Legal notice

ATTRACT cares about your data privacy is dedicated to the ATTRACT Project, a European initiative that brings together Europe’s fundamental research and industrial communities to lead the next generation of detection and imaging technologies.

The ATTRACT Consortium maintains the website to present the project, its objectives and achievements to stakeholders and the public. The contents found in the web pages related to the above domain are for information purposes only.

The ATTRACT Consortium does not assume any responsibility for damages which may be derived from electronic system disconnections, computer viruses, malware or any other factors beyond its control.

The ATTRACT Consortium reserves the right to modify, without previous notification, the contents of the domain as well as the terms and conditions found here.

If you have any questions you can email is operated by Fundación Esade, the ATTRACT Consortium partner in charge of communication, dissemination and outreach.

Fundación Esade is registered with the Private Foundation Registry of the Generalitat of Catalonia. Registration number: 510. All rights reserved.

Fundación Esade
CIF: G-59716761
Av. Pedralbes, 60-62
08034 Barcelona – España
Tel.: (+34) 932 806 162

Personal data protection

As part of the Consortium delivering the project ATTRACT, Esade acts as a network operator and guarantees security and protection of provided personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and Council of 27th April, 2016 (General Data Protection Regulation).

Below is a summary of the fundamental elements included in this data protection policy:

Who is responsible for processing personal data?

The entity responsible for processing data is Fundación Esade (hereafter, “Esade”), with headquarters in Barcelona (Avinguda Pedralbes 60-62, 08034 – Barcelona), fiscal ID G-59716761, telephone number, (34) 932 806 162, and e-mail address, Esade is duly registered in the Government of Catalonia’s Registry of Private Foundations under entry 510.

Esade is a higher-education centre integrated within Universitat Ramon Llull.

What role does the Data Protection Delegate play?

The Data Protection Delegate (DPD) is the person in charge of supervising that we comply with this data protection policy and ensuring that we process said personal data correctly and duly protect the affected parties. The DPD’s functions include receiving and answering questions, doubts, suggestions and complaints raised by people whose data we process. Affected parties can contact the DPD by writing to our postal address above, by calling the above phone number or by sending an e-mail to the following address:

For what ends, do we process data?

We process personal data in a proportional fashion, all the while taking into account the affected parties’ rights. This means that we process the appropriate, pertinent and limited data required for each specific situation and in due compliance with the explicit purposes for which data are gathered; that is, only the data required for the dissemination of the project and for managing the open calls for proposals.

  1. CONTACT DATA.While visiting and using the ATTRACT website, the user can contact the network operator and provide personal data so that network operator is able to contact the user back.
  2. NEWSLETTER. While visiting and using the ATTRACT website, the user can provide the network operator with personal data. The user may voluntarily register to receive a newsletter by providing a valid email address.
  3. OPEN CALLS: Applicants to ATTRACT’s open calls, can provide the network operator with personal data so that they can submit their application

The personal data the user can provide to the network operator are:

  • First and last name [necessary]
  • e-mail address [necessary]
  • Phone number [necessary for open call applicants]
  • Applicant’s Institution(s) and type [necessary for open call applicants]
  • Country [necessary for open call applicants]

How do we obtain personal data?

In the previous section we refer to some of the origins of the data we process. In most cases, the affected parties expressly provide us with their data, and we obtain them primarily through forms designed for this purpose.

How do we legally justify this data processing?

The different types of data processing imply different legal justifications depending on their nature. We classify the different types of data processing in keeping with the legal bases established in Article 6.1 in the General Data Protection Regulation.

Based on consent and legitimate interest: when we send information about our activities and news, we use the contact information provided by the person receiving said information with their explicit consent. We also obtain data on the use of our website with the website users’ consent. In the latter case, said website users can revoke this consent at any time by eliminating our cookies.

To whom do we transfer data?

For the purposes of reviewing proposals, awarding grants and monitoring projects under the 3 open calls for proposals and statistical analysis, we will share personal data to:

  1. the Independent Review Committees
  2. CERN – as part of the administrative officer of the Consortium
  3. The EU and designated auditors in case of an audit

For the purpose of administrative matters and conference and related event organisation, we will share personal data to:

  1. Co-organisers of the event In the ATTRACT Consortium
  2. The EU and designated auditors in case of an audit

The personal data transferred:

  • First and last name [necessary]
  • e-mail address [necessary]
  • Applicant’s Institution(s) and type [necessary for open call applicants]
  • Country [necessary for open call applicants]

How long do we store data?

The time we store data depends on different factors. The primary criterion is if the data are still necessary to fulfil the purposes for which they were originally gathered. The second criterion is to duly respond to any legal responsibility regarding Esade’s data processing and to comply with any legal requirements from public administrations, including the EU, and judicial bodies.

Consequently, we have to store data the time necessary to preserve their legal or informational value and to accredit our fulfilment of legal obligations.

However, this time shall not exceed the time required for the purposes for which they are processed (“storage period” limitation in the General Data Protection Regulation).

What rights do people have in terms of the personal data we process?

As stipulated in the General Data Protection Regulation, people whose data we process have the following rights:

  • Know if their data are being processed: People first have the right to know if we are processing their data, regardless if a prior relation exists with them.
  • Be informed when data are gathered: When we gather personal data from the affected parties, they have to be clearly informed about the purposes for which their data are gathered, who is in charge of their processing and other key issued related to this processing.
  • Access their data: This is a very broad right which includes knowing exactly what personal data are being processed, for what purposes, to whom they are ceded (if applicable) and the right to obtain a copy of said data and know how long their data will be stored.
  • Rectify incorrect data: Affected parties have the right to demand we modify any inexact data we are currently processing.
  • Request their elimination: In specific cases, affected parties have the right to request we eliminate their data altogether. Amongst other motives, this can include when said data are no longer needed for the purposes for which they were originally gathered and which justified their processing
  • Limit their processing: Similarly, in specific cases, affected parties have the right to request limiting the processing of their data. In these cases, we will no longer process their data and we will only store them to process or defend ourselves against complaints, in keeping with the General Data Protection Regulation.
  • Portability: In certain cases, norms recognise the right of affected parties to obtain a copy of their personal data in a machine-readable and commonly used format to then be able to transmit said data to another party for their processing if the affected parties so decide.
  • Oppose their processing: The affected parties may refer to motives related to their particular situations so that we no longer process their data insofar as it is harmful to them. This shall not apply if there are legitimate motives or in the case of exercising or defending ourselves against complaints.
  • Not receive information: We will immediately respect requests from affected parties who no longer want to receive information about our activities and services so long as said information is sent to the recipients based solely on their consent.

How can the affected parties exercise and defend their rights?

The affected parties can exercise the above-mentioned rights fast and easily through the following application form ARCO rights or writing to Esade at the address above or using any of the other means to contact us as indicated.

If the affected parties are not satisfied with this exercise of their rights, they may file a complaint with the Catalan Data Protection Authority by means of the forms or other channels available via its website (

In all cases, whether to present complaints, clarify doubts or make suggestions, the affected parties may send an e-mail to the Data Protection Delegate via the following address: