Privacy policy

RISC2 project is an EU project funded by the European Union’s Horizon 2020 research and innovation programme. The sole responsibility for this website lies with the project consortium. The European Union is not responsible for any use that may be made of the information contained herein.

The RISC2 project is committed to ensuring that all project activities are carried out in an ethically responsible manner. Our “Privacy Policy” explains how we collect, use, disclose, and protect the information, ensuring compliance with the national and European data protection legislation applicable.

INESC TEC – Institute for Systems and Computer Engineering, Technology and Science – located at Campus da FEUP, Rua Dr. Roberto Frias, 4200 – 465 Porto, Portugal, is the Institution responsible for the management and coordination of the RISC2’s website, newsletter and social networks (LinkedIn and Twitter).

For that reason, in what concerns the processing of personal data handled by INESC TEC within the execution of the RISC2 project, under the applicable data protection legislation, INESC TEC acts as Data Controller.

Your data will be collected and processed in strict accordance with the GDPR (General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data), and other legislation applicable to the processing of personal data.


For what purposes may the RISC2 project process an individual’s personal data?

“Personal data” means any information relating to an identified or identifiable natural person (data subject).

The RISC2 project collects personal data to the extent required to fulfil a specific purpose. Personal data may be collected and further processed under the RISC2 project with the following purposes:

  • To notify users about changes to the website, updates and news on the project, communicate about upcoming events;
  • To establish new partnerships and collect feedback from the project’s stakeholders;
  • To provide users with the access to the social networks of the project;
  • To deliver and monitor newsletters or any other marketing material.


The collected data may be shared with the funding entities and with the project’s consortium for compliance with reporting, monitoring and auditing requirements.

The RISC2 project will not share personal information with or sell it to third-party marketers.


RISC2’s website

INESC TEC developed the website of the RISC2 project, and is also responsible for managing it. All the partners of the project contributed to the content provided to users.

The website collects information about users when they fill out a form, subscribe to a newsletter, aces to the project’s social networks or otherwise communicate with us.

The types of Information that website collects include:

  • Personal data, such as a user’s name, last name, country and email address;
  • Information about a user’s company such as the name and activity.


When a user accesses or uses site, it automatically collects device and log information. The website collects information about the computer or mobile device the user resorts to while accessing the website, including device identifiers, mobile network information and the type of browser. The website also logs information about the user’s use of the website, including access times, IP address or other standard web logs data.

The RISC2’s website uses INESC TEC as a hosting provider. This server may “collect” information about web visitors by generating temporary logs that may contain the following information:

    • Internet address (IP address) of the computer being used
    • Web pages requested
    • Referring web page
    • Browser used
    • Date and time


Google Analytics, to collect information about how users interact with the site and to count website visits. This service enables the production of reports and allows improving the system’s operation. No advertising cookies are collected.

The RISC2’s website may contain links to third-party external websites or tools over which the project has no control. The RISC2 project rejects any responsibility for the privacy practices or the content of external websites regardless of the link to said websites being displayed on our website.

The website uses “cookies” to collect information about the browsing experience of visitors. Users may deactivate cookies at any time, yet this may affect relevant elements and the user’s experience. To learn more about cookies, and how users can manage them, please visit our Cookies Policy.

The processing of the data is performed to take the steps we deem appropriate to supply you with information related to the project described herein, in connection with your agreement or intention to use the website.


RISC2’s newsletter

To subscribe to the project’s newsletter, individuals have to provide the email address where they wish to receive it.

Individuals can unsubscribe anytime by clicking on the ‘unsubscribe’ link available in the footer of each newsletter.

The newsletter uses third-party services, namely:

INESC TEC is the partner responsible for sending and monitoring the newsletter.


RISC2’s social media

The RISC2 project uses the following social media channels to further disseminate its activities: LinkedIn and Twitter. You should read their privacy policies before using them, clicking on the previous links.

Users can access them through the project’s website. INESC TEC is the partner responsible for its management.


Personal data retention period

The RISC2 project may process and store Personal Data for 12 months after the project has ended, considering the initial purpose for their collection. After that period, the data will be deleted even if the individual does not expressly request it, however, he may do so at any time. If the individual chooses to unsubscribe, all data regarding the individual will be deleted.


Rights of the personal data subject

Following the provisions of the EU General Data Protection Regulation, individuals may exercise, at any time, their rights of access, portability, rectification, restriction, erasure, or to object, concerning their data.

Therefore, individuals can request the project to modify or delete their personal information, unless the project is required to process such information to comply with a legal obligation, or if said information is necessary for the performance of a contract to which you are a party, or used to meet a requirement for which you have given your unambiguous consent.

The data subject also has the right to file a complaint with a Supervisory Authority of one of EU Member-States. In Portugal, the National Supervisory Authority dedicated to supervise the compliance with personal data protection is the Comissão Nacional de Proteção de Dados (CNPD).



Any additional queries or requests regarding the processing of your personal data can be addressed directly via email: INESC TEC’s Data Protection Officer contact is



INESC TEC may be required to amend this Policy, namely due to the need to adapt it to possible legal changes or to recommendations by Supervisory Authorities, which it is recommended its consultation regularly.

Do you want to know more about RISC2?

Check out more information.