For more information on your general data privacy rights please visit the website of the Data Protection Commissioner www.dataprotection.ie
- What Data do We Collect?
- How do We Collect Your Personal and Research Data?
- How do We Store Your Personal Data?
- How do We Store Your Research Data?
- How Long do We Keep Your Personal Data?
- How Long do We Keep Your Research Data?
- How do We Protect Your Data?
- What Are Your Data Protection Rights?
- How Will You Share Information With Me?
- Unsubscribe to Newsletter
- What Happens When You Contact Us?
- What Are Cookies?
- Privacy Policies of Other Websites
- How to Contact Us
- How to Contact The Proper Authorities
Summary of Key Elements of This Policy
|Personal data we collect from you||What we do with it||Third parties we share it with|
|Contact information, such as your email address||Communicate with you, if you sign up for the newsletter or express interest in an interview||Companies providing communications services, such as MailChimp|
|Name and IP Address||Nothing. After 14 days this information is deleted||We will only share this information with authorities if there is a risk of harm to yourself or others|
|Answers to the questionnaire||After taking out identifying information, we use this in our research for print and digital publications, conference papers and presentations, books and other academic texts, reports and other publications||None|
Beyond Opposition researchers (The research team consists of: PI: Prof. Kath Browne, Canadian supervisor Catherine Nash, plus project manager, postdoctoral researchers, and doctoral students) are committed to the highest standards of data security and protection in order to preserve the personal rights and interests of study participants. Your privacy is of the utmost importance to us. The collection of personal data will be conducted under the applicable European, UK and Canadian laws and regulations.
Our project collects the following data:
- Personal data: identification information (Name, email address, phone number, etc.).
- Research data: This includes any answers you provide in your questionnaire and subsequent interviews (should you choose to participate).
- Personal data shall always be collected, stored, and exchanged in a secure manner, through secure channels.
- This website will collect two kinds of data: personal data (name, email, IP Address) and research data (answers to the questionnaire, comments and feedback submitted). These data sets will be disconnected prior to analysis and your questionnaire or interview answers will not be associated with any of the personal data collected.
- Your personal data such as name, email address, IP address will not be shared with any third parties, unless you sign up to stay in touch then mailchimp will hold your personal details. Your personal data cannot and will not be linked to or associated with your research data, including any of your answers on the questionnaire or the interviews (please see the interview information sheet for details regarding choosing to use your own name).
- If there is a risk of harm to you or to others, the researchers will link research data and personal data to notify the relevant authorities.
Background on the Project
All research data obtained from the Beyond Opposition website will be transmitted to researchers only after the removal of your IP address and email by the principal investigator and the project manager. This will be undertaken after checking for potential harm to yourself and others (see below). After this point, your data cannot be withdrawn and the PI/PM will not look at your data in relation to analysis for the project with your IP address or email. Other members of the research team will not have access to your name, email, or IP address when they read the answers to your questions.
Should you consent to an interview, your answers to the online questionnaire will not be kept with your email address or IP address. We will only contact you if you consent for us to do so, and you can request that we no longer contact you at any time.
If there is a risk of harm to you or someone else, we will report this to the relevant authority with the personal data that we have and the specifics of the risk identified. This may mean including research data and linking this to personal data.
Personal data are processed for the purposes outlined on the project website, in the project information and informed consent forms only. Use of personal data for other purposes will require explicit participant approval. Also, personal data are not transferred to any places outside the project research team. This means that we will not use your email, name or IP address except to contact you about the research and we will not transfer these details to anyone else.
What Data do We Collect?
Our project collects the following data:
- Personal data: identification information (Name, email address, phone number, etc.).
- Research data: This includes any answers you provide in your questionnaire and subsequent interviews or workshops (should you choose to participate). It also includes comments made on public facing Beyond Opposition social media pages and adverts.
How Will Personal Data be Used?
Our project collects your personal data so that we can:
- Send you updates and newsletters about the project
- Offer opportunities for further participation in the project
- Email addresses will be used to contact individuals who consent to be contacted for interview
- Emails and phone numbers will be used to arrange interviews.
- When our project processes data from the questionnaire it is not associated with your IP address, email, or name.
What Personal Data do We Collect?
