Privacy Policy

European Health Data Consortium

 Privacy Policy

 Created: 1 June 2026

Last Updated: 1 June 2026

Thank you for using the European Health Data Consortium. Here you will find information about the personal data we collect, how we handle these data and the options you have available to you to find out more about this. This Policy contains fields requiring your consent so you should read it carefully before deciding whether you wish to consent. The entity responsible for processing your data is Rosavine View Limited (referred to here as “we” or "us").

Table of contents

Contact / Responsible party
Collection, processing and use of personal data
Processing purposes
Legal basis for the processing of personal data
Transfer of data to third parties; service providers
How do we protect your data?
Duration of storage; retention obligations
Overview of data subject rights
Social media

Advertising and Marketing Partners

Changes to this Privacy Policy

Contact / Responsible party
Unless otherwise stated in this Privacy Policy, the data controller is Rosavine View Limited, Company No. 793917, of Landscape House, Baldonnell Business Park, Dublin 22, Dublin, Republic of Ireland, D22 P3K7.

If you would like to contact us or our data protection officer, you can reach us as follows:
Contact email address – contact@europeanhealthdata.eu

Collection, processing and use of personal data
Personal data are any information that relates to an identified or identifiable natural person (e.g. name, address, telephone number, date of birth or e-mail address), whether living or recently deceased. We do not process personal information relating to juristic persons.
When we process personal data, this means that we e.g. collect, store, use, transmit to others or delete personal data.
We only collect and process your personal data in the following cases:
- When you visit us on our website.
- When you contact us directly.

- When you contract with us for the provision or our services.

- When you participate in one of our online events.

We recognise that technology changes over time so how we collect and process your personal data can also change. We shall update this policy from time to time, but you can contact us at any time and ask for information about all the data we collect about you.
If you do not want us to process your personal data, we will not be able to provide the services set out in the Terms and Conditions.
You can find details on what data we collect below.

What data do we collect from our users in order to perform our contractual obligations?
In order to provide the services described in more detail in the Terms and Conditions, it is necessary for us to collect the personal data described below.

Communication with us
We store your communications with us in accordance with our data retention policy.

Events recordings

You may interact with us and other users if you participate in one of our online events. We may use a third party software provider to host these events. The events are recorded and stored by us and may be broadcast on social media platforms. You always have the option to decline to participate in these events.

Promotional emails - newsletters - messages
When you contact us, we collect your e-mail address. This e-mail address or any new e-mail addresses you may subsequently provide may be used by us for sending emails without the need for your consent. Your consent to the receipt of these emails is not a condition for the continued provision of our services.

If you no longer wish to receive emails, newsletters or individualised communication from us, you can at any time opt out of the use of your data for such purposes free of charge: 
(1) Click on the unsubscribe link at the end of the e-mail; or 
(2) notify contact@europeanhealthdata.eu.

​What data do we collect when you use the website?
Every time our website is accessed, the data of the website visitors is transmitted by the respective internet browser and stored in so-called server log files. These data are:
- Information about the type of browser and the Internet service provider of the user as well as the operating system used (e.g. Windows 11, Apple Mac OS, etc.)
- IP address (Internet protocol address) of the accessing device
- Name of the page accessed
- date and time of the retrieval
- the referrer URL (origin URL) from which the user accessed the page
- Amount of data transferred
- Status message on whether the retrieval was successful
- Session identification number
- Session participant pseudonym
- Screen resolution used
In addition to the data listed above, when you are using our website, essential cookies or pseudonymous IDs (such as user ID, language preference ) are stored on your end device during or after your visit to us online.

Processing purposes
We process the personal data of our users for the following purposes:
- To perform the services described in the Terms and Conditions. The legal basis for the data collection is the performance of the contract concluded with you as a service user.
- For prevention and defence against abuse. We collect, process and use personal data which are collected in connection with use of our website and services.
We also process personal data to comply with our legal obligations in the area of data security, system security and the detection of unauthorised access or access attempts.
- For the protection and defence of our rights and the performance of legal obligations. The legal basis is our legal obligations and our legitimate interest in asserting and defending our rights.
- For self-promotion through emails and via other media, including via our website. The legal basis is our legitimate interest in conducting direct marketing for our services.

- For advertising and marketing purposes to grow our community.


Legal basis for the processing of personal data
- Where we obtain your consent as a data subject for the processing of personal data, Art. 6 para. 1 (a) EU General Data Protection Regulation (“GDPR”) is the legal basis.
- When processing personal data that is required for the performance of a contractual relationship with us, Art. 6 para. 1 (b) GDPR is the legal basis. This also applies to processing operations that are required to carry out any pre-contractual measures that are necessary.
- When processing personal data to fulfil a legal obligation, Art. 6 para. 1 (c) GDPR is the legal basis.
- If the processing is necessary for the protection of a legitimate interest of us or of a third party, such as other users, and the interests, fundamental rights and freedoms of you as the data subject do not outweigh the first-mentioned interest, Art. 6 para.1 (f) GDPR serves as the legal basis for the processing.

