The NEXRUR Privacy Policy describes how the www.nexrur.eu website is operated and how personal data collected by the website is processed, in agreement with the General Data Protection Regulation. To find out more about the EU Data Protection Rules click here.
This page informs users of the policies followed by the NEXRUR project regarding the collection, use, and disclosure of personal data when browsing the NEXRUR website.
The NEXRUR project uses data to analyse the impact of its communication activities and provide and improve its services to rural stakeholders, policy makers and business players. By browsing the NEXRUR website, users agree to the collection and use of personal data in accordance with this policy.
Data Manager
The company responsible for the processing of NEXRUR website data is Greenovate! Europe EEIG, registered at Avenue Louise 231, 1050 Brussels, Belgium.
General Project Participation and Project ‑ Management – Related Data Collection
GENERAL
This Privacy Policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed in connection with your participation in the NEXRUR project, funded by the European Union under Grant Agreement No. 101181273. This notice applies to individuals who engage with the project in a non‑research capacity, including but not limited to participants in project events, stakeholders attending workshops or panels, representatives of institutions and organisations involved in coordination and dissemination activities, and persons interacting with project communications, platforms or administrative processes.
For the purposes of the General Data Protection Regulation (EU) 2016/679 (GDPR) and the UK GDPR, we act as the controller of your personal data in the contexts described in this Policy. We may update this Privacy Policy from time to time to reflect legal, regulatory or operational changes. Where changes are material, we may notify you using the contact details you have provided to us or through official project communication channels.
PURPOSES AND BASIS FOR THE PROCESSING OF YOUR DATA
We will process your personal data strictly for the purposes that are necessary to organise, administer and deliver the activities associated with the general management and participation in NEXRUR. This includes, without limitation: (i) registering and facilitating your attendance at project events such as workshops, trainings, conferences, stakeholder panels, case community meetings and other gatherings; (ii) coordinating communication among participants and partners to ensure appropriate engagement and contribution to activities; (iii) managing subscriptions to newsletters or briefings and distributing project communications, public updates and reports; (iv) providing access to project platforms, tools, repositories or networks that are needed for collaboration and dissemination; (v) maintaining records for audit, monitoring, reporting and compliance purposes as required under Horizon Europe rules; and (vi) monitoring and evaluating project implementation against objectives, including where necessary collating participation statistics or feedback to improve the effectiveness and inclusiveness of activities.
The principal legal basis for this processing is your consent (GDPR Art. 6(1)(a)), which we will seek prior to engaging in activities that involve the handling of your personal data. You may withdraw your consent at any time by contacting us using the details below. We may also process your data where it is necessary to comply with a legal obligation (GDPR Art. 6(1)(c)), including obligations to the European Commission or relevant authorities; for the performance of a task carried out in the public interest (GDPR Art. 6(1)(e)) in the context of EU‑funded programmes; or on the grounds of legitimate interests (GDPR Art. 6(1)(f)) pursued by us or a third party, provided that such interests are not overridden by your fundamental rights and freedoms. Where we rely on legitimate interests, we will conduct and keep records of a Legitimate Interest Assessment to document the balancing exercise carried out.
DATA WE COLLECT ABOUT YOU
The categories of personal data we may collect and process in this context are those strictly necessary to support project participation and administration. These may include:
(a) Identification and contact details (e.g., your full name, email address, telephone number, postal address and country of residence), necessary for registration, communication and organisational purposes;
(b) Professional information (e.g., your organisation, role or position, sector or domain of activity, declared areas of expertise, and your relationship to the project, such as stakeholder, farmer, researcher, policy‑maker or community representative), used to tailor communications and ensure relevant engagement;
(c) Participation data (e.g., event registration details, attendance records, contributions during workshops or meetings, survey responses, session preferences and feedback), used for logistics, reporting and improving future activities;
(d) Audio‑visual materials (e.g., photographs or recordings captured during events for documentation and dissemination purposes), which will only be collected and used in accordance with applicable law and on an appropriate legal basis, typically consent;
(e) Communication data (e.g., your emails, forms and other correspondence), maintained to ensure we can respond to queries, manage requests and preserve an accurate audit trail;
(f) Platform and website usage data (e.g., IP address, browser type and version, device identifiers, log data and analytics cookies) to support secure access, performance monitoring, troubleshooting and user experience improvements;
(g) Newsletter subscription data (e.g., your subscription preferences and records of consent).
We do not intentionally collect special category data (GDPR Art. 9) in the context of general participation and project management. Should a specific activity inadvertently or exceptionally require such data (for example, accessibility needs), we will clearly inform you and seek your explicit consent prior to any processing, and will apply additional safeguards.