Data collected on the website will include IP addresses and email addresses for those who gave them. This raw data will be downloaded from the secure Beyond Opposition server bi-weekly. At this point, if we identify potential harm to you or others, we will report this to the relevant authorities. This may mean linking research data with personal data. After surveying submissions, IP addresses and emails will then be removed by the UCD based project manager and principal investigator. They will also remove names/places and other identifying details before the data is coded and processed for dissemination to the project research team. We do not collect any personal data from social media. Where comments are stored from social media recruitment adverts, these are immediately de-identified and name, profile picture and other identifying factors are redacted prior to storing on UCD’s secure servers.
Note: Once your IP address and email address are detached from your questionnaire submission, the information you provide cannot be withdrawn from the research, as your name will no longer be attached to your answers. This questionnaire data will be then made available to the research team located in Canada (Brock University), UK and Ireland (UCD). They will remove further identifying details that may be contained in your responses. This might be specific names of people or places, or other specific information that may identify you. The data is then considered de-identified. It will remain in Ireland, on UCD servers (see below), but will be accessible to researchers in Canada via a remote desktop, which is encrypted and password protected.
If you consent to be interviewed, however, researchers will require contact details to arrange the interview. This could include emails and phone numbers. All personal data (telephone numbers, emails and addresses, as well as signed consent forms) will be kept separately from your research data. Identifying information about you will not be used in any reports of the research or in any publications that draw on the research. The only exception to this is where you ask us to use your real name. We will do this only on your explicit request. However, we will not release any other personal data. Personal information will be destroyed immediately after the data collection, unless the researchers have the participant’s explicit consent to keep it.
If you consent to be part of a workshop (in year 4 of the project), however, researchers will require contact details to arrange this. This could include emails and phone numbers. All personal data (telephone numbers, emails and addresses, as well as signed consent forms) will be kept separately from your research data. You may share personal data with others in the workshop, but the project research team will not pass information about participants to other participations (e.g. names, emails or phone numbers). Identifying information about you will not be used in any reports of the research or in any publications that draw on the research. The only exception to this is where you ask us to use your real name. We will do this only on your explicit request. However, we will not release any other personal data. Personal information will be destroyed immediately after the data collection, unless the researchers have the participant’s explicit consent to keep it.
What Kind of Research Data do We Collect?
- The research data includes the answers you provide for the questionnaire and any feedback or ideas you submit via the website, during interviews, or during workshops.
- Prior to submitting your online questionnaire, you will be asked whether you consent to submitting your responses. You will have the option to delete your answers and exit the questionnaire throughout the process. If you choose to delete your answers no information will be submitted and there will be no way to retrieve your answers.
- If you consent and submit your answers to the questionnaire, your submission and answers cannot be changed or deleted once submitted. However, if you decide to retract your answers from the study, you can contact us for up to 14 days after submission by using the ‘contact us’ page on the website and instruct us to delete your submission. After 14 days, your answers will be disconnected from your email and IP address, further de-identification will take place after this point, and we will not be able to delete your submission.
- When you exit, you will be asked if you would like to be contacted for an interview or future workshops. If you select ‘no’ to these questions, you will not be contacted for any further activities with the project.
- When you exit you will be asked if you would like to be kept up to date with the project and its activities. If you select ‘no’ you will not receive any further information on the project, including the progress of the project, and how the data is being used. If you select ‘yes’ you will have the option to unsubscribe at any time.
- Research data also takes the form of answers and statements collected during an online or an in-person interview. This data is collected using an encrypted and password protected recording device. The audio files are removed from the device within 24 hours of the interview and stored on external, password protected hard drives and an encrypted and password protected computer.
- The audio files are transcribed using secure software, which temporarily stores the files on Microsoft Azure public cloud, hosted in the EU. This service is fully GDPR and HIPPA compliant. When the interview data is transcribed, it is encrypted both in transit and at rest and is only accessible to the data owner (the researcher who conducted the interview and uploaded the interview). The audio file only remains on the cloud during the process of transcription and personal data (name and contact information) will not be linked to this file at any point during the transcription process.
- The transcription will then be de-identified prior to the research team being given access.
- Research data also includes de-identified comments on Beyond Opposition public facing social media pages and recruitment adverts (where name, profile photo and other identifying factors have been redacted).
How Will Research Data be Used?
- The answers you provide through our website and through interviews/workshops (should you consent to being interviewed or involved in workshops) will be used for the purpose of the research project.