- When processing personal data that is required for self-promotion, Art. 6 para. 1 (f) GDPR and your consent are the legal bases.

- When processing personal data for advertising and marketing purposes, Art. 6 para. 1 (f) GDPR and your consent are the legal bases.
If the legal basis is your consent, you are entitled to revoke your consent at any time without affecting the lawfulness of the processing carried out until revocation of the consent. If the legal basis is legitimate interest, you are also entitled to object at any time to the processing of personal data relating to you for personal reasons. In this respect, Art. 21 GDPR applies.

Transfer of data to third parties; service providers

Your personal data may be passed on to third parties as explained in this Privacy Policy. It will only be passed on to third parties by us if this is necessary for the performance of your contract with us, if we have a legitimate interest in transferring the data, such as self-promotion,  and/or if you have given your consent to the transfer. We do not collect your consent for all data processing activities carried out by third parties, only for the transfer of your data for the purposes described in this Privacy Policy. If you wish to ensure that all your data is being used by third parties in accordance with your wishes, you should refer to their Privacy Policies.
If personal data is transferred to third parties based on a legitimate interest, we have explained our legitimate interest in this Privacy Policy. In addition, personal data may be transferred to third parties if we are required to do so by law or by an enforceable official or court order. We cannot anticipate when these requirements may arise.

As well as partners for online events, we may use, without limitation:

  1. Google Analytics, a cookies and data collection service provided by Google to collect information about your use of the website and services to report usage trends.
  1. Google Search Console tools and reports to measure our website's search traffic and performance.
  2. A third-party provider for the processing of payments, currently Stripe Payments, Europe Limited and Stripe Payments UK, Limited. These providers also act as Merchants of Record where applicable.

We cannot list every third party to whom we transfer data in this Privacy Policy for reasons of practicality and comprehensibility. You can always obtain a list of third parties in use at a particular time by contacting us as explained in this Policy.  We reserve the right to use other service providers for the collection or processing of personal data. Service providers only receive the personal data from us that they need for their particular activities.
We may use service providers not already mentioned in this Privacy Policy for sending emails, push notifications and newsletters to members. Further, we use server capacities.

You should refer to the third-party service providers’ Privacy Policies for more information. As a rule, service providers operate as order processors, who may only process personal data of our users according to our instructions.

Advertising and Marketing Partners

We share some personal data with advertising and marketing partners so that we can grow our network and improve our services to you. For these purposes, your data is pseudonymised to the maximum extent possible.

In order to monitor the reach of advertising and marketing campaigns, we may store a first party pixel on your device for a short period of time. This is not shared with third parties and is deleted by us as soon as possible.

Transfer of data to non- EU/EEA countries/Transfer of data outside the UK/transfer to third countries
We sometimes transfer personal data to third parties or processors who are based in non-EU/EEA countries. We need to make these transfers in order to fulfil our contractual obligations to you. In addition, prior to the transfer, we either ensure that either an adequate level of data protection exists in the recipient country (e.g. due to an adequacy decision of the EU Commission for the country in question) or we use an agreement with the recipient containing the EU-approved  standard contractual clauses or, when transferring data from the UK to a country which does not have an adequacy decision, we use the EU standard contractual clauses approved by the UK Information Commissioner and International Data Transfer Agreements and Addendum to the Standard Contractual Clauses for  the recipient).

How do we protect your data?
We operate a privacy by design and default policy. We implement security measures such as strict role-based access criteria when dealing with your personal data, encryption in transit and at rest and authentication tools in line with current best practice to ensure the security, integrity and availability of users' personal data. We aim to keep our security policy up to date and you can contact us at any time via the details given above to ask about our security policy.

Duration of storage; retention obligations
We store your data for as long as is necessary to provide our online services and the associated services, or for as long as we have a legitimate interest in continuing to store it. In all other cases, we will delete your personal data with the exception of data that we need to comply with contractual or legal (e.g. tax or commercial law) retention periods. This means that different retention periods apply to different types of personal data. If you want more information about our data retention periods, please get in touch with contact@europeanhealthdata.eu for further details. The following applies to users: you can cancel the storage of the personal data contained in your profile at any time. This cancellation does not affect the legality of the processing of your data by us up to the point of cancellation.
In the case of a user asserting data subject rights, we store those data which are necessary for performance or proof during any relevant national limitation period.

Data subjects' rights
You have important rights in respect of your personal data under the GDPR and applicable national laws.
To assert your rights, please use the information in the Contact section and enable us to clearly identify you when you assert your rights. You should address your requests to contact@europeanhealthdata.eu.

If you wish to object to direct marketing, please contact us using the details above.
For a more detailed explanation of your rights, including your rights to lodge an official complaint against us, you should contact the relevant data protection authority in your place of residence.

Social media 
Our website may contain social media plug-ins. The operator of the social media site is responsible for its own data protection and you should refer to its policies.

 

Changes to this Privacy Policy

We update this Privacy Policy from time to time by posting the latest version here. Please check this Policy for updates.

I have read this Privacy Policy and I agree that you may process my personal data as described here.

Scroll to Top