This Privacy Notice gives you information about

• the personal data we collect about you in relation to and with respect to your registration and participation to the Huawei European University Challenge Site and related events and activities, and further potential communication in relation to similar events as well as potential internship or job fair at Huawei,
• how and why we process your Personal Data with respect to such registration, events and related activities, as well as
• how to exercise your rights as a Data Subject.

There is a section at the end of the notice regarding your rights and another section (called the Glossary) which explains some terms used in this Privacy Notice.

Personal data comprises all or any of the following:

• Given name and family name
• Username
• Team name(s) (when registering for a particular Huawei European University Challenge event)
• University or School
• Contact details (email address and optional websites and public social media accounts or webpage if any)
• IP Address
• Photograph, image, and voice as part of video performed as part of the event organied by Huawei
• Education and qualification with school and date of graduation including copy of school/university registration certificate to confirm registration with such school/university
• Participant Copyright statement of the work/contribution submitted as part of the participation to the Huawei European University Challenges
• Messages exchanged on the Huawei European University Challenge Site and other online systems (video conference call, forum, chat platform provided to the participants) used to support the Huawei European University Challenge events and related activities
• Multimedia items showing or recording the people participating in official events, webinars, their image, voices, statements, etc. posted on, or otherwise made available, on the Huawei European University Challenge Site
• Additional cookies if any (see below Cookies section for more details) relating to applicable Services and benefits on the Huawei European University Challenge Site

The Data Subject may provide additional information on a voluntary basis.
Huawei does not require Special Category Personal Data to be provided as part of your Personal Data.

Data will be either

• provided by the Data Subject (including in registering at the Huawei European University Challenge Site and participating online in any Data Challenge and/or in related physical and/or live events,
• come from publicly available resources such as the website of the University/School/Research center, blogs, or other publications, from academic websites, blogs, or other publications, from professional or academic network websites, public technology surveys and reports, articles or from other publications, or
• generated by Huawei, its affiliates, partners, or suppliers, pursuing the organization of Huawei European University Challenges (e.g, the competition leaderboard) and related activities and events which involves the Data Subject.

Huawei processes Personal Data

• to manage access and browsing of the website,
• to manage the registration of the Data Subject on the website as member,
• send to the Data Subject newsletters and invitations to participate in Huawei European University Challenge events,
• to manage the registration to the different Huawei European University Challenge events which the Data Subject subscribes for and participates in,
• to manage pre-contractual and contractual relationship with or involving the Data Subject and/or participation in a Huawei European University Challenge and related events and activities (including sending invitation, managing participation, inviting to ceremony),
• to communicate and exchange with the Data Subject in connection to Huawei European University Challenge events and activities as described in the Huawei European University Challenge Site Terms and Conditions and pages, submission of contribution, and content and related interactions, including discussions on the platforms and other online systems (video conference call, chat platform provided to the participants), creation of teams, presentation to the jury, and allocation of the prizes,
• to communicate about Huawei European University Challenge events, its participants and results,
• to make and maintain contact with the Data Subject in relation to such subject matters and similar events as well as for potential internships or job fairs at Huawei and/or its Affiliates;
• to support marketing and promotion activities (subject to consent) on social media such as Facebook (Huawei fan page), Twitter, LinkedIn, Instagram, as well as Huawei Website, YouTube, and other platforms, Huawei internal channels or in events organized by Huawei and external news publications (the publishing includes all forms of publication online and offline),
• to manage taxation and accounting in connection to the prizes allocated to the events and results of the Data Challenges, where applicable, and
• to communicate with the Data Subject in connection to the events or prizes after the jury's decision on the events.

Huawei processes Personal Data on the following legal bases:

• Art. 6 (1) (a) of the GDPR Consent for certain data provided directly by the Data Subject (pictures, video recording).
• Art. 6 (1) (f) of the GDPR - the legitimate interests pursued by Huawei. The processing of Personal Data is essential for our business operations and in our mutual interests to operate the platforms used to organize and perform Huawei European University Challenges.
• Art 6 (1) (b) of the GDPR - processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request as the Data Subject prior to entering into a contract. Failure to provide your personal data will prevent you from participating in Huawei European University Challenges.
• Art. 6. (1) (c) of the GDPR - Processing is necessary for compliance with a legal obligation to which Huawei is subject (for example the duty to keep the records to demonstrate the compliance with rules and conditions of Huawei European University Challenges and related Terms and Conditions of Huawei European University Challenges).

