The Recursive Self

Privacy Policy

(for the Phenomenological Experience Survey)

1. Data Controller

The controller responsible for the processing of your personal data within the meaning of the EU General Data Protection Regulation (GDPR) is:

Norman Weiss
Independent Researcher
Email: info@recursive-self.org
Germany

This survey is conducted as part of an independent academic research project on phenomenological experience and the micro-structure of subjective awareness.

2. Purpose of the Survey

The survey investigates how individuals describe elements of their own experience—such as the sense of presence, internal processes, self-perception, and reflection on past decisions.
It is not intended for diagnostics, psychological evaluation, or any form of assessment of mental health.
There are no “correct” answers; only your subjective perception is relevant.

3. Categories of Data Processed

3.1 Data you actively provide

Depending on your input, the survey may process:

  • Responses to qualitative or quantitative questions
  • Optional free-text descriptions
  • Optional email address (only if you choose to subscribe to the update mailing list)

3.2 No special categories of personal data required

The survey does not request or require health data, biometric data, ethnicity, political opinions, sexual orientation, or any other special category under Art. 9 GDPR.
If you voluntarily enter such information in free-text fields, it will be processed only as part of your voluntary submission.

3.3 Log data (minimal)

The survey system may automatically collect technical metadata essential for secure operation, such as:

  • Date and time of access
  • IP address (briefly stored, see retention below)
  • Browser type and operating system
  • Referrer information (if applicable)

These are standard server logs and are used only for security and technical troubleshooting.

3.4 Cookies

The survey itself uses no tracking cookies.
If the hosting provider or survey platform sets technically necessary cookies (e.g., for load balancing or session stability), these will be used exclusively for the provision of the service and not for analytics or marketing.

4. Legal Basis for Processing

Processing is carried out on the following legal bases under the GDPR:

  • Art. 6(1)(a) GDPRConsent: Your participation in the survey and submission of responses is voluntary.
  • Art. 6(1)(f) GDPRLegitimate interest: Limited technical logging is necessary to maintain the security and integrity of the survey environment.
  • Art. 6(1)(a) GDPRConsent: If you subscribe to the mailing list, your email address is processed solely to send updates about new experiments or published results.

You may withdraw your consent at any time by contacting the controller.

5. How Your Data is Used

Your responses are used exclusively for:

  • Scientific analysis
  • Development of theoretical models of subjective experience
  • Possible publication of aggregated results
  • Improvement of future experimental designs

All analysis is conducted on anonymized or pseudonymized datasets.
No individual response will be attributed to identifiable persons.

Email addresses (if provided) are used only for sending updates about the project and nothing else.

6. Data Retention

  • Survey responses are retained for the duration necessary to perform scientific analysis and may be archived in anonymized form for long-term research.
  • Server logs (including IP addresses) are retained for no longer than 30 days, unless required to investigate security incidents.
  • Mailing-list email addresses are retained until you unsubscribe.

If you withdraw consent, your identifiable data (if any exists) will be deleted; anonymized data cannot be retroactively linked and will remain part of the research dataset.

7. Data Sharing and Transfer

Your personal data will not be sold, shared, or transferred to third parties except:

  • service providers hosting the survey (acting as data processors under Art. 28 GDPR),
  • when legally required by court order or statutory obligation.

Data is generally processed within the EU/EEA.
If external services outside the EU/EEA are used (e.g., email delivery services), transfers occur only under appropriate safeguards such as Standard Contractual Clauses (Art. 46 GDPR).

8. Security Measures

Technical and organizational measures are implemented to ensure the security of your data, including:

  • encrypted data transmission (TLS/HTTPS)
  • restricted access to data storage
  • pseudonymization of survey responses
  • minimized data collection
  • secure server infrastructure

9. Your Rights Under the GDPR

You have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise any of these rights, contact the controller directly via the email provided above.

10. Participation of Minors

This survey is intended only for adults (18+).
Minors should not submit data.

11. Changes to This Privacy Policy

If the scope, purpose, or structure of the survey changes, this privacy policy will be updated accordingly.
The current version is always available on the survey website.