Legal basis of this privacy notice
The legal basis of this privacy notice is the European Union’s General Data Protection
Regulation (GDPR). Therefore, EUREC is committed to adhering to the following principles
enshrined in Art. 5 (1) GDPR:
Scope of this privacy notice
This privacy notice applies to personal data EUREC processes in the research projects EUREC
participates in. It informs research partners, research subjects and other stakeholders about
how EUREC collects, generates and processes personal data in general.
EUREC does this in the public interest, in the interests of EUREC’s research partners and/or in
the legitimate interests of EUREC itself. You will always be specifically informed about this
and, where necessary and required by law, will be asked for your consent.
How EUREC collects personal data
EUREC collects personal data directly and indirectly.
EUREC collects personal data directly from individuals by various means. For example, EUREC obtains personal data when:
Please note that this list is not exhaustive, but only lists the most common sources of personal data EUREC regularly draws on.
EUREC collects personal data indirectly about individuals from various sources. These sources include, but are not limited to:
Types of personal data EUREC collects
The personal data types EUREC collects vary depending on the purpose of data collection.
Because EUREC participates in a number of research projects and fulfil different tasks, EUREC collects different types of personal data, including:
What EUREC does with your personal data
EUREC processes your personal data in order to accomplish research purposes specified in
contracts. You can find an overview of the projects EUREC currently participates in on its
website. The projects’ websites provide further information on what our research is about
(http://www.eurecnet.org/eurec_projects/index.html). Most commonly, but not only, EUREC processes personal data to organise events, administer stakeholder or expert boards, gather research data and comply with legal and regulatory obligations.
Sharing of your personal data with third parties
EUREC may share your personal data with research partners or trusted third parties in order
to meet research objectives or contractual obligations. Before sharing any personal data,
EUREC ensures that our partners are contractually obliged to adequately safeguard the data.
Recipients whom EUREC may share data with are:
EUREC is legally required to do so
Transferring your data outside the European Economic Area EUREC stores all your personal data on servers located in the European Economic Area (EEA). EUREC may transfer data to research partners outside the EEA if this is necessary to accomplish research objectives. Transfers may happen, for example, when an institution EUREC collaborates with is located outside Europe. Before transferring your personal data, EUREC ensures that the partners safeguard the data in accordance with pertinent data protection legislation and regulation as well as contractual obligations.
Your rights
With regard to your personal data processed by us, you have the following rights:
In order to exercise these rights, please contact our data protection officer via email
(dataprotection@eurecnet.org) or per post (see contact information below). EUREC may need
to ask specific information from you in order to confirm your identity. In this manner, EUREC
strives to ensure that no personal data is disclosed to any unauthorised person. EUREC may
be unable to comply with your request due to other pertinent lawful grounds.
How long EUREC retains personal data
Unless legal exemptions apply or contractual provisions mandate otherwise, EUREC deletes
all personal data once the purpose for which it has been collected is accomplished. The GDPR’s
research exemption permits us to store your personal data for extended periods of time (see
above). Moreover, research projects funded by the European Commission under the auspices
of the Horizon 2020 programme, require EUREC to retain data for up to ten years after the
end of the project (even further retention may be requested by auditors).
Updates of this privacy notice
This privacy notice is reviewed regularly and updated if necessary.
Contact information
If you have any questions relating to how EUREC processes your personal data within our
research projects, you can contact per post or via email. EUREC will respond to your queries
within 30 days.
EUREC Office
Bonner Talweg 57
53113 Bonn
Germany
eurec@eurecnet.org