- The answers you provide will be used to conduct research analyses and reports on the experiences of those who are concerned about or opposed to legislative, political or social changes in relation to sexualities and sex/gender in the 21st century in Canada, the UK and Ireland.
- Quotations and ideas will be used in public research including, but not limited to, conference presentations, online and print publications, articles, reports, blogs, and live presentations. To the best of our abilities, identifying information will be removed to anonymize your answers. However, details you provide such as specific experiences, locations, or events may be used in the research.
Will My Name or Email be Publicised, Made Visible, or Otherwise Linked to my Answers?
No. Your answers to the questionnaire or in the interviews are not linked to the email address or phone number that you provide, unless the Principal investigator and/or the project manager identity that there is a risk of harm to you or someone else. Your name, contact information, and address will not be identified on any public document and will only be kept for the purposes of contacting you, and only if you give us permission to do so. Your name will be associated with your words in direct quotes if you give us explicit permission to do so in interviews/workshops.
Whilst we do our utmost to avoid others being able to identify you based on your responses (for example, by removing your address and name and identifying details from your responses), we cannot guarantee full anonymity of the answers that you provide. This is because we will quote from your answers directly to most accurately represent your experiences and to ensure that our data and reporting is valid. Your answers may be identifiable to those who know you, because of how you talk, or experiences that you have had that others know about. If you choose to include personal identifying information (for example, if you talk about your experience at a particular school, in a particular class, with a particular person), we will not identify a school/person etc. by name. We also would not name a specific town or city or locale, but we might say ‘North of England city/town’ ‘in rural Ireland’ or in ‘the Ontario region of Canada’. We may name large cities like London, Toronto or Dublin, but we will not name specific locales in these cities.
How do We Collect your Personal and Research Data?
You directly provide the project with most of the data we collect. We collect personal and research data and process this data when you:
- Sign up for to be kept up to date with the project or to receive information on the questionnaire
- Agree to be part of an interview and/or workshop and leave an email address
- Give us an email or phone number to contact to arrange an interview
- Voluntarily complete the questionnaire, participate in an interview or engage in a workshop, or provide feedback on our website
- Use or view our website via your browser’s cookies.
How do We Store Your Personal Data?
Our project securely stores your data via an independent server. This data repository (Beyond Opposition research server) is hosted by University College Dublin and will be used to store all study related datasets produced and/or shared within the project, with limited access. This is a highly secure environment and network, with strict rules for data access. And the infrastructure is in accordance with GDPR (General Data Protection Regulation) guidelines on storing personal identifier data and in a processor-role, as well as storing de-identified data.
For the purposes of contacting you for an interview or focus group, researchers may use your email or phone number to contact you. These details will be stored on an encrypted server, backed up onto an encrypted hard drive and when you are called, researchers will not store your name/number on the phone.
Mailchimp will store your data in line with their policies and processes.
How do We Store Your Research Data?
If you complete a questionnaire, fourteen days after you have submitted your responses, your IP address and email will be detached from your questionnaire answers. These answers will be stored on secure password-protected hard drives. Interview and workshop audio files and transcripts will be kept separately. To achieve secure and accessible storage:
- One data repository (Beyond Opposition research server) hosted by University College Dublin, which will be used to store all study related datasets produced and/or shared within the project, with limited access. This is a highly secure environment and network, with strict rules for data access. The infrastructure is in accordance to GDPR guidelines on storing personal identifier data and in a processor-role, as well as storing data.
- There will be one platform/server which will be used to allow Virtual Private Network (VPN) access to the stored research data (IP address, email, identifying names removed) related to all study datasets in the Beyond Opposition research server. There will different levels of access to this data by project researchers. All research data from the website, and from interviews can be accessed by the principal investigator and the project manager based at UCD. The Canadian-based post-doctoral research fellow at Brock University will keep a copy of the audio files and original transcripts in Canada and will also upload these to the secure UCD server. The data stored on UCD servers will be accessed remotely and will not be downloaded outside of the EU. De-identified transcripts from Canadian respondents will also be uploaded onto the UCD server; these will be accessible to the Irish/UK postdoc, and PhD students. The UK/Ireland postdoc will upload all audio files and original transcripts to UCD servers. De-identified transcripts will also be uploaded to the UCD server, these will be accessible to the Canadian postdoc, and PhD students.
