Menu
This Privacy Policy is designed in accordance with the requirements of the EU General Data Protection Regulation (GDPR) as our primary compliance framework. It also takes into other applicable data protection laws to ensure a high standard of personal data protection.
This Privacy Policy applies to all processing of personal data carried out by the European Alliance for Innovation n. o., as described in Section 2 – Scope of this Privacy Policy. It aims to meet or exceed the level of protection required under the GDPR.
In the Privacy Policy, you will find the following sections:
European Alliance for Innovation n. o., Farská 1306/25, 949 01 Nitra, Slovakia, Company ID (IČO): 50642588, acts as the controller of your personal data within the meaning of the EU General Data Protection Regulation (GDPR) (hereinafter referred to as the “EAI”, “we”, or “us”).
For any questions or requests regarding this Privacy Policy or the processing of your personal data, you can contact us at:
Email: privacy@eai.eu
Postal address: European Alliance for Innovation n. o., Farská 1306/25, 949 01 Nitra, Slovakia
This Privacy Policy applies to all visitors and users of our websites and services, including members, partners, sponsors, academics, researchers, editors, speakers, authors, reviewers, organizers, conference participants, and event attendees.
It covers all personal data collected, stored, and otherwise processed in compliance with the EU General Data Protection Regulation (GDPR), through:
This Policy applies regardless of the form or medium in which such interactions occur and covers both automated and manual processing of personal data.
All our websites, refer to this Privacy Policy, which is available at https://eai.eu/eai-privacy-policy/
Our privacy program is designed to meet the requirements of the EU General Data Protection Regulation (GDPR) as our primary standard. Given that the GDPR establishes a high level of protection for personal data, our policies and practices are based on it as a baseline for meeting other applicable local requirements. Where local laws impose additional or different obligations, we supplement our GDPR-based approach to ensure full compliance with all relevant regulations.
We may collect and process the following categories of personal data, as necessary for the purposes described in Section 5. this Privacy Policy. The types of data listed below may include, but ate not limited to:
Identity and Contact Information – first name, last name, position, academic degree, company name, affiliation, country, email address, phone number, signature and social media profiles
Account and Login Information – first name, last name, affiliation, email address, area of interest, biography, social media profiles, preferences, photo, homepage, notification settings, and submissions.
Communications and Interactions – content of messages sent to us, including by email.
Marketing Communication Data – marketing subscriptions and areas of interest.
Public Relations Materials – photographs and video recordings.
Professional and Publication Data – publication metadata, and plagiarism check results.
Technical Data – IP address, URL requests, date and time of request, domain, request processing time, request validity, browser user agent, and referrer.
Cookies and Tracking Technologies Data– IP address, device identifiers, browser information, usage data, user preferences, visit history, interactions, location data, and settings.
Billing Information – first name, last name, affiliation, email address, billing name, billing address, postal code, billing country, billing email address, and bank account details.
Payment Information – limited to non-sensitive details; full payment card data is never stored.
We collect your personal data only to the extend necessary for the purposes described in this Privacy Policy. The data may be obtained from the following sources:
We process your personal data only we have a valid lawful basis under GDPR. These lawful bases, as defined in Article 6 of the GDPR, may include:
Contract Performance (Art. 6(1)(b) GDPR)
We process personal data when it is necessary to perform a contract or to take steps at your request before entering a contract. This includes negotiating, entering, and fulfilling agreements for services, conference participation, sponsorship, or other relationships.
Without your personal data, we cannot enter into or fulfill these contractual obligations.
Legal Obligation (Art. 6(1)(c) GDPR)
We process personal data when required to comply with legal obligations, such as accounting, tax, or reporting requirements. You are required to provide accurate and up to date personal data where necessary to meet these obligations. Failure to provide such data may prevent us from fulfilling our legal duties.
Legitimate Interest (Art. 6(1)(f) GDPR)
We may process personal data when we have a legitimate business or organizational interest that does not unfairly override your rights. Examples include improving our services, preventing fraud, analyzing website usage, or sending information about similar services you might be interested in.
You have the right to object to the processing of your personal data based on legitimate interests at any time by contacting privacy@eai.eu.
Public Interest (Art. 6(1)(e) GDPR)
We may process personal data when necessary for tasks carried out in the public interest, such as organizing scientific conferences, publishing research, or other activities that advance education and knowledge for the public good.
You can object to processing based on public interest at any time by contacting privacy@eai.eu.
Consent (Art. 6(1)(a) GDPR)
In some cases, we process personal data based on the consent you expressly grant to us. When we process personal data based on your consent, we indicate that to you at the point and time of collection. You can withdraw your consent at any time. The withdraw does not affect the processing of personal data before its withdrawal.
The next section references these lawful bases for all types of personal data and all our processing activities.
