For more information on your general data privacy rights please visit the website of the Data Protection Commissioner www.dataprotection.ie
- What Data do We Collect?
- How do We Collect Your Personal and Research Data?
- How do We Store Your Personal Data?
- How do We Store Your Research Data?
- How Long do We Keep Your Personal Data?
- How Long do We Keep Your Research Data?
- How do We Protect Your Data?
- What Are Your Data Protection Rights?
- How Will You Share Information With Me?
- Unsubscribe to Newsletter
- What Happens When You Contact Us?
- What Are Cookies?
- Privacy Policies of Other Websites
- How to Contact Us
- How to Contact The Proper Authorities
Summary of Key Elements of This Policy
|Personal data we collect from you||What we do with it||Third parties we share it with|
|Contact information, such as your preferred name and email address||Communicate with you, if you sign up for the newsletter or express interest in an interview||Companies providing communications services, such as MailChimp and Facebook Lead Ads|
|IP Address and email address via our Questionnaire||Nothing. After 14 days this information is deleted||We will only share this information with authorities if there is a risk of harm to yourself or others|
|Answers to the questionnaire||After taking out identifying information, we use this in our research for print and digital publications, conference papers and presentations, books and other academic texts, reports and other publications||None|
Beyond Opposition researchers (The research team consists of PI: Prof. Kath Browne, Canadian supervisor Catherine Nash, plus a project manager, postdoctoral researchers, and doctoral students) are committed to the highest standards of data security and protection in order to preserve the personal rights and interests of study participants. Your privacy is of the utmost importance to us. The collection of personal data is conducted under the applicable European, UK and Canadian laws and regulations.
Our project collects the following data:
- Personal data: Identification information (Name, email address, phone number, etc.).
- Research data: This includes any answers you provide in your questionnaire and/or subsequent interviews should you choose to participate.
- Personal data shall always be collected, stored, and exchanged in a secure manner, through secure channels.
- This website will collect two kinds of data: personal data (name, email, IP Address) and research data (answers to the questionnaire, comments and feedback submitted). These data sets will be disconnected prior to analysis and your questionnaire or interview answers will not be associated with any of the personal data collected.
- Your personal data such as name, email address, IP address will not be shared with any third parties, unless you sign up to stay in touch, in which case MailChimp will hold your name and email address. Your personal data cannot and will not be linked to or associated with your research data, including any of your answers on the questionnaire or the interviews (please see the interview information sheet for details regarding choosing to use your own name), unless you want to have the option to withdraw, in which case we will keep the email with your consent form to link this to your data. Please note that this email thread may also include your transcript which in that case would also be kept.
- If there is a threat of harm to you or to others, before we decouple personal and research data, the researchers will link research data and personal data to notify the relevant authorities.
Background on the Project
All research data obtained via the Beyond Opposition questionnaire will be transmitted to researchers only after the removal of your IP address and email by the Principal Investigator (PI) and the Project Manager (PM). This will be undertaken after checking for potential harm to yourself and others (see below). After this point, your questionnaire data cannot be withdrawn. The PI/PM will not look at your data in relation to analysis for the project with your IP address or email until your IP address and email address have been removed. Other members of the research team will not have access to your name, email, or IP address when they read the answers to your questions.
At the end of our questionnaire, you will be offered the opportunity to sign up for an interview. Should you consent to an interview, your answers to the online questionnaire will not be kept with your interview sign-up details, i.e. preferred name and email address. We will only contact you regarding an interview if you consent for us to do so, and you can request that we no longer contact you at any time.
If there is a risk of harm to you or someone else, we will report this to the relevant authority with the personal data that we have and the specifics of the risk identified. This may mean including research data and linking this to personal data.
Personal data are processed for the purposes outlined on the project website, in the project information sheet and in the informed consent forms only. Use of personal data for other purposes will require explicit participant approval. Also, personal data is not transferred to any places outside the project research team. This means that we will not use your email address, name or IP address except to contact you about the research and we will not transfer these details to anyone else. We will not use your IP address unless it is to report a risk of threat or harm to you or someone else.
What Data do We Collect?