DISCLOSURE OF YOUR INFORMATION
We do not sell or rent your personal data. We may disclose your personal data only as strictly necessary for the proper delivery of project activities, compliance and reporting. Recipients may include: other members of the NEXRUR consortium for coordination, reporting and dissemination tasks; authorised third‑party service providers acting under our instructions and bound by Data Processing Agreements (e.g., IT and cloud hosting providers, platform administrators, mailing and communication services, event management tools); the European Commission or the relevant agency in connection with audits, reviews, monitoring and reporting obligations; public authorities or supervisory bodies where required by applicable law or enforceable governmental request; and external auditors or legal advisors engaged to ensure compliance with contractual, regulatory or legal obligations. In each case, we require recipients to process personal data lawfully, securely and only for the specified purposes in accordance with our documented instructions.
INTERNATIONAL DATA TRANSFERS
Where the processing of your personal data involves transfer to countries outside the European Economic Area (EEA) or the UK, and where those jurisdictions may not provide the same level of data protection as your home country, we will ensure that appropriate safeguards are in place. These safeguards may include the use of European Commission adequacy decisions, Standard Contractual Clauses approved by the European Commission or the UK, or ensuring that US recipients participate in the EU‑US Data Privacy Framework (or UK Extension where applicable). Further information on the safeguards relied upon may be requested by contacting us at greenovateeurope@gmail.com.
In addition, for NEXRUR’s EU–China collaboration, no personal data will be transferred to China or any other non‑EEA/non‑UK country as part of NEXRUR’s EU–China collaboration. All exchanges with Chinese partners rely exclusively on anonymised, aggregated or otherwise non‑identifiable information, in line with the Grant Agreement and the project’s ethics requirements. Where international transfers of personal data are strictly necessary for other project purposes, they will only occur under GDPR‑compliant safeguards such as adequacy decisions, Standard Contractual Clauses, or equivalent mechanisms.
DATA RETENTION
We will retain your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy or to comply with applicable legal, regulatory and audit requirements. In determining appropriate retention periods, we consider the nature and sensitivity of the data, the purposes for which it is processed, the existence of any statutory obligations, and the operational need to maintain records for accountability and reporting under Horizon Europe. Once data is no longer required, we will securely delete or anonymise it. Where anonymisation is possible and appropriate, we may retain anonymised data for statistical or reporting purposes, as it no longer constitutes personal data.
DATA SECURITY
We implement appropriate technical and organisational measures designed to protect your data against unauthorised access, accidental loss, destruction or damage. Such measures may include, as appropriate to risk: access controls based on roles and need‑to‑know, secure authentication, encryption in transit and at rest, network and application security safeguards, regular backups and tested restoration procedures, logging and monitoring of access, least‑privilege principles, and staff training on data protection and confidentiality. Where data is handled in collaborative environments or repositories used by the consortium, permissions are configured to ensure that only authorised users can access relevant materials.
YOUR RIGHTS
You have certain rights under the GDPR and UK GDPR with respect to your personal data, subject to limitations set out in law. These include the right to request access to your data, request rectification of inaccurate or incomplete data, request erasure where there is no overriding reason for continued processing, request restriction of processing in certain circumstances, object to processing where it is based on legitimate interests or public task (including objecting to direct marketing), and request data portability in a structured, commonly used and machine‑readable format. Where processing is based on consent, you also have the right to withdraw your consent at any time. To exercise your rights, please contact us at greenovateeurope@gmail.com. We will respond within the timeframes established by applicable law.
CONTACT AND COMPLAINTS
If you have any questions, comments or requests regarding this Privacy Policy or our processing of your personal data, please contact greenovateeurope@gmail.com.
[ONLY IF APPLICABLE] You may also contact our Data Protection Officer at NEXRUR@atb-potsdam.de.
You have the right to lodge a complaint with your national supervisory authority if you believe that your data protection rights have been infringed.
CONSENT TO USE OF AUDIO‑VISUAL MATERIALS (GENERAL PARTICIPATION)
From time to time, we may wish to use photographs or short recordings from project events for communication or dissemination. Where such materials would make you identifiable, we will seek your explicit consent prior to publication, explaining the precise purpose, medium and scope (e.g., project website, newsletters, public reports). You are entirely free to refuse or withdraw consent without any adverse consequences for your participation in the project.
