Privacy Policy
Who we are
Thank you for visiting the Synthetic Image Detection website. We pay a lot of attention to protecting your personal data. This data protection declaration sets out the method, extent and purpose of the processing of your personal data.
This website is managed by the Media Verification team (MeVer)
Address: 6th km Harilaou – Thermi, 57001, Thessaloniki, Greece.
Legal basis of processing
The processing of personal data is based on your provided consent [Article 6.1.a of the Regulation (EU) 2016/679 (GDPR)], through the usage of the Service.
You can revoke your consent to collect, process and use data at any time, with effectiveness for the future.
Personal data processing through the website
Our web page utilises performance/analytics cookies to analyse how the website is accessed, used, or is performing. In order to visit our Website, it is neither necessary nor possible for you to provide us with any personal data (such as your name or your e-mail address). To offer its core functionality, the service needs to process images that are either uploaded by the user or already publicly accessible on the Web. A copy of the image is stored by the system, alongside information resulting from the automated analysis of our tools (metadata, tampering localization maps, etc). This information can be accessed by other users if they provide the service with a URL pointing to an exact copy of the image file. Thus, if an exact copy of the same file is available elsewhere on the Web, the same analysis data will be recalled from the database and shown to any user that submits its URL. Furthermore, gaining access to the URL of the analysis report also gives access to the originally submitted image URL, and thus may lead to acquiring the submitted image as well. If the uploaded image contains personal data, we collect, process and use this information only for the purposes of providing the Website and the services available on the Website.
Will your information be shared with anyone?
We will not, in any circumstances, share your personal information with other individuals or organizations without your permission, including public organizations, corporations or individuals. We do not sell, communicate or divulge your information. Our staff and any service providers we work with are bound to confidentiality and to observing the applicable data protection regulations.
Profiling
We do not use personal data for profiling.
How long do we keep your information?
We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.
How do we keep your information safe?
We have taken appropriate organizational and technical measures to protect your personal data from misuse, interference, loss, unauthorized access, modification or disclosure. The measures we use include implementing appropriate measures in access control and technical information security, such as up-to-date software, secure connections and building control access to our premises.Access to your personal data is allowed only to our competent employees to support the activities of the Service.
Your rights under data protection legislation
As a data subject, you are entitled to exercise the rights delineated in this section of the privacy policy. It might be necessary for us to request certain information from you to verify your identity and ensure your entitlement to access the information or exercise any of your other rights. This measure helps us to guarantee that personal data is not disclosed to any unauthorized individual. Under certain circumstances, we may be unable to comply with your request due to other lawful grounds. Your rights, which may be subject to provisions that may restrict the exercise thereof, are:
- Right to be informed (Articles 13 and 14 of the GDPR)
You have the right to receive clear and transparent information about how we use your personal information data and what your rights are. For this purpose, we provide you with the information in this Privacy Policy and we encourage you to contact us for any clarifications. - Right to access (Article 15 of the GDPR)The data subject can request access to their data. Granting the right to access only occurs where the identification of the data subject is possible and the URLs to the personal data are provided by the subject.
- Right to rectification (Article 16 of the GDPR)The data subject has the right to obtain the rectification of inaccurate personal data concerning them. The exercise of this right is only possible where the data subject can be identified and the inaccuracy of data is verified.
- Restriction of processing (Art. 18 of the GDPR)The data subject has the right to obtain the restriction of processing, where:
- the accuracy of the personal data is contested;
- the processing is unlawful and the data subject opposes the erasure of personal data and requests the restriction of processing instead; - the controller no longer needs the personal data, but they are required by the data subject for the establishment, exercise or defence of legal claims; - the data subject has objected to processing pursuant to GDPR Article 21.1 pending the verification whether the legitimate grounds of the controller override those of the data subject.The exertion of this right may require provision of further information to allow identification of the data subject. - Right to be notified regarding the rectification or erasure of personal data or processing restriction (Article 19 of the GDPR)The data subject has the right to be notified about any rectification or erasure of their personal data or any restriction of processing regarding any receiver, to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
- Right to object (Article 21 of the GDPR)The data subject has the right to object, at any time to the processing of personal data concerning them unless the data controller demonstrates compelling legitimate grounds for the processing that override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. In order to exercise this right, further information may need to be provided in order to identify the data subject.
- Right to erasure (Article 17 of the GDPR)
The data subject has the right to obtain erasure of personal data concerning them, if:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the data subject withdraws consent on which the processing is based;
- the data subject objects to the processing pursuant to Article 21.1 and there are no overriding legitimate grounds;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
- the personal data have been collected in relation to the offer of information society services referred to in Article 8.1.
In the request for erasure, the applicant must specify the exact URL of the data for which deletion is requested. - Right to data portability (Article 20 of the GDPR)
You may request that we give you, or transfer to a third-party provider (where technically feasible), in electronic form, certain information that you have provided to us.
In the request for exercising the data portability right, the applicant must specify the exact URL of the data for which receival or transmission is requested. - Right to lodge a complaint with a supervisory authority (Article 77 of the GDPR)
You have the right to lodge a complaint directly with the national data protection supervisory authority regarding how we process your personal data.
Contact
You can use the contact email provided on our Website to contact us directly or to request current information from us. We collect, process and use the information you provide in a contact form exclusively to handle your request. We are happy to answer any further questions on data protection and processing of your personal data. You can contact us at verifymedia@iti.gr