The EUNPDC is committed to ensuring that your personal data is processed in compliance with the EU General Data Protection Regulation (GDPR) and France’s Loi Informatique et Libertés. This privacy notice explains how we handle personal data collected through the website www.nonproliferation.eu and during related activities such as event organisation.
1. Contact & Legal Mentions
Coordinator:
Stockholm International Peace Research Institute (SIPRI)
Signalistgatan 9
SE-169 70 Solna, Sweden
Tel: +46 8-655 97 00
Email: eunpdc@sipri.org
Website: www.sipri.org
Publication Director:
Benjamin Hautecouverture
Website Hosting:
IKOULA
175/177 rue d’Aguesseau, 92100 Boulogne-Billancourt, France
support@ikoula.com
2. Data Controller
For newsletter subscription, the data is collected and processed by our EUNPDC partner Istituto Affari Internazionali:
Istituto Affari Internazionali (IAI)
Via Angelo Brunetti, 9, 00186 Rome, Italy
Email: iai@iai.it
Website: www.iai.it
For other data (e.g. event participation), data controllers may include SIPRI, the Fondation pour la Recherche Stratégique, or other EUNPDC consortium partners.
3. What Data We Collect and Purposes
a) Newsletter Subscription
Collected via IAI, we process:
- Email address
Purpose: sending EUNPDC newsletters and updates
Legal basis: Consent (Art. 6.1.a GDPR)
Retention: Up to 3 years
b) Event Participation
Personal data may be collected during the preparation and delivery of events (workshops, conferences, meetings), including via registration forms or direct communication with participants. This data may include:
- Full name, title, and institutional affiliation
- Email address and phone number
- Nationality and passport details (for travel and accommodation)
- Dietary or accessibility needs
- Travel preferences (departure city, preferred dates, etc.)
- Financial information if travel reimbursements are processed
Purpose:
- To register participants and manage attendance
- To arrange travel and accommodation logistics
- To ensure event security and access clearance where needed
- To meet administrative, reporting, or contractual requirements (e.g. EU-funded projects)
Legal basis:
- Public interest mission (Art. 6.1.e GDPR)
- Legitimate interest (Art. 6.1.f GDPR)
- Consent (Art. 6.1.a GDPR)
Who has access:
- Relevant EUNPDC staff
- Co-organisers or funders, where applicable
- Logistics providers (e.g. Egencia) bound by data protection agreements
- Hotels or transport providers solely for booking purposes
Retention period:
- Standard retention: Personal data collected for event logistics is kept for up to 12 months after the event
- Extended retention: Some data may be retained for up to 5 years, where required for:
- Financial accountability (e.g. EU grants, audit requirements)
- Legal or contractual obligations (e.g. participant lists, invoices)
- Sensitive data (passport scans, dietary or health-related information) is deleted immediately after use unless legally required otherwise
You will be informed at the point of data collection if additional conditions apply.
4. Your Rights Under GDPR
You have the right to:
- Access your data
- Request correction or deletion
- Withdraw consent at any time
- Request limitation or object to processing
- Request data portability (where applicable)
To exercise your rights, please contact: a.houdayer@frstrategie.org
If you believe your rights are not being respected, you may lodge a complaint with the CNIL: www.cnil.fr
5. Security
We implement appropriate technical and organizational measures to ensure the security and confidentiality of your data. Personal data is stored securely and only accessible to authorized personnel.
6. Copyright & Intellectual Property
All content on the website is protected under copyright and intellectual property laws. Any use, reproduction, or modification of the site’s content for commercial purposes is strictly prohibited without prior written consent.
7. Cookies
This site uses cookies to improve your experience. For details, please refer to our separate Cookie Policy.