Scientific or Research‑Focused Data Collection (e.g., interviews with external actors, stakeholders, focus groups)
GENERAL
We are GREENOVATE! EUROPE, with registered address Avenue Louise 231, 1050 Brussels (referred to herein as “we”, “us” or “our”). This Privacy Policy explains how we process personal data in the context of research activities undertaken as part of the NEXRUR project (Grant Agreement No. 101181273). It applies to individuals who participate in research‑related activities such as interviews, surveys, focus group discussions, participatory observation, fieldwork and similar engagements for scientific purposes. The purpose of this Policy is to ensure that you are informed about how and why your data will be collected, how it will be protected, and what rights you have in relation to it.
For the purposes of the GDPR and UK GDPR, we act as the controller for the processing operations described herein. Where research is conducted jointly with other consortium partners, each partner may act as an independent controller for the data it collects, or we may act as joint controllers for specific tasks. Where relevant, the roles and responsibilities for data protection will be clarified in the participant information sheet or consent form made available to you.
PURPOSES AND BASIS FOR THE PROCESSING OF YOUR DATA
We process your personal data primarily for scientific research within the scope of NEXRUR. This includes, without limitation: (i) planning and conducting qualitative and quantitative data collection through interviews, surveys, focus groups and participatory observation; (ii) analysing data to understand stakeholder perspectives, practices, constraints and opportunities in relation to sustainable rural business models, resilience strategies and innovation processes; (iii) developing and validating tools, frameworks, indicators and strategies useful for policy, practice and further research; (iv) preparing academic publications, reports, deliverables and communication materials; and (v) demonstrating accountability and ethical compliance in line with funder requirements.
The principal legal basis for research processing is your consent (GDPR Art. 6(1)(a)), which we will request in a clear and specific manner before you participate. Depending on the nature of the research and the applicable national frameworks, we may additionally rely on public interest in the area of scientific research (GDPR Art. 6(1)(e) in conjunction with Art. 89) or legitimate interests (GDPR Art. 6(1)(f)), provided your rights and freedoms are not overridden. If we foresee the collection of special categories of data (GDPR Art. 9), such as opinions that could indirectly reveal political beliefs, trade‑union membership or health‑related information, we will only process such data where strictly necessary for the research purpose and subject to your explicit consent and appropriate safeguards (e.g., pseudonymisation, access limitations, secure storage and minimisation).
In addition to the primary research purposes of NEXRUR, and subject to your consent, your anonymised or pseudonymised data may be used for future scientific research beyond the timeframe of this project. Such future use will always respect GDPR safeguards, meaning that only sufficiently anonymised data—or pseudonymised data with strict access controls—will be retained for secondary analysis, comparative studies, or for informing follow‑on research projects. You may choose whether to allow this future use when giving your consent, and refusal will not affect your participation in NEXRUR.
CLEAR CONSENT FOR PUBLICATION (NON‑ANONYMISED DATA)
Our default approach is to anonymise research data prior to dissemination or publication so that you cannot be identified. However, circumstances may arise where anonymisation would significantly diminish the scientific value (e.g., direct quotes attributed to a named expert, identifiable photographs from a case context, or audio/video materials used for illustrative purposes). In such cases, we will inform you clearly and in advance and request your separate, explicit consent for publication of non‑anonymised data. This consent will specify exactly what will be published, where, for what purpose, for how long, and your right to refuse or later withdraw consent (noting that withdrawal may not be able to undo publications already disseminated). Your participation in the research will not be adversely affected if you choose not to consent to publication of identifiable data.
DATA WE COLLECT ABOUT YOU
The categories of personal data collected will depend on the research activity and may include:
(a) Identification and contact details (e.g., name, email, telephone), used to organise interviews, send information sheets, schedule sessions and share transcripts for review where applicable;
(b) Professional information (e.g., your organisation, role, responsibilities, sector, relevant experience and expertise), collected to contextualise research findings;
(c) Interview and survey responses (including opinions, narratives, experiences and qualitative insights), which may be audio‑recorded or transcribed with your informed consent;
(d) Audio‑visual materials (e.g., recordings, photographs or video captured during research activities), obtained only where necessary for research purposes and subject to your consent;
(e) Observational notes produced by researchers during participatory activities or fieldwork;
(f) Communications regarding scheduling, clarifications and follow‑up;
(g) Technical data where online tools are used (e.g., connection metadata), captured to ensure secure and effective delivery of remote sessions.
Where possible and appropriate, we will employ measures such as pseudonymisation and separation of key identifiers from content data to reduce privacy risks, especially before analysis and sharing within the research team.
DISCLOSURE OF YOUR INFORMATION
Your personal data may be shared strictly on a need‑to‑know basis with: (i) researchers and authorised staff within the NEXRUR consortium who are involved in the relevant work packages; (ii) third‑party processors providing secure services such as transcription, survey platforms, cloud storage or video‑conferencing systems, all acting under our instructions and subject to Data Processing Agreements; (iii) the European Commission or relevant agency for monitoring, audit or review processes; and (iv) ethics committees, where review or oversight is required. We do not sell or rent your personal data. Any sharing will be limited to what is necessary and proportionate to the research tasks, taking into account confidentiality undertakings and applicable ethical standards.
