LAST UPDATED 14 May 2023
Thank you for visiting the TRANSCEND website.
Who we are
TRANSCEND is a three-year EU-funded project (Grant Agreement no: 101073913) that began in October 2022 and ends in September 2025. UK participants are supported by UKRI grant number 10041916 (Trilateral Research Ltd.). For further information, we can be contacted at: email@example.com
The personal data types we collect and why
We collect the following types of personal data about individuals:
- Contact details and professional affiliation (e.g., name and email) when you sign up for our newsletter, to our Network or ask us a question, or when we invite you to take part in a survey, pilot activities, workshop or conference to gather your feedback on our research activities.
- Visitor information (e.g., country of residence, IP address) that is collected to understand visitor trends and what content they engage with, as well as to help us comply with legal and regulatory obligations. We will not use this information to identify visitors to the TRANSCEND website.
The lawful bases for processing personal data
During the TRANSCEND research project, each of the partners will act as the data controller and therefore will be responsible for the implementation of data protection rules in relation to the processing operations it will perform. TRANSCEND partners will be considered as joint controllers when they jointly determine the purposes and means, or at least the essential elements of these purposes and means, for data processing operations that will be performed within the TRANSCEND project.
For personal data processed through the website only, Trilateral Research Ltd. will act as the data controller. For personal data processed as a result of emailing us or subscribing, the data controllers will be Trilateral Research Ltd., the European Organisation for Security and the Peace Research Institute Oslo.
TRANSCEND partners will process personal data in accordance with the GDPR, in addition to adhering to all relevant national legislation (e.g., UK-GDPR). We expect to process personal data on the following legal basis:
- Consent – When you provide us with your personal data directly, for example, when you subscribe to our newsletter, Network or email us .
- Legitimate interest – We process personal data such as your IP address or country of residence, or your name, professional affiliation and email for the purposes of :
- Enhancing our research delivery to relevant audiences; and
- Undertaking wider but relevant dissemination activities.
- Legal obligations – We may process personal data to meet legal obligations such as reporting to the European Commission and promoting project results to multiple audiences, including the media and the public .
How we secure your personal data when we process it
We have put technical and organisational security policies and procedures in place to protect personal data (including, if necessary, sensitive personal data) from loss, misuse, alteration, or destruction. We aim to ensure that access to your personal data is password protected. Data is restricted only to a limited number of individuals who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information. We install and regularly update all security and anti-virus software in use on all of our systems, nevertheless the security of data transmitted over the internet cannot be completely guaranteed. In addition, the consortium conducts ethical and data protection monitoring over the duration of the project, wherein the consortium will identify and assess any ethical or data protection risks and find solutions to overcome any such risks.
Do we share personal data with third parties?
The TRANSCEND consortium will generally not share personal information with anyone except the European Commission, if it so requests. All partners will treat information received from other partners as confidential and will not disclose it to third parties, unless it is obvious that the information is already publicly available or there is a legal obligation to do so. The partners will impose the same obligations on their employees and suppliers.
We may occasionally share personal data with trusted third parties, such as those listed below, to help us deliver efficient and quality services. When we do so, we ensure that recipients are contractually bound to safeguard the data we entrust to them before we actually share the data. We may engage with several or all of the following categories of recipients:
- Parties that support us as we provide our services (e.g., cloud-based software services such as Dropbox, Microsoft Sharepoint, Matomo Analytics, EUSurvey)
- Our professional advisers, including lawyers, auditors and insurers
- Payment services providers
- Marketing platforms (e.g., MailChimp)
- Law enforcement or other government and regulatory agencies (e.g., tax authorities) or to other third parties as required by, and in accordance with, applicable law or regulation
- The European Commission when we are required by them to do so in relation to our work with them on EC-funded Horizon Europe projects.
Do we transfer your personal data outside the EU?
We store personal data on servers located in the EU, but also in the EEA (Norway) and in the UK, where partners are based. As mentioned, we may also transfer personal data to reputable third-party service providers, notably GoogleDrive and Dropbox which may also be located outside of the EU.
Cookies are small text files that are placed on your computer to make websites work better and to provide information to the owners of the website about its use by visitors. We only use third-party cookies on our website.
Your data protection rights
You have the following rights regarding our processing of your personal data. You can exercise your rights by emailing us (see below) including:
- Right to withdraw consent – You can withdraw consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent.
- Right of access – You can ask us to verify whether we are processing personal data about you and if so, to have access to a copy of such data.
- Right to rectification and erasure – You can ask us to correct our records if you believe they contain incorrect or incomplete information about you or ask us to erase your personal data after you withdraw your consent to processing or when we no longer need it for the purpose it was originally collected.
- Right to restriction of processing – You can ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction.
- Right to data portability – In some circumstances, where you have provided personal data to us, you can ask us to transmit that personal data (in a structured, commonly used, and machine-readable format) directly to another company.
- Right to object – You can object to our use of your personal data for direct marketing purposes, including profiling or where processing has taken the form of automated decision-making. However, we may need to keep some minimal information (e.g., e-mail address) to comply with your request to cease marketing to you.
- Right to make a complaint to your local Data Protection Authority (DPA) (see https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm) regarding any concerns you may have about our data handling practices.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make an initial request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.
How long do we retain personal data?
We retain personal data to provide our services, stay in contact with you and to comply with applicable laws, regulations and professional obligations to which we are subject. Please note that we have an obligation to retain data concerning European Union research projects (Horizon Europe) for up to five years after the end of the project (unless further retention is requested by auditors).
As the records and documentation containing personal data have been collected within the delivery of a European Commission project, we expect that the Commission will process it in compliance with the GDPR. After the expiry of the retention period, and unless further legitimate grounds for retention arise, we will dispose of personal data in a secure manner.
If you have any concerns as to how your data is processed or if you have some issues or queries concerning the TRANSCEND website, you can contact us at: contact@TRANSCEND-project.eu
 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (‘GDPR’).
 Article 6.1.a of GDPR states that processing is lawful if the data subject has given consent to the processing of his or her personal data, for one or more specific purposes.
 Article 6.1.f of GDPR states that processing is lawful if it is necessary for the purposes of legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
 Article 6.1.c of GDPR states that processing is lawful if it is necessary for compliance with a legal obligation to which the controller is subject. Article 38.1 of the project’s Grant Agreement between the European Commission and the project states that beneficiaries of Horizon Europe projects have an obligation to promote the project and its results.