Our project collects the following data:
- Personal data: Identification information (preferred name, email address, phone number, etc.).
- Research data: This includes any answers you provide in your questionnaire and/or subsequent interviews or workshops, should you choose to participate. It also includes comments made on public facing Beyond Opposition social media pages and adverts.
How Will Personal Data be Used?
Our project collects your personal data so that we can:
- Send you updates and newsletters about the project, if you have signed up to the project newsletter
- Offer opportunities for further participation in the project
- Email addresses will be used to contact individuals who consent to be contacted for an interview
- Emails and phone numbers will be used to arrange interviews
- When our project processes data from the questionnaire it is not associated with your IP address, email, or name
What Personal Data do We Collect?
Data collected on the website via the project questionnaire will include IP addresses and email addresses for those who gave them. This raw data will be downloaded from the secure Beyond Opposition server bi-weekly. At this point, if we identify potential harm to you or others, we will report this to the relevant authorities. This may mean linking research data with personal data. After surveying submissions, IP addresses and emails will then be removed by the UCD based project manager and principal investigator. They will also remove names/places and other identifying details before the data is coded and processed for dissemination to the project research team. We do not collect any personal data from social media. Where comments are stored from social media recruitment adverts, these are immediately de-identified and name, profile picture and other identifying factors are redacted prior to storing on UCD’s secure servers.
Note: Once your IP address and email address are detached from your questionnaire submission, the information you provide cannot be withdrawn from the research, as your personal details will no longer be attached to your answers. This questionnaire data will be then made available to the research team located in Canada (Brock University), UK and Ireland (UCD). They will remove further identifying details that may be contained in your responses. This might be specific names of people or places, or other specific information that may identify you. The data is then considered de-identified. It will remain in Ireland, on UCD servers (see below), but will be accessible to researchers in Canada via a remote desktop, using a VPN which is encrypted and password protected.
If you consent to be interviewed, however, researchers will require contact details to arrange the interview. This could include emails and phone numbers. All personal data (telephone numbers, emails and addresses, as well as signed consent forms) will be kept separately from your research data. Identifying information about you will not be used in any reports of the research or in any publications that draw on the research. The only exception to this is where you ask us to use your real name. We will do this only on your explicit request. However, we will not release any other personal data. Personal information will be destroyed 10 years after the end of the project unless it is archived.
If you consent to be part of a workshop (in year 4 of the project), however, researchers will require contact details to arrange this. This could include emails and phone numbers. All personal data (telephone numbers, emails and addresses, as well as signed consent forms) will be kept separately from your research data.
What Kind of Research Data do We Collect?
- The research data we collect includes the answers you provide via the questionnaire and any feedback or ideas you submit via the website, during interviews, or during workshops, plus publicly available online data regarding the topic of this project.
- Prior to submitting each section of your online questionnaire, you will be asked whether you consent to your responses to that section being used in this research project. If you choose not to consent to your responses to a section of the questionnaire being used, then those answers will be deleted from your research data by the PI or the PM before it is analysed for the purposes of this research. Throughout the questionnaire process you will also have the option to delete your answers to all sections and exit the questionnaire without any research data being saved. If you choose to delete your answers, those answers will not be submitted and there will be no way to retrieve those answers.
- If you consent and submit your answers to the questionnaire, your submission and answers cannot be changed or deleted via the online questionnaire once submitted. However, if you decide to retract your answers from the study, you can contact us for up to 14 days after submission by using the ‘contact us’ page on the website and instruct us to delete your submission, but only if your submission is uniquely identifiable. After 14 days, your answers will be disconnected from your email and IP address, further de-identification will take place after this point, and we will not be able to delete your submission. Storage of Beyond Opposition Research Data complies with the secure backup requirement. This means that if your data has been backed up on the Beyond Opposition secured data server then that copy of your data will only be accessible if it is necessary to retrieve a data set from the backup, at which point, if you have requested that your data be deleted, your data will once again be deleted from the working copy.
- When you exit your completed questionnaire, you will be asked if you would like to be contacted for an interview, via an interview sign up form. If you choose not to sign up to an interview, you will not be contacted to take part in an interview with the project, as the project team will have no contact details for you.