- External storage: All data will be backed up on UCD and Brock University password protected, encrypted hard drives, with files also password protected. These hard drives will be stored in lockable offices and filing cabinets in buildings that will have appropriate security. The postdocs in Canada and UCD will back up all original and de-identified interview data on password protected, encrypted hard drives, with files also password protected.
- The audio recorded interviews will be transcribed using NVivo transcription. During the transcription process, audio will temporarily be stored on Microsoft Azure public cloud, hosted in the EU. This service is fully GDPR and HIPPA compliant. When the interview data is transcribed, it is encrypted both in transit and at rest and is only accessible to the data owner (the researcher who conducted the interview and uploaded the interview). The audio file only remains on the cloud during the process of transcription and personal data (name and contact information) will not be linked to this file at any point during the transcription process.
- De-identified comments on the Beyond Opposition public social media pages and recruitment adverts will be stored on the UCD secure server in line with how we store other de-identified research data. We take screenshots of the comments, redact profile photos, names and other identifying features, and then save these as PDFs on UCD’s remote secure server, prior to other members of the team gaining access to them for data analysis. All team members will have access to these de-identified comments to use as supplementary data. No identifying information will be included in any publications, though the de-identified comments themselves may be quoted from.
How Long do We Keep Your Personal Data?
Your personal data will only be kept by us for a period of 14 days after we download your data from the questionnaire. We will keep personal data regarding your interview until you have completed the interview, or until after the project is complete, depending on the permissions you give us. We will keep personal data regarding your workshop until you have completed the interview, or until after the project is complete, depending on the permissions you give us.
Mailchimp will keep your personal data in line with their policies and processes.
You can ask for us to remove any personal data from our files, and we will do so within one month of being contacted. We will keep personal data regarding archiving, with your permission, until an external archive is sourced or the decision not to archive externally is taken. You will be contacted before your personal data is destroyed (deleted from all devices and then erased from any trash folders.
How Long do We Keep Your Research Data?
All study-related data in the Beyond Opposition research server produced or resulting from the Beyond Opposition project will be kept for 10 years following the completion of the Beyond Opposition project. Authorised researchers will have access to the Beyond Opposition research server during the course of the Beyond Opposition project, and as long as the user is a member of the research team. The principal investigator will have access to the data for the time that it is stored in the server. Participants can choose to archive their data after the 10 years with the principal investigator. If they have chosen to consent to their email being kept, the principal investigator will keep their personal data until an external archive is identified and then they will be contacted regarding depositing their interview into the archive. Data will only be archived with an external organisation if the principal investigator is satisfied that the data will be used in way that aligns with the ethos of the research, and permission is given by the person whose data it is (personal data will be kept for this purpose with explicit permission).
How do We Protect Your Data?
Beyond Opposition researchers commit to the highest standards of data security and protection in order to preserve the personal rights and interests of study participants. Personal data shall always be collected, stored, and exchanged in a secure manner, through secure channels. The project will adhere to the provisions set out in the:
- General data protection regulation (GDPR) that came into effect in 2018 
- Directive 2006/24/EC of 15 March 2006  on the retention of data generated or processed in connection with the provision of publicly available electronic communication services or of public communications networks.
- Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) 
- Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data 
- Data stored on University College Dublin servers can only be accessed from Canada via a remote desktop that links to the server. Canadian based researchers at Brock University will be able to see de-identified data including questionnaires, interviews from the UK, Canada and Ireland. No data will be downloaded from the UCD server in Canada or outside the EU, and research and personal data collected in Canada will be both sent to the UCD server, and also kept in Canada on encrypted, password protected computers and hard-drives, with the files also password protected.
- To secure the confidentiality, accuracy, and security of data and data management, the following measures will be taken:
- All EU research data obtained in Beyond Opposition studies will be transmitted to the Canadian team members only after de-identification.
- Where participants have consented to the research team keeping hold of their personal details, ‘identification keys’ will be used to link their research responses and their personal data. These ‘identification keys’ will be held confidentially within the EU based research team for EU data and will be securely shared with Canadian researchers for Canadian data.
