Privacy Policy

Last Updated: January 2026

1. Introduction

The PHOENIX project ("we", "us", "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you interact with our website or contact us.

Project Information: PHOENIX (Grant Agreement No. 101156638) is funded by the European Union's Horizon Europe research and innovation programme.

2. Data Controller

Politecnico di Milano (POLIMI)
Department of Electronics, Information and Bioengineering (DEIB)
Via Giuseppe Ponzio, 34/5, 20133 Milano (MI), Italy
Email: phoenix@polimi.it

3. What Information We Collect

3.1 Information You Provide Directly

Contact Form Data: Full name, email address, organization/affiliation, subject, and message content
Email Communication: Any information you send us via email
Stakeholder Engagement: Survey responses, workshop participation data, feedback forms

3.2 Information Collected Automatically

Technical Data: IP address, browser type, operating system, device information
Usage Data: Pages visited, time spent on pages, navigation paths, referring URLs
Cookies: See our Cookie Policy for details

4. How We Use Your Information

We process your personal data for the following purposes:

Responding to Inquiries: To answer your questions and provide requested information
Project Communication: To share project updates, publications, and events (with your consent)
Stakeholder Engagement: To conduct surveys, workshops, and collect feedback as part of Work Packages 16-18
Website Analytics: To understand visitor behavior and improve user experience
Legal Compliance: To comply with EU regulations, reporting requirements, and consortium obligations

5. Legal Basis for Processing

We process your personal data based on:

Consent: When you submit a contact form, subscribe to updates, or participate in surveys
Legitimate Interest: For website analytics, security, and project communication
Legal Obligation: To comply with EU grant requirements and reporting obligations

6. Data Sharing and Disclosure

We may share your data with:

Consortium Partners: Only when necessary for project coordination and stakeholder engagement activities
European Commission: Aggregated, anonymized data for reporting purposes
Service Providers: Email hosting, website hosting, analytics tools (e.g., Google Analytics) - all compliant with GDPR

We will never sell your personal data to third parties.

7. Data Retention

Contact Form Submissions: 24 months after the last communication
Survey Responses: Until the end of the PHOENIX project (M48) + 5 years for audit purposes
Website Analytics: 14 months (anonymized)
Email Communication: As long as necessary for project-related correspondence

8. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your data ("right to be forgotten")
Restriction: Limit how we process your data
Portability: Receive your data in a structured, machine-readable format
Objection: Object to processing based on legitimate interest
Withdraw Consent: Withdraw consent at any time (without affecting prior lawful processing)

To exercise your rights: Email us at phoenix@polimi.it with the subject "Data Privacy Request".
We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These include:

Encrypted data transmission (HTTPS/SSL)
Secure hosting infrastructure
Access controls and authentication
Regular security audits

10. International Data Transfers

PHOENIX consortium partners are located within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure adequate safeguards are in place (e.g., Standard Contractual Clauses).

11. Children's Privacy

Our website is not intended for individuals under 16 years old. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised "Last Updated" date. Significant changes will be communicated via our website banner or email (if subscribed).

13. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority:

Italian Data Protection Authority (Garante per la Protezione dei Dati Personali)
Website: www.garanteprivacy.it

14. Contact Us

For privacy-related questions: Project Coordinator: Politecnico di Milano
Email: phoenix@polimi.it
Address: Via Giuseppe Ponzio, 34/5, 20133 Milano (MI), Italy

This Privacy Policy is provided in accordance with GDPR (Regulation EU 2016/679) and applies to the PHOENIX project website.