Privacy policy
The MONALISA project prioritises safeguarding your privacy and is actively working on advancing technology to provide you with the utmost secure and empowering online experience. This Privacy Statement pertains to the official website of the MONALISA Horizon Europe project (Grant Agreement No 101157867) and governs the collection and utilisation of data. This Privacy Policy explains how personal data is collected, used, stored, and protected in relation to the MONALISA project website (https://monalisa4land.eu) and related online forms, including the registration forms and stakeholder engagement mechanisms.
The MONALISA project is funded by the European Union under the Horizon Europe programme.
For all personal data collected through the MONALISA website and associated web forms, INOSENS doo Novi Sad acts as the sole Data Controller in accordance with Article 4(7) of the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
Personal data is processed on one or more of the following legal bases:
Article 6(1)(a) GDPR – where you have provided explicit consent (e.g., DSS registration or stakeholder communication).
Article 6(1)(b) GDPR – where processing is necessary to respond to your request or inquiry.
Article 6(1)(f) GDPR – where processing is necessary for legitimate interests such as website security and service improvement.
You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
Policy Scope
This Privacy Policy is applicable to the MONALISA project, regardless of the device used to access it, such as computers, mobile phones, tablets, TVs, or other devices.
Categories of Personal Data Collected
We may collect and process the following categories of personal data:
Data Provided Voluntarily by Users
(Full Name, Email address, Organisation name, Country, Stakeholder category, expressed interests related to DSS modules or project activities, and any additional information voluntarily submitted through contact forms or registration mechanisms on the website).
Automatically Collected Data
(IP address (anonymised where applicable), Browser type and version, Device information, Referring website, Pages visited and time spent), collected via analytics tools.
Where users fill out registration/interest forms or related stakeholder activities, personal data may be used to categorise stakeholders according to sector, expressed interests, or type of engagement (e.g., testing, workshops, policy dialogue).
Such categorisation is used solely for communication and coordination purposes and does not constitute automated decision-making producing legal or similarly significant effects under Article 22 GDPR.
No automated profiling is used for decisions affecting users’ rights.
Email Communication
When you choose to communicate with us via email, we request your name and mailing address. Please note that providing this information is essential for us to respond to your message personally. The only required data for this purpose is your name and mailing address. The legal basis for processing this personal data is Article 6(1)(b) of GDPR, as it is necessary to address requests from the concerned parties.
Social Media
Certain web pages on our website may utilise social plug-ins from external organisations (e.g., Twitter’s retweet function). These organisations may receive and use personal data regarding your visit to our website or apps. If you browse our website or view content on our apps, the information they collect may be associated with your account on their respective platforms. For more details on how these organisations handle personal data, please refer to their privacy policies.
Site Visitation Tracking
We employ Google Analytics (GA) to track user interactions and gather statistical insights. This data helps us understand the number of website users, their browsing patterns, and their overall journey through our website. Although GA records data such as geographical location, device, internet browser, and operating system, none of this information personally identifies you to us. Your computer’s IP address is anonymised by GA services and cannot be used to personally identify you. We consider Google as a third party. GA employs cookies, which are further described in Google’s developer guides. Please note that disabling cookies in your internet browser will prevent GA from tracking your visit to our website.
International Data Transfers
Personal data is processed within the European Economic Area (EEA). Where third-party service providers process data outside the EEA, appropriate safeguards such as Standard Contractual Clauses or adequacy decisions are applied in accordance with Chapter V GDPR.
Storage of Personal Data
If you provide your contact details through the preferred email message, we only store your name and email address. Your contact details will not be shared with any third parties and will be securely stored by MONALISA, accessible only to authorised personnel. Personal data may also be stored where users voluntarily register for stakeholder engagement activities, DSS early access, workshops, or related MONALISA initiatives. We utilise state-of-the-art technology and implement various safeguards to protect your personal data from misuse or unauthorised processing. These safeguards include restricting access to authorised individuals, isolating IT systems used for data processing, and continuously monitoring system access to prevent misuse. Data Controller implements appropriate technical and organisational measures in accordance with Article 32 GDPR to ensure a level of security appropriate to the risk.
Retention Period of Personal Data
Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected or as required by applicable law.
Specifically:
Contact form communications: retained for up to 3 years after the last interaction.
DSS registration and stakeholder engagement data: retained until withdrawal of consent or up to 5 years after project completion, unless legal obligations require longer retention.
Analytics data: retained in anonymised or aggregated form.
Cookies and Third-Party Cookies
Cookies are small text files used by websites to enhance user experience. Our website only uses necessary cookies and does not collect any additional cookies. You have the right to configure your browser to notify you before accepting cookies or to refuse them, although doing so may limit access to certain features of the website. Consult your browser’s help section for instructions on managing your cookie preferences. It’s important to note that many parts of the website can be accessed and navigated without enabling cookies. If you use multiple computers in different locations, ensure that each browser is adjusted to accommodate your cookie preferences.
Data Subject Rights
Under the General Data Protection Regulation (Articles 15-21), you have several important rights of your personal data. These rights include:
Right to Information: You may request information about whether we hold personal information about you, and, if so, what that information is and why we are holding it.
Right of Access: You have the right to access your personal data and obtain additional information about how we process it.
Right to Rectification: You can review, correct, update, or modify your personal data by contacting the Data Controller at info@monalisa4land.eu.
Right to Erasure (Right to Be Forgotten): You have the right to request the deletion of your personal data, except when processing is necessary for contractual obligations, legal requirements, or public interest.
Right to Restriction of Processing: You can request the restriction of processing your personal data under specific circumstances.
Right to Object to Processing: You have the right to object to the processing of your personal data based on legitimate interests pursued by us as data controllers, including direct marketing and consumer profiling.
Right to Data Portability: You have the right to receive your personal data in a commonly used format and request transmission to another controller if technically feasible.
Right to Withdraw Consent: If processing is based on your consent, you have the right to withdraw it at any time.
To exercise any of these rights, please:
- Contact us using the provided contact details.
- Provide sufficient information for identification purposes.
- Provide proof of your identity and address.
- Specify the information to which your request relates.
Time Limits for Compliance with Data Subject Rights
We strive to fulfil all requests within 30 days. However, depending on the specific right or complexity of the request, this period may be extended.
Data Controller and Contact Details
INOSENS doo Novi Sad (“INOSENS”), a Private Company registered in Serbia with its registered office at Sonje Marinkovic 18, Novi Sad, is the data controller for this website.
Email: info@monalisa4land.eu
For any questions, comments, or requests related to this Privacy Policy, you can also contact us at the aforementioned email address or postal address.
Complaints Procedure
We aim to address any queries or concerns you may have about our use of your data. If you believe that we have not adequately responded to your complaints or concerns, you have the right, under the General Data Protection Regulation, to lodge a complaint with your local data protection or supervisory authority in the European Union or European Economic Area. For processing activities under the responsibility of the Data Controller, complaints may also be submitted to the Commissioner for Information of Public Importance and Personal Data Protection of the Republic of Serbia.
Changes to Our Privacy Policy
This privacy policy may be updated periodically to comply with legislative requirements or industry developments. Material changes to this Privacy Policy that significantly affect data processing practices may be communicated to registered stakeholders via email. The updated version will always indicate the revised effective date. Therefore, we recommend checking this page occasionally for any policy updates.
Last updated: 20/02/2026