- Data collected on the website will include IP addresses and may also include email addresses. This personal data will be downloaded from the secure Beyond Opposition server monthly. If there is a risk of harm to you or someone else, we will report this to the relevant authority together with the personal data that we have and the specifics of the risk identified. This may mean including research data and linking this to personal data. IP addresses and emails are removed by the UCD based project manager/PI. At this point the data cannot be withdrawn from the research and this will be made clear at the point of submission. This data will be then made available to the postdoctoral researchers, as well as the PI and project manager, in Canada/UK, who will work through the remote desktop, ensuring that the data never leaves the EU. They will remove names/places and other identifying details before the data is coded and processed for dissemination.
- Data are processed only for the purposes outlined in the project information and informed consent forms. Use for other purposes will require explicit participant approval. Also, data are not transferred to any places outside the project research team.
What Are Your Data Protection Rights?
The collection of personal data will be conducted under the applicable EU and Canadian laws and regulations and requires previous written informed consent by the individual.
Our project would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request copies of your personal data from the project up until the time of when we have destroyed it. You can request your questionnaire data until the point where we have removed identifying information (usually 14 days after the questionnaire has been submitted). You can request your interview or workshop data, up until the point that we have disassociated it with your personal data, this will vary depending on how you have asked us to deal with your personal data.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate up until your answers are separated from your identifying information, or if you choose to be named in an interview. You also have the right to request that the project complete information you believe is incomplete up. You can request this until your answers are de-identified (within 14 days of submitting your questionnaire). Once your answers are de-identified, there is no way to track your responses.
The right to erasure – You have the right to request that the project erase your personal data, under certain conditions. Research data can only be erased within 14 days of submitting the questionnaire, after which point your responses will be de-coupled from your personal data and your responses de-identified appropriately, or if you choose in an interview to be named.
The right to restrict processing – You have the right to request that the project restrict the processing of your personal data, under certain conditions. Research data can only be restricted until your answers are de-identified, or if you choose in an interview to waive anonymity.
The right to object to processing – You have the right to object to the project processing of your personal data, under certain conditions. You can only object to your research data being processed until your answers are de-identified, or if you choose in an interview to be named.
The right to data portability – You have the right to request that the research team transfer the personal data that we have collected to another organisation, or directly to you, under certain conditions. You cannot request that your research data be transferred to another organisation after your answers have been de-identified. Until the point where your answers are de-identified (14 days after answering questionnaire), or if you choose to be named in an interview, you can request that we transfer the research data to another organisation.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: firstname.lastname@example.org
How Will You Share Information With Me?
Our project would like to send you information about research and participation opportunities that might be of interest through contacting you by email. The emails will follow the following policies:
- Only those who consent and actively sign-up for email updates will receive them to the email address they provide at sign-up.
- If you have agreed to receive email updates, you may always opt out at a later date.
- You have the right at any time to stop the project from contacting you.
Unsubscribe to Newsletter
If you no longer wish to be contacted, you can click the link at the bottom of the email updates.
What Happens When You Contact Us?
If you send us a message through our email address or through the Contact Us form on our website, your confidentiality and privacy will be respected. This means, we will not share your email address, name, or the content of the message with anyone outside of the research team unless there is a risk of harm to you or someone else, in which case we will share the information that we have with the relevant authorities. We will keep emails to process them and retain them until the close of the project. Any enquiry or information that is emailed to the project will not be used for the purpose of research or data collection, unless you provide explicit consent for us to do so.
What Are Cookies?
Cookies are small files of data which are created on your computer when you visit a website. They are used to store small amounts of information about your interactions with the website. For this website, there are cookies used to allow analytics to be gathered which helps to optimise the experience. Cookies are also used to allow CAPTCHA security to work on the forms on this site.
For further information, visit allaboutcookies.org
How to Manage Cookies
You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
Privacy Policies of Other Websites
How to Contact Us
How to Contact the Proper Authorities
If you have a compliant or you wish to raise an issue, please do contact the project on email@example.com
You can also contact the UCD Data Protection Officer on DPO@ucd.ie
Should you have a complaint or feel that project has not addressed a privacy concern, you can contact the supervisory authority in your country. The full listing of all Data Protection Authorities across the EEA with contact information is available here.
If you are in Canada and you are not satisfied with the response received or the actions taken by our Data Protection and Privacy Officer, you can submit a complaint to the Office of the Privacy Commissioner of Canada. Instructions to do so can be found on their website.