- When you exit your completed questionnaire, you will also be asked if you would like to be kept up to date with the project and its activities via email updates, e.g. newsletters. If you choose not to sign up for these email updates via our Mailchimp signup form then you will not receive any further information on the project, including the progress of the project, and how the data is being used. If you do choose to sign up for these email updates via our Mailchimp signup form then you will have the option to unsubscribe at any time.
- Research data also takes the form of answers and statements collected during an online or an in-person interview. This data is collected using an encrypted and password protected recording device. The audio files are removed from the device within 24 hours of the interview and stored on external, password protected hard drives and encrypted and password protected computers.
- The audio files are transcribed using secure software, which temporarily stores the files on a password protected area of a transcription service, hosted in the EU. This service is fully GDPR and HIPAA compliant. When the interview data is transcribed it is encrypted both in transit and at rest and is only accessible to the data owner (the researcher who conducted the interview and uploaded the interview). The audio file only remains on the cloud during the process of transcription and personal data (written name and contact information) will not be linked to this file at any point during the transcription process.
- The transcription will then be de-identified prior to the research team being given access.
- Research data also includes de-identified comments on Beyond Opposition public facing social media pages and recruitment adverts (where name, profile photo and other identifying factors have been redacted).
How Will Research Data be Used?
- The answers you provide through our website and through interviews/workshops (should you consent to being interviewed or involved in workshops) will be used for the purpose of the research project.
- The answers you provide will be used to conduct research analyses and reports on the experiences of those who are concerned about or opposed to legislative, political or social changes in relation to sexualities and sex/gender in the 21st century in Canada, the UK and Ireland.
- Quotations and/or ideas will be used in public research including, but not limited to, conference presentations, online and print publications, articles, reports, blogs, and live presentations. To the best of our abilities, identifying information will be removed to anonymize your answers. However, details you provide such as specific experiences, de-identified locations, or events may be used in the research.
Will My Name or Email be Publicised, Made Visible, or Otherwise Linked to my Answers?
No. Your answers to the questionnaire and in interviews are not linked to the email address or phone number that you provide, unless the Principal Investigator and/or the Project Manager identify that there is a risk of harm to you or someone else. Your name, contact information, and address will not be identified on any public document and will only be kept for the purposes of contacting you (including contacting you to ask if you would like your data to be archived), and to verify your details if you decide to withdraw from the study at a later date, and only if you give us permission to do so. Your name will be associated with your words in direct quotes if you give us explicit permission to do so in your consent form for interviews/workshops.
Whilst we do our utmost to avoid others being able to identify you based on your responses (for example, by removing your address and name and identifying details from your responses), we cannot guarantee full anonymity of the answers that you provide. This is because we will quote from your answers directly if you opt into this in the consent form to most accurately represent your experiences and to ensure that our data and reporting is valid. Your answers may be identifiable to those who know you, because of how you talk, or experiences that you have had that others know about. If you choose to include personal identifying information (for example, if you talk about your experience at a particular school, in a particular class, with a particular person), we will not identify a school/person etc. by name. We also would not name a specific town or city or locale, but we might say ‘North of England city/town’ ‘in rural Ireland’ or in ‘the province of Ontario’. We may name large cities like London, Toronto or Dublin, but we will not name specific locales in these cities.
How do We Collect your Personal and Research Data?
You directly provide the project with most of the data we collect. We collect personal and research data and process this data when you:
- Sign up to email updates, e.g. newsletters, which are intended to keep you up to date with the project and to share details of how you can take part
- Agree to be part of an interview and/or workshop and leave an email address
- Give us an email or phone number to contact to arrange an interview
- Voluntarily complete the questionnaire, participate in an interview or engage in a workshop, or provide feedback via our website
- Use or view our website, via your browser’s cookies
- Comment on public facing Beyond Opposition social media adverts/posts that we then collect and de-identify
How do We Store Your Personal Data?
