw consent at any time (Art. 7)

To exercise your rights, please contact us at: [Insert email]. We may request identity verification. We will respond within 30 days.

9. Right to Lodge a Complaint

If you believe that your data protection rights have been violated, you may lodge a complaint with:

https://www.datatilsynet.no

P.O. Box 458 Sentrum, NO-0105 Oslo

Phone: +47 22 39 69 00

Or with the data protection authority of your country of residence, work, orwhere the infringement occurred, as per Article 77 of the GDPR.

10. Changes to This Privacy Policy

This privacy policy is subject to regular review and may be updated to reflectlegal, technical, or operational changes. Any updates will be published on this page.

11. Contact Us

For any questions or to exercise your rights, please contact:

EUnetCCC WP8 - Oslo University Hospital
[Insert email]
[Insert address]

WP8: Network Activities

Enhancing Collaborative Network Activities

This initiative focuses on fostering synergies and collaborations across European Cancer Centres to improve infrastructure and excellence in cancer care.

Learn more