International Conference on Environmental Research and Nuclear Sciences

Privacy Policy & Data Protection

Effective Date: 1 May 2026

Last Updated: 30 May 2026

The International Conference on Environmental Research and Nuclear Sciences (“ERaNS NextGen Conference”, “we”, “us”, or “our”) is committed to protecting the privacy, confidentiality, and security of personal data collected through the conference platform and related services.

This Privacy Policy explains how personal data is collected, used, stored, and protected in connection with the ERaNS NextGen Conference, including the official conference website located at:

https://www.erans.org

The conference platform and related services are provided for purposes including conference registration, abstract submission, scientific review, participant communication, academic publication, and conference administration.

We are committed to ensuring that all personal data is processed lawfully, fairly, and transparently in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

When this Privacy Policy refers to “ERaNS NextGen Conference”, “we”, “us”, or “our”, it refers to the Data Controller responsible for processing your personal data in accordance with this Policy.

“Personal Data” means any information relating to an identified or identifiable natural person, as defined under the GDPR.

For any questions regarding this Privacy Policy or requests concerning the processing of personal data, please contact the Data Controller using the contact details provided in Section 15.

1. Data Controller

The Data Controller responsible for the processing of personal data is:

Name:

Email: 

Location: Egyetem utca 10. 8200, Veszprém. Hungary.

For any questions regarding data protection, please contact the Data Controller at the email address above.

2. Data Protection Principles

Personal data is processed in accordance with the principles established under the General Data Protection Regulation (EU) 2016/679 (“GDPR”). We are committed to ensuring that personal data is:

• processed lawfully, fairly, and transparently;
• collected only for specified and legitimate purposes;
• limited to data that is necessary for conference-related activities;
• accurate and kept up to date where necessary;
• retained only for as long as required for the purposes described in this Policy; and
• protected through appropriate technical and organizational security measures.

Access to personal data is restricted to authorized individuals involved in conference administration, scientific review, technical operation, or legal compliance obligations.

3. Source of Personal Data

Personal data is collected directly from participants, authors, reviewers, and visitors through conference registration forms, abstract submission systems, email communications, uploaded materials, cookies, and interactions with the conference website or platform.

In limited cases, data may also be received from affiliated institutions, co-authors, payment processors, or technical service providers where necessary for conference administration.

4. Purpose of Data Collection and Processing

Data collected through this portal is used solely for the following academic and administrative purposes:

• Conference registration and participant management
• Abstract submission handling and peer review process
• Communication with registered participants and authors
• Organization and administration of the conference
• Issuance of confirmations, acceptance notifications, and certificates of participation
• Processing of payments, invoices, and financial documentation (If applicable)
• Ensuring technical operation and security of the System

The conference platform and services are intended primarily for academic researchers, professionals, and adult participants. Personal data of individuals under the age required by applicable law is not knowingly collected without appropriate authorization or legal basis.

5. Categories of Personal Data Collected

The portal may collect the following personal data depending on your interaction with the System:

• Full name
• Email address
• Professional and demographic information
• Logistical and accessibility requirements
• Supporting academic documents
• Research titles and descriptions
• Login credentials (encrypted)
• IP address
• Session and authentication cookies
• Device and browser information
• Billing information required for invoicing and legal compliance

6. Submission of Sensitive Information

Participants (users) should avoid submitting sensitive personal data (such as health information, financial details, government identification numbers, or other confidential information) unless explicitly requested and strictly necessary for conference administration.

7. Legal Basis for Processing (GDPR Article 6)

Personal data is processed on the following legal bases:

• Article 6(1)(a) – Consent: for submission of abstracts and optional materials
• Article 6(1)(b) – Contractual necessity: for conference registration and participation
• Article 6(1)(c) – Legal obligation: for compliance with tax, accounting, and invoicing requirements (if applicable)
• Article 6(1)(f) – Legitimate interest: for conference organization, communication, and security of the System

Where processing is based on consent, you may withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

8. Site Host, Data Storage and Processors

Personal data is stored and processed using secure infrastructure and trusted service providers acting as Data Processors under GDPR-compliant agreements.

- This website is hosted by a GDPR-compliant hosting provider, (Site B.V., known as site.eu), located within the European Union.
- Submitted personal data is stored securely in a protected and securely managed database with restricted access controls
- Uploaded documents may be stored using secure cloud storage services (e.g., Google Workspace), protected by appropriate safeguards such as encryption and Standard Contractual Clauses where applicable.
- Access to personal data is strictly limited to authorized personnel involved in conference administration and review.

All third-party service providers processing personal data on behalf of the conference act under GDPR-compliant contractual arrangements and are required to implement appropriate technical and organizational security measures.

Where personal data is transferred outside the European Economic Area (EEA), appropriate safeguards will be implemented in accordance with GDPR requirements, including the use of European Commission Standard Contractual Clauses (SCCs) or equivalent lawful transfer mechanisms.

9. Data Retention

Personal data is retained only for as long as necessary for the purposes outlined in this Policy. You may request deletion of your account and associated personal data directly from your dashboard after logging in and successful authentication, subject to legal and academic retention obligations.

