Please confirm you want to clear your response?
Data protection
Your answers are completely anonymous We will not collect your name, student number, IP address or any information that could identify you. Your responses are also confidential will be handled confidentially and will be reported as aggregated - only as combined / group-level data, never at an individual level. No one at your university will have access to your forms, and no one at your university will be able to see how you personally responded. Your direct responses (the raw data) will only be visible to this monitoring team, which operates external to your university. No one else will have access to the raw data.
Anonymization
This survey has been designed in accordance with the anonymization criteria of the Spanish Data Protection Agency (AEPD).
In short, open-ended responses will be manually reviewed and, where necessary, further anonymized to remove any information that could allow the direct or indirect identification of individuals.
Once the anonymization process is complete, the data will not allow the identification of any participant, even when combined with other reasonably accessible information.
Please refrain from including any information in the open-ended questions that could make you identifiable.
However, if a participant voluntarily includes information in open-ended response fields that allows for their direct or indirect identification (for example, first names, unique job titles, specific time references, or other identifying data), this information will be considered personal data and will be processed in accordance with Regulation (EU) 2016/679 (GDPR).
In these cases:
• Processing will be strictly limited to the purposes indicated in this clause.
• Open-ended responses will be reviewed and, where appropriate, further anonymized to remove any identifying elements before analysis or dissemination.
• This information will not be used to identify the participant or to contact them.
• The data is processed by the entity responsible for conducting the survey within the NEOLAiA Alliance. The results will be securely stored by WP 3 leaders and the steering committee, and will be used exclusively to monitor and improve Diversity and Inclusion (D&I) practices across the alliance.
The purpose of the data processing is:
• To analyze, in aggregate form, the perceptions, experiences, and opinions of participants regarding equality, diversity, inclusion, the university environment, etc.
• To prepare statistical reports and general conclusions that will serve as a basis for improvement actions, research, or institutional planning.
• The legal basis for the data processing is:
• The participant's consent, given through their voluntary participation in the survey (Art. 6.1.a GDPR).
• In the case of special categories of data (Art. 9 GDPR), explicit consent will be understood to be given by voluntarily completing these questions.
The data will not be communicated to third parties or transferred, except where legally required.
Where applicable, the following may access the data:
Collaborating entities or suppliers acting as data processors, under contract pursuant to Article 28 GDPR and solely for the purposes described.
The monitoring entity is comprised of members of the South African team who have signed a confidentiality and non-disclosure agreement, committing to not share this information with third parties outside the NEOLAIA alliance. Prior to processing, the information is anonymized to prevent international data transfers. If you have any questions regarding international data transfers, you can contact the monitoring entity at: neolaia.monitoring@mandela.ac.za
The data will be stored until the anonymization and aggregation process is completed, without the possibility of identifying the participants.
In cases where personal data is processed, participants may exercise the following rights:
• Access
• Rectification
• Erasure
• Restriction of processing
• Objection
These rights may be exercised by submitting a request to the data controller at the address indicated in section 1 or in accordance with the terms established by each University as described in its privacy policy.
However, when the data is effectively anonymized, these rights will not apply, as it will not be possible to identify the participants.
Data Minimisation and Non-Identifiability
The surveys will be manually anonymised. Retained data will be strictly limited to information that is necessary for the analytical purpose of the project. No directly identifying information (such as names, contact details, or unique personal characteristics) will be captured.
Furthermore:
• Any potentially identifying contextual details will be omitted or generalised.
• The information captured will not allow for the direct or indirect identification of natural persons.
• The dataset will be structured in a way that prevents re-identification, even when combined with other reasonably accessible information.
As a result, the information collected during the surveys will be treated as effectively anonymised data, as defined under GDPR Recital 26, meaning that it is not related to an identified or identifiable natural person.
Processing and International Transfers
Before any transfer of data outside the European Economic Area (EEA), including to servers located in South Africa, a prior anonymisation process is carried out. This process ensures that all identifiers and any elements that could lead to identification are fully removed.
Consequently:
• The data transferred to and processed on servers in South Africa no longer constitutes personal data within the meaning of Article 4(1) GDPR.
• The information cannot be linked to an identified or identifiable individual.
• The processing carried out in South Africa therefore falls outside the scope of the GDPR, as it concerns anonymised information only.
Safeguards and Compliance Measures:
• In line with GDPR principles:
• Data minimisation (Article 5(1)(c)) is ensured by limiting the information collected to strictly necessary, non-identifiable insights.
• Storage limitation (Article 5(1)(e)) is respected by retaining only anonymised data for analytical purposes.
• Integrity and confidentiality (Article 5(1)(f)) are reinforced through controlled access and secure storage environments.
• No personal data is shared with third parties, and no attempt is made to re-identify participants at any stage.
The recipients or categories of recipients
The raw data will only be made available to the monitoring entity (as agreed upon by the NEOLAIA steering committee). The monitoring entity is an external entity to the NEOLAIA alliance, and they are not a member of any of the universities within the alliance. The monitoring entity consists of a small group of South African team members, with diverse ethnic and cultural backgrounds and diverse fields of expertise. The project leader has 18 years of experience in researching diversity and inclusion.
The monitoring team signed a confidentiality and non-disclosure agreement, to not share any information resulting from this monitoring process, with any third parties outside of the NEOLAIA alliance. The monitoring entity will write a report for each institution, as well as a combined report for the alliance. Each Neolaia WP3 delegate will receive their own institution’s report, as well as a collective report for the alliance. The members of the steering committee will also receive their respective institution’s reports, as well as the collective report. These reports will be used for internal distribution within the alliance. The reports will not be used for academic publication.
The monitoring entity has signed confidentiality and non-disclosure agreements that prohibits them from sharing any data outside the NEOLAIA alliance. Within, it states that (i) all information is considered confidential; (ii) no information can be passed on to third parties; and (iii) all precautions necessary must be taken to prevent third parties from accessing this information.
The data of this anonymous LimeSurvey will be stored in a secure cloud server in Germany, following GDPR regulations. After the manual anonymisation process, the anonymous data will be transferred to a secure Microsoft cloud server hosted by Nelson Mandela University in South Africa, for analysis and reporting.
The raw data will be deleted immediately after the monitoring entity’s contract concludes with NEOLAIA Alliance in 2027. If the NEOLAIA Alliance wishes to extend the monitoring process with this monitoring entity, the data will be kept for a maximum of 5 years, to determine progression of diversity and inclusion at each institution, and within the NEOLAIA alliance as a whole.
Participants have the right to lodge a complaint with the competent Data Protection Supervisory Authority or, where applicable, with their Data Protection Officer, especially if they believe their rights have not been adequately addressed.
The contact details of the Data Protection Officers at each partner institution, can be found below:
Bielefeld University
DPO: Anja Schmid
https://ekvv.uni-bielefeld.de/pers_publ/publ/PersonDetail.jsp?personId=26492011&lang=EN
Őrebro Universitet
DPO: Anders Tjernström anders.tjernstrom@oru.se
Ostravská Univerzita
DPO: Jan Humpolík jan.humpolik@osu.cz
Šiaulių valstybinė kolegija
DPO: Silva Adomaviciene s.adomaviciene@svako.lt
Universidad de Jaén
DPO: dpo@ujaen.es
Université de Tours
DPO: Nastasia BEDOUET, dpo@univ-tours.fr
Universitá degli Studi di Salerno (UNISA)
DPO: Dr. Attilio Riggio (contact via ltufano@unisa.it)
Universitatea Stefan dal Mare Suceava
DPO: iolanda.rusu@usm.ro
University of Nicosia
DPO: ioannides.ni@unic.ac.cy