Primary tabs

Locus Reference Genomic - record creation

Privacy Notice for Locus Reference Genomic Record Creation

This Privacy Notice explains what personal data is collected by the specific service you are requesting, for what purposes, how it is processed, and how we keep it secure.

Note that this service collects personal data directly provided by the user, and also collects personal data from users that is provided by other organisations.

1. Who controls your personal data and how to contact us?

The EMBL-EBI data controller's contact details are:

Rolf Apweiler and Ewan Birney, EMBL-EBI Directors
Email: data-controller@ebi.ac.uk
EMBL-EBI, Wellcome Genome Campus, CB10 1SD Hinxton, Cambridgeshire, UK.

The EMBL Data Protection Officer’s contact details are:

EMBL Data Protection Officer
Tel: +49 6221 387-0
Email: dpo@embl.org
EMBL Heidelberg, Meyerhofstraße 1, 69117 Heidelberg, Germany.

There are organisations outside EMBL involved in providing the service and processing personal data.

National Center for Biotechnology Information (NCBI)
Terence Murphy
Email: murphyte@ncbi.nlm.nih.gov
NCBI/NLM/NIH/DHHS, 45 Center Drive, Bethesda, MD 20892-6510, United States.

2. Which is the lawful basis for processing personal data?

We need your consent to process your personal data. If you do not consent to us processing your personal data, we will not be able to create an LRG record with you as the requester.

3. What personal data is collected from users of the service? How do we use this personal data?

We collect the following  personal data from users of the service:

  • Name
  • Email address
  • Organisation
  • Organisational affiliation
  • Business address
  • Date and time of a visit to the service website
  • Amount of data transmitted

The data controller will use your personal data for the following purposes:

  • To provide the user access to the service
  • To publicly publish information to facilitate scientific research

4. Who will have access to your personal data?

The personal data will be disclosed to:

  • The general public (Name, Email address, Organisation, Organisational affiliation and Business address)
  • Authorised staff in the data controller’s institutions.

5. Will your personal data be transferred to third countries (i.e. countries not part of EU/EEA) and/or international organisations?

Personal data is transferred to the following organisation based in third countries and that provide the service:

National Center for Biotechnology Information (NCBI)
NCBI/NLM/NIH/DHHS, 45 Center Drive, Bethesda, MD 20892-6510, United States.

There are no personal data transfers to international organisations.

6. How long do we keep your personal data?

Any personal data directly obtained from you will be retained even if the service ceases to live. We will keep the personal data for the minimum amount of time possible to ensure legal compliance and to facilitate internal and external audits if they arise.

7. The joint Data Controllers provide these rights regarding your personal data

You have the right to:

  1. Not be subject to decisions based solely on an automated processing of data (i.e. without human intervention) without you having your views taken into consideration.
  2. Request at reasonable intervals and without excessive delay or expense, information about the personal data processed about you. Under your request we will inform you in writing about, for example, the origin of the personal data or the preservation period.
  3. Request information to understand data processing activities when the results of these activities are applied to you.
  4. Object at any time to the processing of your personal data unless we can demonstrate that we have legitimate reasons to process your personal data.
  5. Request free of charge and without excessive delay rectification or erasure of your personal data if we have not been processing it respecting the data protection policies of the respective controllers.

It must be clarified that rights 4 and 5 are only available whenever the processing of your personal data is not necessary to:

  • Comply with a legal obligation.
  • Perform a task carried out in the public interest.
  • Exercise authority as a data controller.
  • Archive for purposes in the public interest, or for historical research purposes, or for statistical purposes.
  • Establish, exercise or defend legal claims.
Published at:
May 25, 2018 - 16:06