Privacy

Privacy notice for Trialaborate users

Privacy Notice for Trialaborate Users

This data privacy notice describes how personal information is collected, used, retained and disclosed at the Liverpool Clinical Trials Centre.

1. What is a privacy notice?

A privacy notice is a statement that describes how personal information is collected, used, retained and disclosed. This Privacy Notice is for people who use the Trialaborate website.

2. What is Personal Data?

Personal Data means any information which relates to you, or identifies you as an individual. It includes information which can directly identify you, and also information which may identify you if combined with other readily available information. Examples of Personal Data are: names, addresses, telephone numbers, dates of birth, IP address, etc.

Some Personal Data is considered sensitive and is called “special category”. This includes data concerning: racial or ethnic origin, religious beliefs, trade union activities, physical or mental health condition, and sexual life or sexual orientation.

The specific type of Personal Data we collect and use about you, and the purposes for which we use it, depends on the particular research objectives of the project you are involved in. The objectives of each research project are detailed in the project-specific information that has been provided to you as participants or research team members.

3. How are we protecting your Personal Data?

We are committed to protecting your rights and freedoms, and making sure that the Personal Data we hold is always handled it in a sensitive and confidential way. We have put in place a number of “safeguards” to achieve this.

Our staff are required to follow policies and procedures which ensure:

  • the amount and type of data collected is proportionate to the objectives of the research
  • the data collected is only retained as long as necessary for the aims and purposes of the research
  • the data is held and handled safely, securely and confidentially
  • Training is delivered to ensure our staff appreciate the importance of data protection and understand the policies and procedures we ask them to follow
  • all research projects undergo a formal risk assessment which includes assessment of data protection issues
  • all research projects involving Personal Data are reviewed and approved by a research ethics committee, which ensures that the research will not cause damage or distress to individuals
  • if external companies or individuals not employed with the University process data on our behalf, or have joint responsibility for the data with us, we put formal agreements in place, which describe everybody’s roles and responsibilities
  • if data is transferred outside of the UK, we ensure that there are adequate data protection laws in place in that country, or that they are part of special schemes providing assurance of privacy and security (e.g. the US Privacy Shield).

4. Your rights

Under Data Protection law you have rights in relation to the Personal Data we hold about you. These include the right to:

  • be informed about how your information is being used
  • access the information/receive a copy of the information
  • correct any inaccurate information
  • have any information deleted
  • restrict or object to our processing of the information
  • move your information.

It is important to understand that the extent to which these rights apply to research will vary and that in some circumstances a right may be limited. This may be the case if implementing a right is likely to make it impossible to do the research, or might seriously impair the objectives of the research. If we cannot implement a right for those reasons, you will be informed of the decision within one month and you also have the right to complain about this decision to the Information Commissioner.

It should also be noted that we can only implement your rights during the period upon which we hold personal identifiable information about you. Once the information has been permanently destroyed or irreversibly anonymised and becomes part of the research data set it will not be possible for us to access your Personal Data.

5. Who to contact

If you have any questions about how your Personal Data is used, you may find the information you need on the University’s Data Protection webpages. If you don’t find what you are looking for, have more questions, or want to exercise any of your rights, you can contact the University’s Data Protection Manager by emailing LegalServices@liverpool.ac.uk or write to:

The Data Protection Manager
University of Liverpool
2nd Floor – The Foundation Building
Brownlow Hill
Liverpool L69 7ZX

6. Can I complain?

Yes. If you are not happy with the way your information is being handled, or with the response received from us, you have the right to lodge a complaint with the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, SK9 5AF (www.ico.org.uk).