Our project securely stores your data on an independent server. This data repository (BeyondOpposition research server) is hosted by University College Dublin and is used to store all study related datasets produced and/or shared within the project, with limited, secure access. This is a highly secure environment and network, with strict rules for data access. The infrastructure used is in accordance with GDPR (General Data Protection Regulation) guidelines on storing personal identifier data in a processor-role, as well as storing de-identified data.
For the purposes of contacting you for an interview or focus group, researchers may use your email or phone number that you have provided to contact you. These details will be stored on the beyond opposition email account and/or on an encrypted server, backed up onto an encrypted hard drive and when you are called, researchers will not store your name/number on the phone.
MailChimp will store your data in line with their policies and processes.
How do We Store Your Research Data?
If you complete a questionnaire, fourteen days after you have submitted your responses, your IP address and email will be detached from your questionnaire answers. These answers will be stored on our secure data server and backed up to both a secure back-up server and password-protected hard drives in order to assure the availability of the data to the research team until such time as it can be used for the purpose it was supplied. Interview and workshop audio files and transcripts are kept separate from questionnaire responses, also on our secure data server and backed up to both a secure back-up server and password-protected hard drives. To achieve secure and accessible storage:
- Three servers are used, all securely hosted by University College Dublin: One web server (Beyond Opposition web server) hosting the Beyond Opposition questionnaire and temporarily storing submitted questionnaire responses with highly restricted technical support access, one data repository (Beyond Opposition research data server) hosted by University College Dublin, which is used to store all study related datasets produced and/or shared within the project, with limited access, and one backup server (Beyond Opposition secure backup server) which is used to securely backup this research data. This is a highly secure environment and network, with strict rules for data access. The infrastructure is in accordance with GDPR guidelines on storing personal identifier data and in a processor-role, as well as storing data. Storage of Beyond Opposition Research Data complies with the secure backup requirement. This means that if your data has been backed up on the Beyond Opposition secured data server then that copy of your data will only be accessible if it is necessary to retrieve a data set from the backup, at which point, if you have requested that your data be deleted, your data will once again be deleted from the working copy.
- Access to the stored research data (IP address, email, identifying names removed) relating to all study datasets in the BeyondOpposition research server is provided via a Virtual Private Network (VPN). There are different levels of access provided to this data to project researchers depending on the researcher’s location and approved access level. All research data from the website questionnaire and from interviews can be accessed by the principal investigator and the project manager based at UCD. The Canadian-based post-doctoral research fellow will keep a copy of the interview audio files and original interview transcripts in Canada and also upload these to the secure UCD server. The data stored on the UCD servers is accessed remotely via a secure Virtual Private Network (VPN) and will not be downloaded outside of the EU. De-identified interview transcripts from Canadian respondents are uploaded onto the UCD Beyond Opposition Research Data server; these are accessible to the Irish/UK postdoc, and PhD students. The UK/Ireland postdoc uploads all audio files and original transcripts to the UCD Beyond Opposition Research Data server. De-identified transcripts from UK and Ireland respondents are uploaded to the UCD server, and are accessible to the Canadian postdoc, and PhD students. These listed data sets once uploaded to the Beyond Opposition Research Data server are securely backed up to the Beyond Opposition backup server and Beyond Opposition password protected encrypted project hard drives.
- External storage: All data is backed up in UCD on password protected, encrypted hard drives. These hard drives are stored in lockable offices and filing cabinets in buildings that will have appropriate security. The postdocs will back up all original and de-identified interview data on password protected, encrypted hard drives.
- The audio recorded interviews are transcribed using Nvivo transcription. During the transcription process, audio is temporarily stored on Microsoft Azure public cloud, hosted in the EU. This service is fully GDPR and HIPAA compliant. When the interview data is transcribed it is encrypted both in transit and at rest and is only accessible to the data owner (the researcher who conducted the interview and uploaded the interview or an approved team member). The audio file only remains on the cloud during the process of transcription and personal data (name and contact information) will not be linked to personal data at any point during the transcription process.
- De-identified comments on the Beyond Opposition public social media pages and recruitment adverts are stored on the UCD secure server in line with how we store other de-identified research data. We take screenshots of the comments, redact profile photos, names and other identifying features, and then save these as PDFs on the project’s UCD based secure server, prior to other members of the team gaining access to them for data analysis. All team members will have access to these de-identified comments to use as supplementary data. No identifying information will be included in any publications, though the de-identified comments themselves may be quoted from.
