1. Introduction
This Privacy Statement outlines how the Interdisciplinary Conference on Psychedelic Research 2026 ("the Conference"), organised by Stichting O.P.E.N.: Onderzoek naar de Psychedelische Ervaring Nederland ("the Organiser"), registered at Sinderenstraat 6, 1107 TN, Amsterdam, Netherlands, KvK: 34279004 processes Personal Data on this website (the "Website"). It applies to our Website visitors, conference participants, suppliers, and anyone using our services via the Website. This Privacy Statement describes our policies and practices regarding the collection and use of your Personal Data and sets forth your privacy rights. We recognize that data privacy is an ongoing responsibility, and we will update this Privacy Statement from time to time as we undertake new personal data practices or adopt new policies.
2. Who is the Controller for the processing of your Personal Data?
The Organiser will be the responsible "Controller" for the Personal Data we collect when you use this Website. In this notice, OPEN Foundation is referred to as "OPEN Foundation", "we", "us", or "our". OPEN Foundation is a non-profit organization based in the Netherlands (EU VATIN: NL818267458B01) and is the organizer of the ICPR conference. As the data controller, OPEN Foundation has the responsibility for determining the purposes and means of the processing of your Personal Data and for protecting your Personal Data in compliance with applicable law.
3. Which categories of Personal Data do we process, and what is the purpose?
We may collect and process Personal Data in various categories, from different sources, and for different purposes. The following table summarizes the categories of Personal Data we handle, how we obtain the data, the business purposes for collecting it, and the legal bases for processing:
| Category of Personal Data | Sources | Purpose for Collection | Legal Basis |
|---|---|---|---|
| Contact Information: e.g., name, email address, telephone number, mailing address, affiliation/organization. | Provided directly by you (e.g., via contact forms, newsletter sign-up, event registration, or ticket purchase forms). | – To respond to your inquiries or requests and provide information. – To process conference registrations or ticket orders and communicate updates (e.g., confirmations, event information). – To send you newsletters or marketing communications about our events and services, if you have opted in (e.g., checked the subscription box). | Consent (when you submit an inquiry or explicitly sign up for communications); Contract (when needed to perform a contract with you, such as registering you for the conference or fulfilling your purchase). |
| Payment and Transaction Details: e.g., billing name, billing address, order details, payment status. (Note: We do not collect or store your full payment card details. These are handled directly by our third-party payment processor). | Provided by you during purchases/registrations, and by our payment service providers (transaction confirmations). | – To manage and fulfill your orders or ticket purchases, including processing payments and delivering any products or services to the address you provide. – To respond to any questions or issues regarding your orders. – (If you have opted in) To send you informational or marketing communications related to our events and services. | Contract (to process and fulfill your purchase or registration); Legal obligation (to maintain transaction records for accounting, tax, or anti-fraud purposes). |
| Communications Records: content of communications you send us, such as emails, contact form messages, customer support inquiries, or curriculum vitae (CV) if you send one to us. | Directly from you when you contact us by email, through a form, or other communication channels. | – To respond to and manage your requests or questions and provide support. – To keep records of our correspondence (e.g., for quality assurance, training, or to address any disputes). – If you submit a CV or job application, to consider you for current or future opportunities (we may include your information in our recruitment database). | Legitimate interest (to effectively communicate with you and improve our services); Consent (implied by your voluntary submission of information, or explicit consent for recruitment processing). |
| Technical Usage Data (Essential Cookies): e.g. cookie identifiers, IP address, and basic device and browser information. | Collected automatically through cookies or similar technologies and server logs when you interact with our Website. | – To enable core site functions such as navigation, secure logins, or form submissions. – To maintain the security and functionality of the Website (e.g., session management, load balancing). – To remember certain user preferences necessary for the service (e.g., language selection). | Legitimate interest (for operating a secure and functional website); Contract (where processing is necessary to deliver the service you requested, e.g. maintaining an online session for a ticket purchase). |
| Analytics and Usage Data (Analytical Cookies): e.g., cookies and similar IDs, IP address, device and browser type, pages visited, date/time of visits, and navigation paths. | Collected automatically via analytics tools (cookies and tracking scripts) – Please see our Cookie Statement for full details of these tools and data. | – To analyze how our Website is used and measure performance (e.g., which pages are most visited, how long users stay). – To improve the content, functionality, and user experience of our Website based on usage patterns. – To tailor our communications and marketing, for example, by understanding user interest in our events or content. | Consent (for placing and using non-essential/analytics cookies, as required by law); Legitimate interest (to improve our Website and services – in cases where analytics may be allowed based on anonymized data or applicable law). |
| Event Photography & Short Video Clips: identifiable images and short clips of attendees; incidental audio; basic metadata (date/time, venue). | Captured by us or our contracted photographers at events, occasionally re-shared from public posts where you tag us. | – To document and promote our events on our website, social media, newsletters, slide decks, and other organisational materials. – To maintain an internal archive of our community activities. – To respond to removal/objection requests. | Legitimate interests (for wide/ambient shots where individuals are not the focus). Consent (for identifiable close-ups/portraits or interviews). |
| Conference Session Recordings & Livestreams (ICPR and similar): audio/video recordings and photos of sessions, speakers, panelists, and audience; session metadata (title, track). | Recorded by us and our production partners; streamed/hosted on selected platforms. | – To produce and distribute educational content (live or on-demand) and to communicate about our programmes. – To promote future events and maintain an institutional archive. | Contract and/or consent for speakers/panelists (via participation/release terms). Legitimate interests for audience wide shots; consent for identifiable audience close-ups/testimonials. You may object or withdraw consent at any time (where applicable). |
5. Transfers outside the European Economic Area
Your Personal Data may be transferred to and processed in one or more countries outside of the European Economic Area ("EEA"). In particular, some of our service providers (for example, providers of cloud services or analytics tools) might be located outside the EEA. Whenever we transfer your data outside the EEA, we will ensure appropriate safeguards are in place to comply with EU data protection standards. These safeguards may include: verifying that the destination country has an adequacy decision from the European Commission, implementing Standard Contractual Clauses approved by the Commission, and/or requiring the recipient to adhere to binding and enforceable commitments to protect your data. You may request more information about international data transfers and obtain a copy of the relevant safeguards by contacting us through the channels provided below.