We process your personal data for specific purposes. For each purpose, we specify the lawful basis under GDPR and how long we retain your data:
|
Purpose of Processing |
Lawful Basis |
Retention Period |
|
|
Use of analytical, marketing, and third-party cookies to measure performance and improve user experience |
Consent |
Cookies and Tracking Technologies Data |
Until withdrawal of consent or according to the terms of the cookie providers |
|
Automated user profiling for personalized marketing and remarketing campaigns |
Consent |
Cookies and Tracking Technologies Data |
Until withdrawal of consent |
|
Ensuring safety, performance, and security of websites, platforms, and online services |
Legitimate interest |
Technical Data Varies depending on purpose |
Varies depending on purpose, in accordance with the Cloudflare policy |
|
Publication of information about members of EAI’s governing bodies |
Legal obligation |
Identity information |
Duration of mandate + 5 years |
|
Administration of EAI Fellow/Member Class |
Contract performance Public interest |
Identity Information |
5 years |
|
Membership database (Lisperator) |
Legitimate interest |
Identity and Contact Information |
3 years after last seen |
|
Sending invitations to committee chairs, members, and speakers |
Legitimate interest |
Identity and Contac Information |
Duration of event + 5 years |
|
Managing disclosure of committee members, agenda announcements, accepted papers, keynote speakers |
Contract Public interest |
Identity Information |
Duration of conference website´s existence |
|
Account creation, login, and user profile management |
Legitimate interest |
Account and Login Information |
Until account deletion, max. 5 years from last activity |
|
Processing of registration forms and participation details for conferences |
Contract performance |
Identity and Contact Information Billing Information Payment Information |
10 years |
|
Subscription management and sending of newsletters |
Consent
|
Marketing Communication Data |
Until unsubscribed, max. 1 year after the last email was opened |
|
Sending information about professional/self-realisation by email to the EAI community (contacts with an existing relevant relationship) |
Legitimate interest |
Marketing Communication Data |
Until unsubscribed, max. 1 year after termination of the contractual or other relationship |
|
Handling sponsorship/supplier’s enquiries, applications, agreements, and related payments |
Contract performance |
Identity and Contact Information Billing Information Payment Information |
10 years |
|
Managing contracts with suppliers, sponsors, and institutional partners |
Contract performance |
Identity and Contact Information |
10 years |
|
Maintaining contact details of employees or representatives of suppliers/sponsors |
Legitimate interest |
Identity and Contact Information |
10 years |
|
Submission and review of book proposals, proceedings proposals, and conference proposals |
Contract performance Public interest |
Identity and Contact Information Account and Login Information |
1 year |
|
Processing support forms and service-related communications |
Legitimate interest |
Identity and Contact Information Communications and Interactions Data |
1 years after closure of request |
|
Sending verification links, confirmation messages, and service notifications |
Legitimate interest |
Account and Login Information |
Until account deletion |
|
Managing submissions, peer reviews, editorial processes |
Public Interest |
Identity and Contact Information Account and Login Information |
Duration of registration |
|
Managing editorial processes |
Contract Public interest |
Identity information |
Duration of website´s existence |
|
Publications publishing, providing and archiving |
Contract Public interest |
Identity Information |
Depending on license, usually for the of platform |
|
Official registration, identification |
Public interest |
Professional and Publication Data |
In accordance with the operator’s rules |
|
Processing registration fees, invoicing |
Contract performance |
Billing Information |
10 years |
|
Internal project and task tracking via systems like Redmine and Asana |
Legitimate interest |
Identity and Contact Information |
1 year |
|
Gathering and processing feedback from participants or users |
Consent |
Identity and Contact Information Marketing Communication Data |
1 year |
|
Managing conference submissions and reviews via EasyChair or similar tools |
Legitimate interest |
Identity and Contact Information |
1 year |
|
Managing social media profiles |
Legitimate interest |
Identity and Contact Information Account and Login Information |
Duration of profile´s existence |
|
Publishing photos/videos from conferences |
Consent |
Public Relations Materials |
Until consent is withdrawn, max. duration of website´s existence |
|
Managing copyright forms |
Contract performance |
Identity Information |
10 years after publication |
|
Managing plagiarism checks |
Public interest |
Professional and Publication Data |
Not stored |
|
Complying with accounting/tax obligations |
Legal obligation |
Billing Information Payment Information |
10 years |
|
Establishment, exercise or defence of lawful claims |
Legal obligation Legitimate interest |
Varies depending on purpose |
1 year after expiration of limitation period / in accordance with law |
We use cookies and similar technologies to enhance your experience on our websites. These technologies help us store essential information, analyze usage, and provide personalized content and advertisements.
With your consent, we may collect information about your browsing behavior across our website and, in some cases, across other websites. This information is used to create a profile of your interests, allowing us and our partners to display personalized advertisements relevant to you (behavioral advertising).