How Long do We Keep Your Personal Data?
Your personal data provided via our questionnaire will only be kept by us for a short period after we download your data from the project’s web server to the project’s data server. We will keep personal data regarding your interview until you have completed the interview, or until after the project is complete, depending on the permissions you give us. We will keep personal data regarding your workshop until you have completed the workshop, or until after the project is complete, depending on the permissions you give us.
MailChimp will keep your personal data in line with their policies and processes.
You can ask for us to remove any personal data from our files, and where it can be uniquely identified we will do so within one month of being contacted. We will keep personal data regarding archiving (such as a consent form and an email address to check with you), with your permission, until an external archive is sourced or the decision not to archive externally is taken. You will be contacted before your personal data is destroyed (deleted from all devices and then erased from any trash folders) if it is before 10 years after the project and you consent for it to be kept for this period of time.
How Long do We Keep Your Research Data?
All study-related data in the Beyond Opposition research server produced or resulting from the Beyond Opposition project will be kept for 10 years following the completion of the Beyond Opposition project. Authorised researchers will have access to the Beyond Opposition research server during the course of the Beyond Opposition project, and as long as the user is a member of the research team. The Principal Investigator will have access to the data for the time that it is stored in the server. You can choose to archive their data after 10 years with the principal investigator. If they have chosen to consent to their email being kept, the principal investigator will keep their personal data until and if an external archive is identified and then you will be contacted regarding depositing your interview into the archive if you have agreed to us keeping your personal data to contact you. Data will only be archived with an external organisation if the principal investigator is satisfied that the data will be used in a way that aligns with the ethos of the research, and permission is given by the person whose data it is (personal data will be kept for this purpose with explicit permission).
How do We Protect Your Data?
Beyond Opposition researchers commit to the highest standards of data security and protection in order to preserve the personal rights and interests of study participants. Data access protocols are implemented and reviewed regularly to provide data security and protection. Personal data shall always be collected, stored, and exchanged in a secure manner, through secure channels. The project will adhere to the provisions set out in the:
- General data protection regulation (GDPR) that came into effect in 2018 
- Directive 2006/24/EC of 15 March 2006  on the retention of data generated or processed in connection with the provision of publicly available electronic communication services or of public communications networks.
- Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) 
- Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data 
Data stored on University College Dublin servers can only be accessed from Canada via a remote desktop over a Virtual Private Network (VPN) that links to the Beyond Opposition Research Data server. Canadian based researchers will be able to see de-identified data including questionnaire data and interviews from the UK, Canada and Ireland. No data will be downloaded from the UCD server to Canada or to outside the EU, and research and personal data collected in Canada will be both sent to the UCD research data server, and also kept in Canada on encrypted, password protected computers and hard-drives.
To secure the confidentiality, accuracy, and security of data and data management, the following measures will be taken:
- All EU research data obtained in Beyond Opposition studies will be made available to the Canadian team members only after de-identification.
- Where participants have consented to the research team retaining their personal details, ‘identification keys’ will be used to link their research responses and their personal data. These ‘identification keys’ will be held in a confidential manner within the EU based research team for EU data and will be securely shared by Canadian researchers for Canadian data. These links will predominantly be used for the purposes of facilitating deletion of research data should you choose, where that data can be uniquely identified. Where you choose to be identified by name, your name will be kept with your de-identified research data.
- Data collected on the website questionnaire will include IP addresses and may also include email addresses where participants have chosen to supply theirs. This personal data will be downloaded from the secure Beyond Opposition server usually monthly or where the questionnaire response volume warrants it. If there is a risk or threat of harm to you or someone else, we will report this to the relevant authority together with the personal data that we have and the specifics of the risk identified. This may mean including research data and linking this to personal data. The principal investigator (PI) and project manager (PM) have access to this data. IP addresses and emails are removed by the UCD based PI and PM. At this point the data cannot be withdrawn from the research and this is made clear at the point of submission. This data will be then made available to the postdoctoral researchers in Canada, UK and Ireland, who will work using a remote desktop over a Virtual Private Network (VPN), ensuring that the data never leaves the EU. They will remove names/places and other identifying details before the data is coded and processed for dissemination.