6. Data subject rights
Subject to applicable data protection laws, you have a number of rights regarding the Personal Data we hold about you. You can exercise any of these rights at any time by contacting us (see the Contact section below). We will consider and respond to each request within a reasonable timeframe and within any deadlines set by law, and we may request proof of identity to ensure we are dealing with the correct individual. Your rights include:
- The right to access: You have the right to request confirmation of whether we are processing your Personal Data, and if so, to request a copy of the data we hold about you, as well as information about how we use it.
- The right to rectification: If any of your Personal Data is inaccurate or incomplete, you have the right to have it corrected or updated.
- The right to deletion: You can ask us to delete or remove your Personal Data in certain circumstances, for example, if the data is no longer necessary for the purposes for which it was collected, or if you withdraw consent and we have no other legal basis to continue processing.
- The right to object: You have the right to object to our processing of your Personal Data when such processing is based on our legitimate interests (including profiling), or at any time to object to direct marketing communications. In some cases, we may have compelling legitimate grounds to continue processing your information despite an objection, but we will assess each request in context.
- The right to withdraw consent: Where we rely on your consent to process Personal Data (for example, for sending marketing emails), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we carried out based on your consent before its withdrawal.
- The right to restriction of processing: You can request that we restrict (temporarily halt) the processing of your Personal Data in certain circumstances – for instance, if you contest the accuracy of the data or object to our processing, we will consider the request and, during the consideration period, we will limit processing.
- The right to data portability: Under certain conditions, you have the right to receive Personal Data you provided to us in a structured, commonly used, machine-readable format, and to have that data transmitted to another controller where technically feasible.
- The right to lodge a complaint: If you believe your data protection rights have been violated, you have the right to file a complaint with a supervisory authority. In most cases, you may contact the data protection authority in your country of residence, or you may reach out to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) since OPEN Foundation is based in the Netherlands.
7. How do we protect Personal Data?
We have implemented appropriate technical and organizational measures to safeguard the Personal Data we process against unauthorized access, alteration, loss, or disclosure. These measures include keeping our security technology up-to-date and performing regular testing, maintaining firewalls and encryption where applicable, and robust access controls. We restrict access to your Personal Data to only those staff or contractors who need to know the information in order to perform their duties, and we train our personnel on confidentiality and data protection best practices. While we are committed to protecting your information, please be aware that no method of transmission over the internet or method of electronic storage is completely secure. Therefore, we strive to use commercially acceptable means to protect your Personal Data, but we cannot guarantee absolute security.
8. How long do we keep and store your Personal Data?
We will not retain your Personal Data for longer than necessary in relation to the purposes for which it was collected and processed. In any case, we may retain certain information for a longer period if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements. For instance, even after you delete your account or after we've provided a service, we might be obliged to keep some data for auditing purposes or to meet regulatory requirements. When your Personal Data is no longer needed for any of the purposes outlined above, we will remove it from our systems or anonymize it so that you can no longer be identified from it.
9. Changes to this Privacy Statement
We reserve the right to amend or update this Privacy Statement at any time and for any reason. Any changes will be published on our Website and, where required by law or if the changes are significant, we will provide a more prominent notice or seek your consent. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. The "Last updated" date at the top will indicate the latest revision. By continuing to use the Website or our services after any modifications to this Statement have been posted, you accept those changes.
10. Questions, concerns, or complaints
If you have any questions, concerns, or complaints regarding this Privacy Statement or how we handle your Personal Data, please contact us. We welcome your feedback and will endeavor to address any issues promptly. You can reach us by email at info@icpr-conference.com.
You also have the right to lodge a complaint with a data protection supervisory authority as noted above (see Section 6) if you believe we have not adequately addressed your concerns.