You have the right to withdraw your consent to such processing at any time by adjusting your cookie preferences through our cookie management tool.
Each of our websites has its own Cookie Policy, accessible via the cookie banner or the Cookie Policy section, where you can find detailed information about the types of cookies, purposes, and retention periods.
We may share personal data with the following categories of recipients:
Website Hosting and Management Providers
Some providers may be located outside the EU/EEA (e.g., USA). Transfers are based on Standard Contractual Clauses (SCCs) approved by the European Commission.
Email and Marketing Service Providers
Some providers are outside the EU/EEA, transfers use SCCs.
Payment Gateway and Payment Processing Providers
Some providers are outside the EU/EEA, transfers use SCCs.
External IT Support and System Administration
Cloud Storage and Collaboration Tool Providers
Some providers are outside the EU/EEA, transfers use SCCs.
Analytics and Optimization Tool Providers
Some providers are outside the EU/EEA, transfers use SCCs.
Conference, Publishing, and Registration Platform Providers
Some providers are outside the EU/EEA, transfers use SCCs.
Plagiarism Detection and Peer-Review Process Providers
Some providers are outside the EU/EEA, transfers use SCCs.
Lawful and Accounting Services
Publicly Available Sources
We may transfer personal data to countries outside the European Economic Area (EEA). Such transfers are conducted only where appropriate safeguards are in place to ensure that your personal data continues to receive an adequate level of protection. These safeguards may include,
We take the security and confidentiality of your personal data seriously and continuously review our data transfer practices to maintain compliance with relevant data protection regulations.
We respects your privacy and ensures you can exercise your data protection rights. These include:
Right to Information
Know how your personal data is collected, used, and stored. This Privacy Policy provides all the details.
Right of Access
Request confirmation of whether your data is being processed, access your personal data, and learn about its purpose, recipients, retention period, and your other rights. You can get a free copy; additional copies may incur a reasonable administrative fee.
Right to Rectification
Request correction or updating of inaccurate or incomplete personal data.
Right to Erasure (“Right to be Forgotten”)
Request deletion of your personal data if it is no longer needed, consent is withdrawn, you object to processing, or it was processed unlawfully. We will assess your request and either comply or explain why deletion is not possible.
Right to Withdraw Consent
You can withdraw your consent to the processing of your personal data at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
Right to Restrict Processing
Request restriction of processing in certain cases, e.g., if you contest data accuracy or object to unlawful processing.
Right to Data Portability
Receive your data in a structured, commonly used, machine-readable format, and request transfer to another controller if processing is based on consent or contract and done automatically.
Right to Object
Object to processing based on We’s legitimate or public interests. Processing will stop unless We can demonstrate compelling reasons.
Automated Decision-Making and Profiling
We may use personal data for behavioral advertising and profiling for marketing purposes. These processes do not involve automated decisions with legal or similarly significant effects.
You have the right to object at any time to the processing of your personal data for direct marketing, including profiling related to such marketing. If you object, we will stop processing your personal data for these purposes.
Right to Complaint
You can lodge a complaint with a supervisory authority, e.g., in Slovakia:
Office for Personal Data Protection
Email: statny.dozor@pdp.gov.sk
Phone: + 421 2 32313214, + 421 2 32313249
Website: https://dataprotection.gov.sk
How to Exercise Your Rights?
You can exercise your rights:
Requests are processed without undue delay, usually within 1 month, extendable by 2 months for complex cases. You will be notified of any extension.
Exercising your rights is free. For manifestly unfounded or repeated requests, WE may charge a reasonable fee or refuse the request.
Our services are intended for adults, and we do not knowingly collect or process personal data of children under the age of 16.
If we become aware that we have inadvertently collected personal data from a child under 16, we will tale steps to delete the data immediately.
We encourage parents and guardians to supervise their children´s online activities and to help ensure that children do not provide personal data through our services.
We use behavioral advertising to provide you with more relevant ads. This means that we may collect and analyze information about your interactions with our website and services, such as:
We use this information to create anonymous profiles or segments, which allow us to show you ads that are more relevant to your interests.
This process is automated, but it does not make decisions with legal or similarly significant effects.
You have the right to object to this profiling or marketing at any time. If you object, we will stop using your data for behavioral advertising.
We take the protection of your personal data seriously. We use appropriate technical and organizational measures to keep your data safe and prevent misuse. Access to personal data is limited to a small, authorized, and monitored group of people.
We regularly review our data handling procedures and promptly fix anything that is outdated or ineffective.
In the event of a security incident involving your personal data, we act immediately. If the incident poses a high risk to your rights and freedoms, we will inform you and explain what measures we have taken. Serious incidents are also reported to the Slovak Data Protection Authority.
We may update this Privacy Policy periodically. Changes will be posted with version and date. We will inform you directly of any significant changes whenever possible.
December 26, 2025
