Cookies and Privacy.

The Earlham Institute (‘EI’) (we or us) is committed to protecting and respecting your privacy.

This policy (together with our terms of use and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the Data Protection Act 1998 (the Act), the data controller is the Earlham Institute ('EI'), based at Norwich Research Park, Colney, Norwich, NR4 7UZ.

Communications.

The Earlham Institute (‘EI’) (we or us) is committed to protecting your data and respecting your privacy.


This privacy notice explains how we collect, store and use any personal information we obtain from our web forms, in accordance with the General Data Protection Regulation (GDPR).

What information do we collect about you?

We may collect and process the following data about you:

  • Information that you provide by filling in forms on our site http://www.earlham.ac.uk. This includes information provided by subscribing to any services we may offer, posting material, making enquiries, or requesting further services. We may also ask you for information when you report a problem with our site
  • If you contact us, we may keep a record of that correspondence.
  • Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources that you access
  • Information about your computer, including your IP address, operating system and browser type, for system administration. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
  • For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer, or by using JavaScript code.
  • Cookies contain information that is transferred to your computer's hard drive. Cookies and Javascript settings can be disabled through adjusting the setting on your browser. This may limit access to certain areas of our website.
How we use your information

We use information held about you in the following ways:

  • To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes. This information is shared internally with our Genomics pipelines, scientific training and business support groups.
  • To ensure that content from our site is presented in the most effective manner for you and for your computer
  • To allow you to participate in interactive features of our service, when you choose to do so
  • To notify you about changes to our site

Cookies help us to improve our site and deliver a better, more personalised service. This information obtained enables us:

  • To estimate our audience size and usage pattern.
  • To store information about your preferences, and so allow us to customise our site according to your individual interests.
  • To speed up your searches.
  • To recognise you when you return to our site.

This information is currently collected using Google Analytics. You may wish to visit Google's Privacy Center.


How do we store and share your information?

Your information is mainly stored in secure electronic systems on secure servers. Subscription information is held on a single mailchimp mailing list with relevant information passed to our Genomics services, scientific training, business support and knowledge exchange teams according to relevance of preferences selected.

Journalist information is held through a third-party media-monitoring provider only. Industry contact information is held through on myIP software, a secure electronic system on secure servers.


Security of your information

We are committed to keeping your personal information safe and secure. Your personal information is created, stored and transmitted securely in a variety of electronic formats. Access to your personal information is limited to staff who have a legitimate interest in it for the purposes of carrying out their contractual duties.


Please note that, although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Accessing, correcting or deleting your information

We want to make sure that your personal information is accurate and up to date. Upon subscription you will receive an email link that will enable you to update your settings or unsubscribe from our mailing list at any time. You have the right to request a copy of the information we hold about you, to request a correction and to request that your personal data is deleted. You have a range of other rights under the GDPR. If you would like more information, please see the Information Commissioner’s Office website: https://ico.org.uk/ (see “For the public”)

Retaining and Disposing of your information

You can unsubscribe from our mailing list at any time through your unique link. Upon unsubscribing your information will be automatically removed from the mailing list. The communications team will undertake an annual review of the mailing list to ensure that the information held is accurate, relevant and not outdated. Any data not meeting these standards will be deleted from our mailing list.
Alternatively, you can request disposal of your data at any time by emailing the Digital Communications team.

Who can I contact?

If you have any questions about how your personal information is used, or wish to exercise any of your rights, you can contact the Digital Communications team (please email digital@earlham.ac.uk ).

Compliance with data protection legislation

For the Earlham Institute, the person with responsibility for advising on compliance with data protection legislation is Sarah Cossey, contact: dpo@earlham.ac.uk

This notice will be reviewed on a regular basis and may be amended and updated at any time. We may also notify you in other ways from time to time about the processing of your personal information.

Training programmes applications.

This privacy notice explains how Earlham Institute collects, stores, and uses personal information provided in applications to any of our training programmes) via online registration systems, submitted application forms and/or and CVs, in accordance with the General Data Protection Regulation (GDPR).


What information we collect about you?

We will collect all information contained in your submission, application and/or CV. This may include sensitive and non-sensitive data about you.
Non-sensitive data, such as your name, work address and email address are collected so that we can maintain appropriate contact with you in order to process your application.
Where you give us your agreement we will hold your information for future participation in a training Event or Programme, or for the purposes of following up with long-term impact via feedback questionnaires.


