PRIVATE POLICY

Introduction

This Privacy Notice explains how the MINEFIELD Project Consortium (hereinafter referred to as the “Consortium”, “we”, “us” and “our”) collects and processes your personal data. We are committed to protecting your privacy and ensuring that your personal information is handled in compliance with EU Regulation 679/2016 (General Data Protection Regulation – GDPR) and any applicable national data protection laws.

We process personal data such as your name, contact details, and email address in accordance with GDPR and relevant national regulations. Through this document, we inform all data subjects about the nature, scope, and purpose of the data we collect, as well as the rights you have regarding your personal information.

The MINEFIELD Consortium, as Data Controller, has implemented technical and organisational measures to ensure that your personal data is protected when processed through our website and project-related activities.

Key Definitions

• Personal Data – Any information relating to an identified or identifiable individual, such as a name, identification number, email address, or other unique identifiers.
• Processing – Any operation performed on personal data, including collection, storage, retrieval, use, and deletion.
• Controller – The entity responsible for determining why and how personal data is processed (MINEFIELD Consortium in this case).
• Processor – A third party that processes personal data on behalf of the Controller.
• Consent – Freely given, specific, informed, and unambiguous agreement to the processing of personal data.

Our Principles

We process personal data based on the principles outlined in Article 5 of the GDPR:

1. Lawfulness, Fairness, and Transparency – We process personal data in a lawful, fair, and transparent manner.
2. Purpose Limitation – We collect personal data for explicit and legitimate purposes only.
3. Data Minimisation – We process only data that is relevant and necessary.
4. Accuracy – We keep personal data accurate and up to date.
5. Storage Limitation – We keep data only for as long as necessary for its purpose.
6. Integrity and Confidentiality – We ensure secure processing to prevent unauthorised access or data loss.
7. Accountability – We are responsible for demonstrating compliance with these principles.

Collection of Personal Data

We collect personal data for research purposes and project-related communications, such as:

• When you contact us via email, our website, or social media channels.
• When you register for our events, workshops, or subscribe to our newsletter.
• When you provide consent to be photographed or recorded at events.

We do not share personal data with third parties outside the Consortium unless legally required or with your explicit consent.

Minors’ Personal Data

We do not knowingly collect data from minors without verifiable parental consent. If we inadvertently collect such data, we will delete it immediately.

Types of Data We May Collect

• Contact information (name, email, phone number, address).
• Professional information (organisation, role, expertise).
• Event participation data (images, videos, registrations).
• Social media information (publicly available usernames or comments).
• Website usage data (cookies – see separate cookie policy).

Legal Basis for Processing

We process personal data based on:

• Consent – e.g., newsletter subscription, event participation, or photographs.
• Contractual Obligations – to provide agreed services or research results.
• Legal Obligations – compliance with EU or national laws.
• Legitimate Interests – improving project communications and reporting to stakeholders.

Data Retention

We keep personal data only for as long as necessary:

• General project data – until project completion plus five (5) years, as required by EU research funding rules.
• Consent-based data (e.g., photos, newsletter subscriptions) – until consent is withdrawn.
• Cookies – depending on their purpose (see Cookie Policy).

Data Security

We use technical and organisational measures to protect data, including:

• Restricted access to authorised personnel only.
• Secure ICT systems with monitoring for unauthorised access.
• Encrypted communications where necessary.

Data Disclosure

We may share personal data with:

• Public authorities or EU institutions, when legally required.
• Auditors, legal advisors, or insurance providers under confidentiality agreements.
• Consortium partners who need it for legitimate project-related purposes.

Territorial Scope

All processing takes place within the European Economic Area (EEA).

Your Rights

You have the right to:

• Access your personal data.
• Rectify incorrect or incomplete data.
• Request deletion of your data (“right to be forgotten”).
• Restrict processing in certain circumstances.
• Receive your data in a portable format.
• Object to processing, including direct marketing.
• Withdraw consent at any time.

Requests can be sent to the MINEFIELD project email. We respond within one month (or up to three months for complex cases).

Data Breach Notification

If a data breach occurs, we will:

• Assess the impact and mitigate damage.
• Notify relevant authorities within 72 hours if required.
• Inform affected individuals where necessary.

External Links

Our website may link to external websites. We are not responsible for their content or privacy practices.

Cookies

See our separate Cookie Policy for information on how we use cookies.

Contact Us

If you have any questions or requests about your data, contact us via the official MINEFIELD project email.

Policy Updates

This Privacy Policy is effective from xx/xx/xxxx and may be updated when necessary. Changes will be published on our website.

Last update: xx/xx/xxxx