Failure to provide Personal Data may prevent the Data Subject from participating in Huawei European University Challenges. Please note however that the withdrawal of his/her consent will not affect any use of the information made before the Data Subject withdrew his/her consent; nor does it affect any data processing based on another justification other than his/her consent.

Directors, managers, and/or other employees within Huawei group of companies (IT, HR) who are involved in such Huawei R&D activities and events.

We process Personal Data for the time needed for the purposes above and for no longer than is necessary for the purposes stated in this Statement. Unless the Data Subject exercises the right of erasure, Personal Data will be retained for two (2) years from the end of the latest Huawei European University Challenge competition in which the Data Subject participated. At the end of the contractual relationship, some of Data Subject's Personal Data will be archived for five (5) years to comply with the legal obligations of the Controller.

We, and/or affiliates mentioned above, also have contractors and suppliers, which provide support and services, such as managing the online platform and web pages for such activities and/or managing Huawei European University Challenge events or other events such as award ceremony and job fairs.

Huawei is a world-wide group of companies which operate not necessarily along the borders of legal entities and countries, but according to functions which may exist across various group companies and countries. Like most global organizations, Huawei has centralized data management systems in place which involve Personal Data being accessible by Huawei group companies outside the European Economic Area.

In particular, we have R&D Centers and cooperation team members in various countries. We also have IT management systems as well as event, travelling, and accommodation support, which are hosted and managed by our parent company (Huawei Technologies Co. Ltd.) and affiliates supporting events (Smartcom (Hong Kong) Co., Ltd.).

This international transfer of Personal Data is covered by appropriate safeguards for the transfer of personal data to a third country by adopting the standard data protection clauses adopted by the European Commission in accordance with the Committee procedure set out in Article 93(2) GDPR. Further information about the appropriate safeguards may be obtained at pofr@huawei.com or https://www.huawei.com/en/personal-data-request.

As a Data Subject, you have the following legal rights in relation to your Personal Data.

Right of Access: You have the right to obtain from Huawei confirmation whether Personal Data concerning you is being processed and, where that is the case, access to a copy of the Personal Data and specific information about how Huawei processes the Personal Data.
Right of Rectification (Correction): You have the right to obtain from Huawei the correction of inaccurate Personal Data concerning you and also the right to have incomplete Personal Data completed.
Right of Erasure (Deletion): You have the right to obtain from Huawei the erasure (deletion) of your Personal Data in particular circumstances.
Right of Restriction: You have the right to obtain from Huawei restriction of processing in particular circumstances.
Right of Objection: You have the right to object to the processing of your Personal Data in particular circumstances.
Right of Portability: In certain circumstances, you have the right to receive your Personal Data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
Right to Withdraw Consent: Where the legal basis of processing Personal Data is based on consent, you have the right to withdraw your consent at any time.
Right to lodge a Complaint: If you consider your Personal Data is not being processed in compliance with the applicable laws, you have the right to lodge a complaint with the French Supervisory Authority, the Commission Nationale Informatique et Liberté (CNIL) at https://www.cnil.fr/en/plaintes.
http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm

Controller: An organization which (alone or jointly with others) determines the purposes and means of the processing of Personal Data.
Data Transfer Agreement: An agreement containing standard data protection clauses adopted by the European Union Commission as referred to in Article 46(2)(c) of the GDPR.
Data Subject: The identified or identifiable natural person to whom the Personal Data relates.
GDPR: The European Union General Data Protection Regulation (2016/679).
Legal Basis: Processing of Personal Data is only lawful if and to the extent that at least one legal basis specified in the GDPR applies. The available legal bases which are applicable in the employment context are summarized as

• consent of the Data Subject (e.g., pictures, image),
• processing is necessary to enter into or perform a contract,
• processing is necessary for compliance with a legal obligation to which the Controller is subject,
• processing is necessary in order to protect the vital interests of the Data Subject or another natural person,
• processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject which require protection of Personal Data (Legitimate Interests)

Personal Data: Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Process/Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Special Categories of Personal Data: Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.