← Back to Home

Privacy Policy

Last Updated: January 28, 2026

1. Introduction

ESN Portugal ("we", "us", or "our") operates the Erasmus National Meeting 2026 (ENM 2026) event and website. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you register for our event, visit our website, or interact with our services [web:51][web:52].

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws [web:54].

2. Data Controller

Organization: ESN Portugal
Email: enm@esnportugal.org
Event Location: Muthu Oura Praia Hotel, Albufeira, Portugal

3. Information We Collect

We collect the following types of personal information [web:54]:

3.1 Registration Information

  • Full name
  • Email address
  • Phone number
  • Date of birth (for age verification)
  • University/Institution affiliation
  • ESN section membership
  • Dietary preferences and allergies
  • Accessibility requirements
  • Emergency contact information

3.2 Payment Information

Payment processing is handled by third-party payment processors. We do not store your full credit card details on our servers [web:55].

3.3 Automatically Collected Information

  • IP address and device information
  • Browser type and version
  • Pages visited and time spent on our website
  • Cookies and similar tracking technologies

4. How We Use Your Information

We process your personal data for the following purposes [web:51][web:54]:

  • Event Registration: To process your registration and manage attendance
  • Communication: To send event updates, schedules, and important notifications
  • Accommodation & Catering: To arrange appropriate accommodations based on dietary and accessibility needs
  • Safety: Emergency contact information for participant safety
  • Marketing: With your consent, to send promotional materials about future ESN events
  • Legal Compliance: To comply with legal obligations and protect our rights

5. Legal Basis for Processing

Under GDPR, we process your data based on [web:51][web:54]:

  • Consent: You have given explicit consent for specific processing activities
  • Contractual Necessity: Processing is necessary to fulfill our contract with you (event registration)
  • Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., event organization, fraud prevention)
  • Legal Obligation: Processing is required by law

6. Data Sharing and Third Parties

We may share your information with [web:54]:

  • Event Partners: Hotel venues, transportation providers, and activity organizers
  • Payment Processors: Secure third-party payment services
  • ESN Network: Other ESN sections for coordination purposes
  • Service Providers: Email marketing platforms, analytics tools (e.g., Google Analytics)
  • Legal Authorities: When required by law or to protect legal rights

We ensure all third parties comply with GDPR and implement appropriate data protection measures [web:51].

7. Data Retention

We retain your personal data only as long as necessary [web:54]:

  • Registration Data: Until 90 days after the event concludes
  • Financial Records: As required by tax and accounting regulations (typically 7 years)
  • Marketing Consent: Until you withdraw consent or we no longer need it
  • Legal Claims: As long as necessary to defend against legal claims

8. Your Rights Under GDPR

You have the following rights regarding your personal data [web:51][web:52][web:54]:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time (does not affect prior processing)

To exercise these rights, contact us at enm@esnportugal.org

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data [web:54]:

  • SSL/TLS encryption for data transmission
  • Secure servers with access controls
  • Regular security audits and updates
  • Staff training on data protection
  • Pseudonymization and encryption where appropriate

10. International Data Transfers

Your data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission [web:51][web:54].

11. Children's Privacy

ENM 2026 is intended for participants aged 18 and older. We do not knowingly collect data from individuals under 18 without parental consent.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through a prominent notice on our website [web:52].

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact:

ESN Portugal - ENM 2026
Email: enm@esnportugal.org
Location: Albufeira, Portugal

You also have the right to lodge a complaint with your local data protection authority [web:52][web:54].

ENM Portugal Banner