Overall and final responsibility for data protection lies with the ReproHack Core team, who are responsible for overseeing activities and ensuring this policy is upheld.
All ReproHack Hub Users are responsible for observing this policy, and related procedures, in all areas of their work for the group.
The ReproHack Hub needs to keep some personal data about its core team and members in order to carry out group activities.
We will collect, store, use, amend, share, destroy or delete personal data only in ways which protect people’s privacy and comply with the General Data Protection Regulation (GDPR) and other relevant legislation.
We will only collect, store and use the minimum amount of data that we need for clear purposes, and will not collect, store or use data we do not need.
We will only collect, store and use data for:
We will provide individuals with details of the data we have about them when requested by the relevant individual.
The only personal data we require are users' names and email addresses. Any other personal information on users' profiles is optional. Emails are never disclosed publicly on the Hub while names and other user profile information is only visible to other logged in users.
We do not collect sensitive personal information on our users, as defined by the European Commision, for example, data on racial or ethnic origin, polical opinions, religious or philosophical beliefs, sexuality, genetic, biometric or health data etc.
To communicate research or findings resulting from ReproHack activities to the public and the academic community, anonymised data provided to the Hub may potentially form part of a research publication, conference presentation, public talk or blog post. Where researchers wish to use any information that would identify you, specific consent will be sought.
The privacy of your personal data is paramount and will never be disclosed unless there is a justified purpose for doing so (e.g. providing contact email addresses for event hosts). The ReproHack project will NEVER sells personal data to third parties.
Your data may be shared with:
Data is stored securely in fully GDPR compliant data centers through the EU-hosted PythonAnywhere system and covered by a GDPR compliant Data Processing Agreement (DPA). See the full Privacy and Cookies Policy for details.
One of the aims of the General Data Protection Regulation (GDPR) is to empower individuals and give them control over their personal data.
The GDPR gives you the following rights:
Please note that many of these rights do not apply when the data is being used for research purposes, but we will always try to respond to concerns or queries that you may have.
To protect the integrity of ReroHack activity records, we do not by default delete your data should you delete your account. Instead, upon account deletion:
- Papers are automaticallly archived and no longer available for review.
- Reviews are set to private and associated with a deleted-user
account.
- Events remain public and visible but become associated with a deleted-user
account.
Please feel free to contact us at team@reprohack.org if:
We will do our utmost to help!
The Information Commissioner is the regulator for GDPR and you have the right to raise concerns with the Commissioner. The Information Commissioner's Office (ICO) has a website with information and guidance for members of the public: https://ico.org.uk/for-the-public/
The Information Commissioner's Office operates a telephone helpline, live chat facility and email enquiry service. You can also report concerns online. For more information please see the Contact Us page of their website: https://ico.org.uk/global/contact-us/