How we use your information

We collect, store and process personal data to:

  • Assess your suitability for training Events, or
  • Where the application is for a training programme outside of our training events, to identify potential hosts or project supervisors, whether applying through our immersive visitor training programme (IVTP) as a visiting worker or collaborator, or to our Year in Industry programme
  • As a Brief the trainer on attendees at courses

Sensitive data will be anonymised within one month of attendance at an Event or participation in one of EI’s training programmes, or within one month of an application being deemed unsuccessful. Anonymised data is then used for collective reporting of our training impact, in terms of global reach or recognition, and as an institution promoting equality and diversity.


How we store and share your information

Your information is mainly stored electronically in internal electronic folders, maintained on our own servers. Your application and/or CV may be shared with any Event teaching faculty or potential host/supervisor within the Institute either in electronic or paper format. No copy of applications or CVs containing sensitive information are retained by reviewers beyond the review period, at which point the sensitive data is anonymised in accordance with our timelines above.


You should also read our privacy statement on visitors to EI, which contains details of how some of your personal data may need to be used, and shared for your safety whilst on site.

Security of your information

We are committed to keeping your personal information safe and secure. As indicated above, your personal information is created, stored and transmitted securely in a variety of papers and electronic formats. Access to your personal information is limited to staff who have a legitimate interest in it for the purposes of carrying out their contractual duties.

Accessing, correcting or deleting your information

We want to make sure that your personal information is accurate and up to date. You have the right to request a copy of the information we hold about you, to request a correction and to request your personal information is deleted. In some cases, we may not be able to agree to your request, however if this is the case, we will tell you the reason and your right to complain to the Information Commissioner if you are unhappy with our decision. You have a range of other rights under the GDPR. If you would like more information, please see the Information Commissioner’s Office website: https://ico.org.uk/ (see “For the public”)

Retaining and Disposal of your data

We retain all information we collect during the application processes up until one month after the applicant has participated in the training Event or Programme, or when an application has been deemed unsuccessful, at which point sensitive data is anonymised and stored separately. Any original applications or CVs with sensitive data are deleted. For successful applicants to EI’s training programmes (Immersive Visitor Training Programme and Year in Industry), personal information collected during the application process will form part of the Visiting Worker’s personnel file. As appropriate a Privacy Notice for Visiting Workers will be made available at that time.


We may ask to keep in contact with you, in order to monitor the impact from your training or visit to Earlham Institute. If you give us your explicit permission we will retain your details and check with you every 12 months whether you are ok for us to continue to retain your information. If you are no longer content we will destroy your personal details and your training record will be anonymised so that we can use the information to demonstrate the impact from our training programmes.

Who can I contact?

If you have any questions about how your personal information is used, or wish to exercise any of your rights, in the first instance, please e-mail the appropriate address according to the scheme to which you are applying:


For Training Events: training@earlham.ac.uk
For Immersive Visitor Training Programme: IVTP@earlham.ac.uk
For Year in Industry: YiI@earlham.ac.uk

Compliance with data protection legislation

For the Earlham Institute, the person with responsibility for advising on compliance with data protection legislation is Sarah Cossey, contact: dpo@earlham.ac.uk

Visitors.

This privacy notice explains how Earlham Institute collects, stores and uses personal information during and after your visit at the Institute in accordance with the General Data Protection Regulation (GDPR) that falls outside the NBI HR Privacy Notice for Visitors.


What information do we hold about you?

As a visitor to the Earlham Institute we collect, store and process a range of personal information about you, dependent on the purpose of your visit. The Business Support team process information in order for us to provide administration support to you during your visit. If you are spending time with the Institute staff learning about our work, the Public Engagement and Training Teams process information to support your visit and analyse our impact in providing opportunities to work with Earlham Institute.

How we use your information

We collect, store and process personal data to:

  • Organise your visit to Earlham Institute, arrange access to our buildings and facilities.
  • Organise travel, catering and accommodation when relevant.
  • Provide accident reporting records and first aid provision
  • Ensure we follow our processes for on-site personnel for security and safety purposes
  • Publicise events or visits via photographs for internal and external web pages
  • Provide quotes and process invoices for service charges, such as room hire bookings
  • Assess the impact from our public engagement and knowledge exchange programmes. Complete internal management and administrative processes where processing is necessary for the purposes of the Institute and/or our Data Processors’ legitimate interests
How do we store and share your information?

