Privacy and Confidentiality

EATRIS is committed to protecting user privacy and ensuring compliance with the General Data Protection Regulation (GDPR), the Artificial Intelligence Act (AIA) and any other applicable regulation.

• Data collection: The Digital Hub does not require user accounts and does not collect personal data. Limited anonymised logs are maintained for administrative purposes (e.g. monitoring usage and ensuring system stability). Some technical data may be processed by the service provider (OpenAI) according to their standard retention practices.
• Data storage: Logs are anonymised and cannot be linked to individual users. No personally identifiable information is stored.
• Third-party services: The Digital Hub operates via the OpenAI API.
• Compliance: The Hub processes only publicly available personal data (when present in EATRIS-curated sources) and adheres to GDPR standards.
• Intended use: The Digital Hub is not designed to process or advise on personal medical situations. Users should not submit medical histories or ask for clinical guidance.

The EATRIS Digital Hub is exempted from the application of the AIA, under Article 2, number 6 of the AIA, which states that: " This Regulation does not apply to AI systems or AI models, including their output, specifically developed and put into service for the sole purpose of scientific research and development". Notwithstanding the above, EATRIS Digital Hub has been designed and deployed in consideration of minimum transparency requirements to inform any natural person that all interactions with the EATRIS Digital Hub corresponds to an interaction with an AI agent.