- Data is processed only for the purposes outlined in the project information and informed consent forms. Use for other purposes will require explicit participant approval. Also, data is not transferred to any places outside the project research team.
What Are Your Data Protection Rights?
The collection of personal data will be conducted under the applicable EU and Canadian laws and regulations and requires previous written informed consent by the individual.
Our project would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request copies of your personal data from the project up until the time of when we have destroyed it. You can request your questionnaire data until the point where we have removed identifying information (usually 14 days after the questionnaire has been submitted). You can request your interview or workshop data, up until the point that we have disassociated it with your personal data, this will vary depending on how you have asked us to deal with your personal data.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate up until your answers are separated from your identifying information, or if you choose to be named in an interview. You also have the right to request that the project complete information you believe is incomplete. You can request this until your answers are de-identified (within 14 days of submitting your questionnaire answers, or, in the case of interviews and workshops, until your answers have been disassociated with your personal data). Once your answers are de-identified, if you do not allow us to keep your personal data there is no way to track your responses.
The right to erasure – You have the right to request that the project erase your personal data, under certain conditions. Research data can only be erased within 14 days of submitting the questionnaire, after which point your responses will be disassociated from your personal data and your responses de-identified appropriately, or if you choose in an interview to be named or for us to retain your personal data for this purpose.
The right to restrict processing – You have the right to request that the project restrict the processing of your personal data, under certain conditions. Research data can only be restricted until your answers are de-identified, or if you choose in an interview to waive anonymity.
The right to object to processing – You have the right to object to the project processing of your personal data, under certain conditions. You can only object to your research data being processed until your answers are de-identified, or if you choose in an interview to be named or for us to retain your personal data for this purpose.
The right to data portability – You have the right to request that the research team transfer the personal data that we have collected to another organisation, or directly to you, under certain conditions. You cannot request that your research data be ported to another organisation. You can request that we transfer the research data to you until your answers are de-identified, or if you choose in an interview to be named or for us to retain your personal data for this purpose.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: email@example.com
How Will You Share Information With Me?
Our project would like to send you information about research and participation opportunities that might be of interest through contacting you by email. The emails will follow the following policies:
- Only those who consent and/or actively sign-up for email updates will receive them to the email address they provide at sign-up.
- If you have agreed to receive email updates, you may always opt out at a later date.
- You have the right at any time to stop the project from contacting you.
Unsubscribe to Newsletter
If you no longer wish to be contacted, you can click the link at the bottom of the email updates.
What Happens When You Contact Us?
If you send us a message through our email address or through the Contact Us form on our website, your confidentiality and privacy will be respected. This means, we will not share your email address, name, or the content of the message with anyone outside of the research team unless there is a threat of harm to you or someone else, in which case we will share the information that we have with the relevant authorities. We will keep emails to process them and retain them until the close of the project. Any inquiry or information that is emailed to the project will not be used for the purpose of research or data collection, unless you provide explicit consent for us to do so.
What Are Cookies?
Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. Websites may collect information from you automatically through cookies or similar technology.
For further information, visit allaboutcookies.org
How to Manage Cookies
You can set your browser to not accept cookies, and the above website tells you how to remove cookies from your browser. However, some of our website features may not function as a result.
Privacy Policies of Other Websites
How to Contact Us
How to Contact the Proper Authorities
If you have a complaint or you wish to raise an issue, please contact the project on firstname.lastname@example.org
You can also contact the UCD Data Protection Officer on DPO@ucd.ie
Should you have a complaint or feel that the project has not addressed a privacy concern, you can contact the supervisory authority in your country. The full listing of all Data Protection Authorities across the EEA with contact information is available here.
If you are in Canada and you are not satisfied with the response received or the actions taken by our Data Protection and Privacy Officer, you can submit a complaint to the Office of the Privacy Commissioner of Canada. Instructions to do so can be found on their website.