INTERNATIONAL DATA TRANSFERS
If it is necessary to transfer data outside the EEA or UK (e.g., due to the location of a secure cloud processor or a collaborating institution), we will implement appropriate safeguards, which may include EC adequacy decisions, Standard Contractual Clauses or reliance on certified frameworks such as the EU‑US Data Privacy Framework. We will inform you, upon request, about the specific safeguards relevant to your data.
DATA RETENTION
We will retain personal data for no longer than is necessary for the purposes of the research and in line with applicable legal and ethical requirements. In general, interview recordings will be deleted within 90 days of collection, unless you have explicitly consented to an extension for quality assurance or publication purposes. Transcripts may be retained for the time required to complete analysis and validation, after which they will be anonymised or pseudonymised where feasible. Anonymised datasets that no longer enable identification may be preserved for archiving, transparency and secondary analysis consistent with research ethics and legal requirements. Where data must be retained to meet funder audits or reporting obligations, we will apply storage limitation and access controls to minimise any impact on your rights.
DATA SECURITY
We adopt appropriate technical and organisational measures to safeguard research data, proportionate to the sensitivity and risk. These may include access control based on roles and research need, secure user authentication, encryption in transit and at rest, logically separated storage for identifiers and content, systematic backups and tested restoration, restricted sharing with watermarking or expiring links where applicable, and documented procedures for handling data breaches in line with legal notification requirements. Researchers and staff receive training on confidentiality, data protection and ethical conduct, and must follow internal protocols set out in the Data Management Plan and relevant Standard Operating Procedures.
YOUR RIGHTS
Under the GDPR and UK GDPR, you have the right to request access to the data we hold about you, request rectification of inaccuracies, request erasure of your personal data where there is no compelling reason for its continued processing, request restriction of processing in legally specified circumstances, object to processing on grounds relating to your particular situation (especially where based on legitimate interests or public task), and exercise data portability where technically feasible and legally applicable. Where processing is based on your consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal. You may exercise your rights by contacting greenovateeurope@gmail.com.
CONTACT AND COMPLAINTS
If you have any questions, comments or requests regarding this Privacy Policy or the handling of your personal data in research activities, please contact greenovateeurope@gmail.com.
For any data protection‑related matters, you may contact us at NEXRUR@atb-potsdam.de.
Where applicable, you may also contact our institutional Data Protection Officer via the same contact channel.
You also have the right to lodge a complaint with your national supervisory authority if you believe your data protection rights have been violated.
CONSENT TO PARTICIPATE AND CONSENT FOR PUBLICATION
Prior to participating in research activities, you will receive a Participant Information Sheet explaining the nature, scope and implications of the research. Your consent to participate will be obtained in writing (or electronically) and will cover, where relevant, (i) participation in interviews/surveys/focus groups; (ii) permission to audio‑ or video‑record the session; and (iii) permission to contact you for follow‑up or clarification.
In addition, where we propose to use non‑anonymised materials for publication or dissemination (e.g., identifiable quotes, photos, audio/video), we will request a separate and explicit Consent to Publication, specifying the exact content to be published, its intended audience and channels (e.g., academic journals, project website, policy briefs), the duration of use, and your right to refuse or withdraw your consent. Declining publication consent will not affect your participation in the research.
ANNEX 1
☐ I consent to the use of my anonymised/pseudonymised data for future scientific research beyond the NEXRUR project timeframe.
Consent to Participate (Research Activities)
“I have read and understood the Participant Information Sheet for the NEXRUR research activity. I have had the opportunity to ask questions and have received satisfactory answers. I voluntarily agree to participate. I understand that I may withdraw at any time without penalty and without giving a reason.”
☐ I consent to participate in the research activity.
☐ I consent to audio/video recording for research purposes.
☐ I consent to be contacted for follow‑up.
Consent to Publication of Non‑Anonymised Data (if applicable)
“I understand that the default is anonymisation. I have been informed that the following identifiable materials are proposed for publication or dissemination: [description]. I consent to the publication and use of these materials for the purposes and channels described in the Consent to Publication form. I understand that I can refuse or withdraw my consent at any time, although withdrawal may not affect materials already disseminated.”
☐ I give explicit consent to publish the described non‑anonymised materials.
Place/Date/Signature (or electronic acknowledgement)
Changes in Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Questions
For any question, you can contact us by email using our contact form.
