Privacy Policy

Dear Data Subject, We wish to inform you that the GDPR provides for the protection of individuals with regard to the processing of Personal Data as a fundamental right.

Pursuant to Article 13 of the GDPR, therefore, EUF will process your Personal Data according to the present Privacy Policy, which describes how such data is collected, stored, used, communicated and managed in connection with the Platform and the related Services.

Please notify us at the address without delay should you notice any instances in which any violation of the present Privacy Policy occurs.

Last updated: 2 September 2021

Type of data Processed

Automatically collected data. The computer systems and applications dedicated to the functioning of the Platform detect, during their normal operation, some data (whose transmission is implicit in the use of Internet communication protocols) potentially associated with identifiable Users. Among the data collected are IP addresses and domain names of computers used by Users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system, browser and computer environment used by the User. These data are processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its regular operation. The provision of such data is compulsory as it is directly related to the web browsing experience.

Data provided voluntarily by the User. The voluntary and explicit communication of Personal Data to the EUF through the Platform implies the knowledge of this Privacy Policy, with the relevant request for consent.
The voluntary sending, on your part, of e-mails to our e-mail addresses does not require further information or requests for consent.
On the contrary, specific summary information will be reported or displayed if needed in the login pages of the Website. The User must therefore explicitly consent to the Processing of the data reported in such pages in order to send any request.

Cookies. The Website uses cookies. The data collected through cookies can be used to access parts of the site or for statistical purposes or to make the browsing experience more pleasant and efficient in the future, trying to assess User behaviour and modify the proposed offer of content according to their behaviour.

Origin of Processed Personal Data

The Personal Data that EUF holds in connection with the Platform and related Services is collected directly from the User.

Data Controller

The Data Controller is European University Foundation - Campus Europae, 16C rue de Canach 5353 Oetrange, Luxembourg
Phone: +352 26 15 10

Purpose of data Processing and legal basis

We use the information collected through our Website, Platform and Services for the purposes described in this Privacy Policy or disclosed to Users in connection with our Services. For example, we may use your information to operate and improve our Services; understand Users and their preferences to enhance their experience and enjoyment using our Services; provide and deliver Services they request; link or combine it with other information we get from third parties, to help understand User preferences and provide them with better Services; to send Service related notifications that may be of importance to continue using the Services, and safety/security notifications related to the participation in our Service.

EUF also has a limited right to access the data in order to proactively analyse the system architecture, data models and infrastructure resources so as to offer the Services in the best possible way. This includes, for example, analysis of slow-running database queries, predicting the growth rate of data (in order to allocate resources ahead of time), and analysis of the data contents and format in order to choose the most performant and fitting data models. It is unavoidable that in order to be able to provide the best possible Services, EUF must be able to understand the data, as well as emergent trends in the data. Such analysis is done, whenever practical, in an anonymised manner and with only the above, purely technical or service-oriented purposes in mind.

Personal data may be disclosed to third parties, if this is necessary for the fulfilment of the purposes described above.

Mandatory nature or not of the consent

The User’s consent is compulsory while using the Platform, and in particular to be able to have access as a non-Guest User. Should you desire not to provide your consent for one or more specific purposes or to withdraw it, please inform us at the time your Personal Data is communicated to us, or at any time thereafter, by contacting us at the e-mail address

Data recipients

We do not share your personal data except as approved by you or as described below.

Within the limits pertinent to the Processing purposes indicated, Users’ data may be communicated to partners, consulting companies, private companies, appointed by the Data Controller as Data Processors or for legal obligations or to fulfil some Users’ specific requests. We may release your information as permitted by law, such as to comply with a subpoena, or when we believe that release is appropriate to comply with the law; investigate fraud, respond to a government request, enforce or apply our rights; or protect the rights, property, or safety of us or our Users, or others. This includes exchanging information with other companies and organisations for fraud protection. In such cases we take all the necessary technical and organisational measures to protect the confidentiality and security of your Personal Data from unauthorised access or against loss, misuse or alteration by third parties.

Our Services may also depend on third-party tracking tools from our service providers, examples of which include email service provider as well as push-notification service provider. Such third parties may use cookies, APIs, and SDKs in our services to enable them to collect and analyse User information on our behalf. In this context, third parties may have access to information such as your device identifier, MAC address, IMEI, locale (specific location where a given language is spoken), geo-location information, and IP address for the purpose of providing their services under their respective privacy policies.

The possible Data Processors and persons in charge of the Processing will in such cases be punctually identified and at the Users’ request be communicated in detail. For any question in this regard, please contact us at the address

Please note that in such cases Users will be also subject to the relevant third-party privacy policies. For any processing carried out by third parties as Data Processors in relation to the Platform and related Services, Users may contact EUF at the address or directly such third parties.

For all other cases of processing by third parties, please contact them directly in the manner indicated in their privacy policies.

Lastly, EUF may share your information in connection with potential merger, de-merger, acquisition, change of ownership, change of control, or in general extraordinary transaction. In such cases, the Users will be notified via email and/or notice on our site of any change in ownership of the Personal Data.

We may transfer information that we collect about you to affiliated entities, or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world. In such cases, the appropriate measures have been taken to ensure that the Service Providers comply with the GDPR.