• Registration and account data: up to 6 months after the conference
• Abstracts and academic submissions: up to 24–36 months, or longer if required for conference proceedings or publication purposes
• Financial and invoicing data (if applicable): up to 7 years, in accordance with Hungarian legal obligations
• Technical logs and security data: up to 6–12 months for security purposes

After expiration of the retention period, personal data will be securely deleted or anonymized.

10. Data Sharing

Personal data is not shared with unrelated third parties, institutions, or external organizations without your explicit consent, unless required by law.

Personal data is not sold or shared with third parties for commercial purposes. Data may be shared only with:

• Conference organizers and authorized administrative staff
• Members of the scientific or review committee (for abstract evaluation)
• Publishers and the conference publishing services
• IT service providers acting as Data Processors
• Public authorities, where required by law

All processors are bound by confidentiality and data protection obligations.

11. Publication and Public Conference Materials

Publication of conference materials, such as abstracts, accepted submissions, presentation materials, conference proceedings, author names, affiliations, and related academic information submitted through the System may be published or made publicly accessible in connection with the conference. Academic publications, conference proceedings, and publicly distributed conference materials may remain permanently accessible for scientific, archival, citation, and academic record purposes.

Such publication may include:

• Conference abstract books or proceedings
• Conference websites
• Digital repositories
• Program schedules
• Recorded presentations
• Photographs and videos taken during the conference
• Promotional or academic communication materials

By submitting materials to the conference, participants acknowledge and agree that certain academic and professional information (such as name, affiliation, abstract title, and presentation materials) may remain publicly accessible on a long-term or permanent basis for academic, archival, and scientific communication purposes.

Participants should avoid submitting confidential, sensitive, or proprietary information unless explicitly required.

Requests for removal of publicly distributed academic materials will be considered where reasonably possible; however, complete removal from all public or archived sources cannot be guaranteed once materials have been published.

12. Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to object to processing
• Right to data portability (where applicable)
• Right to withdraw consent at any time
• Right to lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) or your local supervisory authority

To exercise any of these rights, please contact: 

13. Data Security

Appropriate technical and organizational measures are implemented to ensure the security of personal data, including:

• Encrypted HTTPS communication
• Access restrictions to stored data. Role-based access control and authentication restrictions
• Secure storage systems with limited administrative access
• Regular monitoring of system activity and access logs
• Protection against unauthorized access, alteration, or loss of data
• Data stored within the EU under GDPR-compliant infrastructure

We employ reasonable and appropriate security measures designed to protect your data from unauthorized access, disclosure, alteration, or destruction. However, as no security system is impenetrable, we cannot guarantee the absolute security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted to us.

In the event of any technical or security issue that may affect your personal data, we will promptly inform affected users in accordance with applicable laws and regulations. We will also take all reasonable and appropriate measures to minimize the impact of the incident, secure our systems, and prevent similar occurrences in the future.

14. Personal Data Breach Response Procedure

In the event of a personal data breach (such as unauthorized access, data leak, or deletion of user data), the following steps will be taken:

• An immediate investigation will be conducted to determine the scope, content, cause of the breach and affected data.
• If the breach is caused by a service provider (e.g., hosting or cloud storage), all available efforts will be made to:
  • Gather accurate information from the provider,
  • Assist in securing any remaining data, and
  • Support affected users appropriately.
• If personal data is involved:
  • Affected individuals will be notified by email within a reasonable timeframe.
  • The notification will include details of the incident, what data was affected, and any steps users should take.
• The incident, including all actions taken and communications sent, will be documented.
• Notification to the Hungarian National Authority for Data Protection and Freedom of Information (NAIH), if legally required

15. Cookies and Tracking Technologies

The System uses cookies and similar technologies for:

• User authentication and session management
• Security and fraud prevention
• Basic functionality of the registration system

Where required by law, users will be informed and asked for consent before non-essential cookies are used.

16. Communication Preferences / Email Communications

The conference may send participants and registered users administrative and informational communications related to conference activities, including registration confirmations, submission updates, review outcomes, schedule announcements, payment notifications, and important conference-related information.

Where users voluntarily subscribe to newsletters, announcements, or future conference updates, such communications will be sent based on user consent.

Users may withdraw consent or unsubscribe from non-essential communications at any time by:

• using the unsubscribe link included in email communications;
• adjusting communication preferences within their account settings (if available); or
• contacting the Data Controller directly.

Withdrawal of consent does not affect communications necessary for conference administration, legal obligations, security notifications, or active participation in conference-related activities.

17. Changes to This Policy

This Privacy Policy may be updated from time to time. Any changes will be published on this page with an updated “Last Updated” date.

18. Governing Language

The English version of legal agreements and policies is considered as the only current and valid version of this document. Any translated version is provided for your convenience only, to facilitate reading and understanding of the English version. Any translated versions are not legally binding and cannot replace the English versions. In the event of disagreement or conflict, the English language legal agreements and policies shall prevail.

19. Contact

For any questions, requests, or concerns regarding this Privacy Policy or the processing of your personal data, please contact the Data Controller using the contact information provided in Section 1.:

Dr. Király Amin
📧