Your information is mainly stored electronically in internal electronic folders, maintained on our own servers. We also have some manual files which are held in secure cabinets in the Business Support Office within the EI Building.


There are some circumstances where we must share your personal information with outside organisations, including:

  • If you hire facilities from EI we may need to: provide attendance lists to the company hosting the event if it is not EI, or third parties providing catering etc.
  • We may share your information with any other EI Data Processors for business purposes.
  • If you are visiting EI and working with our own employees we may need to book travel for you, therefore your passport details may need to be submitted to third party travel agents.
  • To response services in the case of an emergency.
Security of your information

We are committed to keeping your personal information safe and secure. As indicated above, your personal information is created, stored and transmitted securely in a variety of papers and electronic formats. Access to your personal information is limited to staff who have a legitimate interest in it for the purposes of carrying out their contractual duties.
The Information Security Policy provides further information on how the Institute and NBIP information systems which may be used to manage your personal information are protected. This is available on request from our business support team.


Accessing, correcting or deleting your information

You have the right to request a copy of the information we hold about you, to request a correction and to request that your personal data is deleted. In some cases, we may not be able to agree to your request. In this situation we will provide you with the reason and your right to complain to the Information Commissioner if you are unhappy with our decision. You have a range of other rights under the GDPR. If you would like more information, please see the Information Commissioner’s Office website: https://ico.org.uk/ (see “For the public”).

Retaining and disposing of your information

The length of time we keep the information we hold about you varies depending on the type of information. Some information must be kept for a certain period by law. Please ask a member of business support for this information.


If you have hired facilities from EI we will destroy any attendee lists within 6 months of you paying the hire fees.

If you are working with EI employees, all personnel records will be deleted within 12 months of the end of your visit with Earlham Institute. We may ask to keep in contact with you, in order to monitor the impact from your visit to Earlham Institute.

If you give us your explicit permission we will retain your details and check with you every 12 months whether you are ok for us to continue to retain your information. If you are no longer content we will destroy your personal details.

Where you do not wish us to keep in contact, details of your visit will be anonymised so that we can use the information to demonstrate the impact from our knowledge exchange and engagement programmes.


Who can I contact?

If you have any questions about how your personal information is used, or wish to exercise any of your rights, you can contact the Business Support Team (email business.support@earlham.ac.uk).

Compliance with data protection legislation

For the Earlham Institute, the person with responsibility for advising on compliance with data protection legislation is Sarah Cossey, contact: dpo@earlham.ac.uk


This notice will be reviewed on a regular basis and may be amended and updated at any time. We may also notify you in other ways from time to time about the processing of your personal information.

Genomics Pipelines.

The Earlham Institute (‘EI’) (we or us) is committed to protecting your data and respecting your privacy.


This privacy notice explains how Earlham Institute and its subsidiary Genome Enterprise Ltd (GEL) collects, stores, and uses personal information we collect in relation our Genomics Services, in accordance with the General Data Protection Regulation (GDPR).


What information we collect about you?

When you enquire about or use our Genomics Services, we collect the following non-sensitive data about you:

  • Data that you provide to us when you request information about our Genomics Services via one of our webforms on our site (http://www.earlham.ac.uk), including your name, work address, email address, and your research interests
  • Data that you provide to us when you submit a request for our Genomics Services, including information contained in our sample information and purchase order details
  • If you contact us by phone or email, we may keep a record of that correspondence

How we use your information

We collect, store and process personal data to:

  • Provide information to you about the services we offer
  • Issue a quotation for the services that you have requested
  • Deliver services that you have commissioned from us
How we store and share your information

Your information is stored electronically and securely in our Customer Relation Management (CRM) system and shared electronically with other information management software operating on our secure servers. We will share your information with other EI Data Processors for business purposes including those that provide financial services to us for invoicing purposes.

Security of your information

We are committed to keeping your personal information safe and secure. As indicated above, your personal information is created, stored and transmitted securely in a variety of papers and electronic formats. Access to your personal information is limited to staff who have a legitimate interest in it for the purposes of carrying out their contractual duties.