Period and place of Data retention

The data collected will be stored for a period of time not exceeding the achievement of the purposes for which they are processed (“principle of limitation of storage”, art. 5, GDPR), mainly to provide Users with the Services, or according to the deadlines provided for by law, to comply with our legal obligations, to resolve disputes, and enforce our agreements. The verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically.

If you wish to request that we no longer use your information to provide you services, contact us at

We take reasonable measures to protect User information from unauthorised access or against loss, misuse or alteration by third parties. All connections are encrypted and authenticated using secure protocols; encryption is also used in the links circulated through the email notifications. The data collected is stored on servers located in the Aristotle University of Thessaloniki, Greece, and may be stored on servers in other countries within the European Union. In such cases, this Privacy Policy will be updated accordingly.

If and when we transfer Personal Data to affiliated entities or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world, we will still take all appropriate measures to ensure compliance with the GDPR.

When third parties are involved in the Processing pursuant to this Privacy Policy, Personal Data may be stored on servers outside the European Union. Please remember that in such cases any Processing is also subject to the relevant third parties’ privacy policies.

Rights of the Data Subjects

Pursuant to GDPR, Users (and/or the Users who communicated the relevant Data) have the right to access the Personal Data provided to us (art. 15 GDPR) and to ask to receive copy of such Data in an intelligible format in order to transmit it to another data controller (art. 20 GDPR). They have the right to obtain their update, rectification or integration (art. 16 GDPR), and to obtain their erasure (art. 17 GDPR). Users also have the right to request the restriction of the Processing of their Personal Data (art. 18 GDPR) or to object, on legitimate grounds, to such Processing (art. 21 GDPR). We inform you, however, that the exercise of such rights may be subject to limitations or exclusions pursuant to the GDPR or other relevant regulations.

Where the Users consider that the processing of Personal Data by EUF has been carried out in violation of the GDPR, without prejudice to any other administrative or judicial remedy, they the right to lodge a complaint with their national supervisory authority, in particular in the Member State of their habitual residence, place of work, or the place where the alleged violation took place.

For any request or communication concerning any of the above-mentioned rights, please send an e-mail to the following address EUF will respond to any request as soon as possible and in any case within 30 days.

Users may also object to Personal Data being subject to automated decision-making, including profiling practices. EUF informs you, however, that it does not carry out any processing that may fall within the aforementioned case. Should this situation change in the future, we will promptly update this Privacy Policy.

Lastly, the Data Subjects concerned (and/or the Users who communicated the relevant Data) may at any time communicate their intention to withdraw their consent. In such cases, EUF may continue to Process the relevant Personal Data only in presence of an alternative legal basis for such further Processing.

Modalities of data processing

The Personal Data provided to us will be processed in compliance with the GDPR and the obligations of confidentiality that govern the activity of the Data Controller. The data will be processed both with computer tools and on paper or any other suitable support, in compliance with the appropriate security measures under Article 5 par. 1 letter F of the GDPR.

Our Policy Regarding Minors

We do not knowingly collect or solicit personal information from anyone under the age of 18 or knowingly allow such persons to use our Services. If you are under such age, please do not send any information about yourself to us, including your name, address, telephone number, or email address. In the event that we learn that we have collected Personal Data from an individual under the age of 18, we will delete such Data as quickly as possible. If you believe that we might have received any Personal Data from or about an individual under the age of 18, please contact us at the address

Social Media Features   

Our Services may include social media features, such as the social media widgets. These features may collect your IP address, the page you are visiting on our Services and may set a cookie to enable the feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Website. Your interaction with these features is governed by the privacy policy of the company providing them.

When you use the PhD Hub on a mobile platform, we may collect and record certain information such as your unique device ID (persistent/non-persistent), hardware type, media access control (“MAC”) address, international mobile equipment identity (“IMEI”), the version of your operating system (“OS”), your device name, your email address (if you have connected to Facebook or Google+), and your location (based on your Internet Protocol (“IP”) address). We use this information for troubleshooting and to help us understand usage trends.

We may collect your location-based information for the purpose of providing you with the correct version of the application. We will not share this information with any third party. If you no longer wish to allow us to track or use this information, you may turn it off at the device level.

Changes to the Policy

We may update this privacy policy to reflect changes to our Processing and/or Data Protection practices. If we make any material changes, we will notify the Users by means of a notice on our Website prior to the change becoming effective. In any case, please visit this Privacy Policy periodically.


EUF or We - non-profit foundation European University Foundation - Campus Europae that, in concert with its member universities, has created and operates the Website and the Platform and offers the Services.

GDPR - the Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

Guest User – individual who access the Platform content without logging in or using the feature to log in as a guest.

Personal Data – as defined by GDPR, any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Platform – the Website and its interrelated Services.

Processing – as defined by GDPR, any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Services – any content or service available on the Platform and/or through the Website.

Terms and Conditions - the Terms and Conditions for the DocEnhance Platform, available at the following link.

User – individual who access the Platform using the feature to log in with PhDHub, Guest User, and/or individual who create/upload courses or other content on the Platform.

Website - and any child or affiliated webpage.