Ethical protocol on geolocation and privacy

1. Ethical justification and legal basis

The Life-Nitrazens project is guided by the principle of environmental transparency and by fundamental ethical principles. The fact that monitoring nitrate levels at specific locations may have socio-economic implications (penalties, neighbourhood disputes or a fall in property values) means that these risks must be mitigated. The project therefore relies on the following legal bases for the restricted processing of location data.

• Article 89 of the GDPR, which allows for specific exceptions and safeguards for the processing of data for scientific research purposes.
• Directive 2003/4/EC (Access to Environmental Information), which allows access to information to be restricted if its disclosure could adversely affect environmental protection or if there are interests relating to the confidentiality of personal data.
• The principle of Privacy by Design (Article 25 of the GDPR), implementing technical measures to ensure that, by default, only data that does not identify natural persons or vulnerable properties is published.

2. Processing of precise geolocation data (internal use)

• Legal basis. The processing of precise location data is necessary for the performance of a task carried out in the public interest and for scientific purposes (Art. 6(1)(e) and Art. 89 of the GDPR).
• Restricted access. Only the scientific team of the designated consortium has access to the precise geolocation data.
• Security and sovereignty. The data is hosted on servers belonging to the Ibercivis Foundation, ensuring that the information remains within the jurisdiction of the European Economic Area.

3. Publication Policy and Precision Reduction

In order to guarantee the anonymity of participants and prevent local security conflicts, the following spatial anonymisation and pseudonymisation techniques will be applied:

• Obfuscation (jittering). Public coordinates will undergo a controlled random shift to prevent the identification of the exact sampling point.
• Spatial Aggregation (Art. 4.9 GDPR). Results will preferably be displayed in aggregated form (1×1 km grids or at municipal level) to disassociate environmental data from private property.
• Complete de-identification. In accordance with the principle of data minimisation, no metadata that would allow the participant to be re-identified (name, photos of façades or property details) will ever be published in association with the analysis results.

4. Conflict management and communication with the authorities

Should any critical gatherings requiring administrative intervention be detected, the project will act within the framework of collaboration with public authorities, whilst protecting the identity of the member of the public who reports the matter in accordance with the Whistleblower Protection Act (Whistleblowing Directive), where applicable, or by guaranteeing the anonymity of the volunteer unless expressly required by a court order.