Accessing, correcting or deleting your information

We want to make sure that your personal information is accurate and up to date. You have the right to request a copy of the information we hold about you, to request a correction and to request your personal information is deleted. In some cases, we may not be able to agree to your request, however if this is the case, we will tell you the reason and your right to complain to the Information Commissioner if you are unhappy with our decision. You have a range of other rights under the GDPR. If you would like more information, please see the Information Commissioner’s Office website: https://ico.org.uk/ (see “For the public”)

Retaining and Disposing of your information

We retain all information we collect when you request information about our services for a period of 1 year from the date of your request. If we issue a quotation to you, we will retain your information for a period of 3 years. Information collected when we deliver services to you is retained for 6 years after completion of the services for compliance, tax and auditing purposes. At the end of this period, we will delete your personal information and/or anonymise your record. We may ask to keep in contact with you, in order to monitor the impact of our Genomics Services. If you give us your explicit permission we will retain your details and check with you every 2 years whether you are happy for us to continue to retain your information. If you are no longer content we will destroy your personal details and your record will be anonymised so that we can use the information to demonstrate the impact from our Genomics Services.

Who can I contact?

If you have any questions about how your personal information is used, or wish to exercise any of your rights, you can contact the Genomics Pipelines team (please email genomics.pipelines@earlham.ac.uk).

Compliance with data protection legislation

For the Earlham Institute, the person with responsibility for advising on compliance with data protection legislation is Sarah Cossey, contact: dpo@earlham.ac.uk

This notice will be reviewed on a regular basis and may be amended and updated at any time. We may also notify you in other ways from time to time about the processing of your personal information.

DNA Foundry.

The Earlham Institute (‘EI’) (we or us) is committed to protecting and protecting your privacy.

This privacy notice explains how Earlham Institute and its subsidiary Genome Enterprise Ltd (GEL) collects, stores, and uses personal information we collect in relation our DNA Foundry Services, in accordance with the General Data Protection Regulation (GDPR).


What information we collect about you?

When you enquire about or use our DNA Foundry Services, we collect the following non-sensitive data about you:

• Data that you provide to us when you request information about our DNA Foundry Services via one of our webforms on our site (http://www.earlham.ac.uk), including your name, work address, email address, and your research interests
• Data that you provide to us when you submit a request for our DNA Foundry Services, including information contained in our sample information and purchase order details
• If you contact us by phone or email, we may keep a record of that correspondence


How we use your information

We collect, store and process personal data to:

  • Provide information to you about the services we offer
  • Issue a quotation for the services that you have requested
  • Deliver services that you have commissioned from us
How we store and share your information

Your information is stored electronically and securely in our Customer Relation Management (CRM) system and shared electronically with other information management software operating on our secure servers. We will share your information with other EI Data Processors for business purposes including those that provide financial services to us for invoicing purposes.

Security of your information

We are committed to keeping your personal information safe and secure. As indicated above, your personal information is created, stored and transmitted securely in a variety of papers and electronic formats. Access to your personal information is limited to staff who have a legitimate interest in it for the purposes of carrying out their contractual duties.

Accessing, correcting or deleting your information

We want to make sure that your personal information is accurate and up to date. You have the right to request a copy of the information we hold about you, to request a correction and to request your personal information is deleted. In some cases, we may not be able to agree to your request, however if this is the case, we will tell you the reason and your right to complain to the Information Commissioner if you are unhappy with our decision. You have a range of other rights under the GDPR. If you would like more information, please see the Information Commissioner’s Office website: https://ico.org.uk/ (see “For the public”)

Retaining and Disposing of your information

We retain all information we collect when you request information about our services for a period of 1 year from the date of your request. If we issue a quotation to you, we will retain your information for a period of 3 years. Information collected when we deliver services to you is retained for 6 years after completion of the services for compliance, tax and auditing purposes. At the end of this period, we will delete your personal information and/or anonymise your record. We may ask to keep in contact with you, in order to monitor the impact of our DNA Foundry Services. If you give us your explicit permission we will retain your details and check with you every 2 years whether you are happy for us to continue to retain your information. If you are no longer content we will destroy your personal details and your record will be anonymised so that we can use the information to demonstrate the impact from our Genomics Services.

Who can I contact?

If you have any questions about how your personal information is used, or wish to exercise any of your rights, you can contact the DNA Foundry team (please email foundry@earlham.ac.uk).

Compliance with data protection legislation

For the Earlham Institute, the person with responsibility for advising on compliance with data protection legislation is Sarah Cossey, contact: dpo@earlham.ac.uk

This notice will be reviewed on a regular basis and may be amended and updated at any time. We may also notify you in other ways from time to time about the processing of your personal information.