1. Data protection
If you have research collaborations with IDDO or have signed up for our newsletter, you will have provided information about yourself (‘personal data’). You may also have provided personal data to us for business purposes, for instance by providing us with your business card.
The Infectious Diseases Data Observatory (IDDO), and its malaria platform, the WorldWide Antimalarial Resistance Network, are hosted by the University of Oxford; the University is the ‘data controller’ for this information. This means that the University of Oxford decide how to use it and are responsible for looking after it in accordance with the General Data Protection Regulation (GDPR) and associated data protection legislation.
2. How we use your data
We will use your data to send email communications to you, and may occasionally contact you by other means (for instance, telephone/Skype) if you have provided us with these details in the context of a specific collaboration.
We are processing your data for these purposes only because you have given us your consent to do so, by providing us with this information. You can withdraw your consent at any time by contacting us at firstname.lastname@example.org or +44 (0) 1865 612984. In this event, we will stop the processing as soon as we can. This will not affect the lawfulness of any processing carried out before your withdrawal of consent.
We will only use your data for the purposes for which we collected it including scientific research, communication and collaboration, or other related purposes. If we need to use your data for an unrelated purpose, we will seek your consent to use it for that new purpose.
3. Who has access to your data?
Access to your data will be provided to our colleagues who need to view it as part of their work in carrying out the purposes described above.
We may also share your data with contacts in other organisations for the purpose of collaborative scientific research. Where we share your data with a third party, we will seek to share the minimum amount necessary. We will not share your data with other organisations for any other purpose without your prior consent.
4. Retaining your data
We will only retain your data for as long as we need it to meet the purposes described above, and for any purposes relating to legal, accounting, or reporting requirements.
Your data will be held securely in accordance with the University’s policies and procedures. Further information is available on the University’s Information Security website.
6. Where we store and use your data
Electronic data may be transferred to, and stored at, a destination outside the European Economic Area (EEA), for example, when we communicate with you using a cloud-based service provider that operates outside the EEA such as Survey Monkey, MailChimp, or Eventbrite.
Such transfers will only take place if one of the following applies:
• the country receiving the data is considered by the EU to provide an adequate level of data protection;
• the organisation receiving the data is covered by an arrangement recognised by the EU as providing an adequate standard of data protection e.g. transfers to companies that are certified under the EU US Privacy Shield;
• the transfer is governed by approved contractual clauses;
• the transfer has your consent;
• the transfer is necessary for the performance of a contract with you or to take steps requested by you prior to entering into that contract; or
• the transfer is necessary for the performance of a contract with another person, which is in your interests.
7. Your rights
Information on your rights in relation to your personal data are explained here.
8. About this policy
This policy was created in English and the English language version shall prevail.
If you wish to raise any queries or concerns about our use of your data, please contact us at email@example.com.
Infectious Diseases Data Observatory Privacy Notice, version 1, 17 May 2018