This Privacy Policy applies to the website https://cara-portal.azurewebsites.net (the 'Site') which is run by [Enter name here], a company registered in England and Wales with company number [Enter number here] of [Enter Address here].

Our Data Protection Officer is [Enter name here] ([Enter Email Address Here]).

This Privacy Policy ('Policy') explains how [Enter name Here] collects, uses and discloses personal information about you when you visit the Site, our research platform ('the CARA Portal'), when you create a user account and when you contact [Enter name here], whether by e-mail, or telephone using the contact options on the Site. For the personal data we collect about you in these scenarios, including your personal information if you are an account holder using our services, [Enter name here] is the data controller for the purpose of the General Data Protection Regulation EU 2016/679

[Enter name here] provides users with access to use the CARA Portal to help account holders (such as scientists) create, design, conduct and analyse psychology research experiments (‘Experiments’) by providing tools to host and conduct tasks in a self-service capacity (collectively, the 'Services') directly and through the Site.

If you want to register an account with us you will need to provide us with some additional personal information so that we can ensure the information provided to you is relevant and to be certain that we are placing any new information you create as a user of the Site in the appropriate category. If you do choose to create and account or otherwise to provide us with your personal information, we will collect that information for our own use and for the purposes described in this Policy.

What type of personal information does [Enter name here] collect?

The personal information we collect from you, including where you choose to provide personal details to us, and where we obtain information about you, will include the following data which we require in order to provide our Services and to communicate with you:

Where you fail to provide this data, or other data requested that we need to collect by law, or under the terms of another contract we have with you, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our Services). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time. The other personal information we may collect from or about you, includes:

The information above will be collected primarily from you as information voluntarily provided by you to us, but we may also collect it where lawful to do so from (and combine it with information from) public sources, your university, employer, third party service providers, individuals who you have indicated have agreed for you to provide their personal information, government, tax or law enforcement agencies and other third parties. We may also collect personal information about you from your use of other [Enter name here] websites or services.

On what basis can we process your information?

The legal grounds for processing your personal data are as follows:

How does [Enter name here] use information about you?

[Enter name here] uses information about you for the following purposes:

This list is not intended to be exhaustive and may be updated from time to time as business needs and legal requirements dictate.

[Enter name here] may also convert personal information into anonymous data and use it (normally on an aggregated statistical basis) for research and analysis to monitor and improve Site performance and/or for promotional purposes.

How long we keep your data for

We will keep your details on record for so long as you have a registered account with [Enter name here]. If you would like to close your registered account, you can do so via the Site. When you close your account:

Does [Enter name here] share personal information with third parties?

Your personal information will only be made available for the purposes mentioned above (or as otherwise notified to you from time to time including in this Policy) to our staff who properly need to know these details for their functions within [Enter name here].

Your personal information may also be made available to third parties (within or outside of [Enter name here]) providing us with relevant services on our behalf, such as your university, auditors and compliance managers and IT hosting and IT maintenance providers. These companies will only have access to or use your information where necessary to perform their functions on our behalf. A list of these organisations is available here

We may disclose specific information upon lawful request by government authorities, law enforcement and regulatory authorities where required or permitted by law and for tax or other purposes. Your personal information may also be made available to third parties or partners, where necessary, as part of any restructuring of [Enter name here] or sale of [Enter name here]’s business or assets. Personal information may also be released to external parties in response to legal process, and when required to comply with laws, or to enforce our agreements, corporate policies, and terms of use, or to protect the rights, property or safety of [Enter name here], our employees, agents, Site users and others, as well as to parties to whom you authorise [Enter name here] to release your personal information.

Will your personal information be transferred abroad?

Whilst we hold your data on secure servers within the European Economic Area ('EEA') certain transfers of personal information to third party recipients take place, as explained above. Please be aware that such recipients of your personal information (as set out in this notice), may not be located within the EEA but instead located in countries which do not have equivalent protection for personal information to that within the EEA. Where we transfer your information outside the EEA we will either undertake an assessment of the level of protection in light of the circumstances surrounding the transfer or:

What safeguards are in place to protect your personal information?

While we take efforts to safeguard your personal information which are consistent with relevant laws, the nature of the internet is such that we cannot guarantee absolutely the security of any personal information you disclose online.

How you can access and update your personal information

You can find out if [Enter name here] hold any personal information by making a ‘subject access request’, normally free of charge, under data protection legislation. If we do hold information about you we will let you have a copy of that information unless a legal exception applies, in which case we will inform you of this at the time. You also have the right to request that information we hold about you which may be incorrect, incomplete, or which has been changed since you first told us, is updated or removed. To make a request to exercise either of these rights, please email your request to [Enter email here]

How you can request erasure of your data

You can ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

How you can withdraw your consent

You have the right at any time to withdraw any consent you have given us to process your personal data. Please note if you withdraw your consent it will not affect the lawfulness of any processing of your personal data we have carried out before you withdrew your consent. Should you wish to do so you can change your consent preferences at any time on your Account page or by contacting [Enter email here]

How you can restrict or object to us using your data

You can ask us to suspend the way in which we are using your information in certain scenarios, or object to our processing your data where we are relying on a legitimate interest ground (or those of a third party) and you feel it impacts on your fundamental rights and freedoms, or where we are processing your personal data for direct marketing purposes or profiling your data. In some cases where you object, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Please note that if you want us to restrict or stop processing your data this may impact on our ability to provide our Services. Depending on the extent of your request we may be unable to continue providing you with our service.

Any queries or concerns about the way in which your data is being used can be sent to [Enter email here]

Moving your information to another organisation

In the event that we process your data by automated means where you have either provided us with consent for us to use your information or where we used the information to perform a contract with you, you have the right to request that we send to you or to another organisation, an electronic copy of the personal data we hold about you, for example when you are dealing with a different service provider. If you would like us to move, copy, or transfer your information please let us know by email to [Enter email here]. We will respond to you within one month after assessing whether or not this is possible, taking into account the technical compatibility with the other organisation in question.

Automated decision making and Profiling

We do not use your information for automated decision making or profiling that has legal or similarly significant effects on you.

Changes to this Policy

We keep this Policy under regular review. We may change this Policy from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. The date at the top of this Policy will be updated accordingly.

We encourage you to check the date of this Policy when you visit the Site for any updates or changes. We will notify you of any modified versions of this Policy that might materially affect the way we use or disclose your personal information.

This Policy only extends to the Site and does not, therefore, extend to your use of, provision of data to and/or collection of data on any website not connected to us to which you may link by using the hypertext links within this website.

Contact/address details

If you have any questions about this Policy, please contact us at [Enter name here]

Complaints about the use of your personal data

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the UK data protection regulator, the Information Commissioner’s Office. Further details can be found at www.ico.org.uk or 0303 123 1113.