Rix Inclusive Research – Fair Processing Notice
In this document you will find out how Rix Inclusive Research handles your personal data.
Our contact details
Name: Rix Inclusive Research
Address: Docklands Campus, University of East London, 4 – 6 University Way, London, E16 2RD
Phone Number: +44 (0)208 223 7561
For the purposes of the Data Protection Act, Rix Inclusive Research acts as a Data Controller for our purposes of processing. Rix Inclusive Research is part of the University of East London which has appointed a Data Protection Officer to meet its obligations under the General Data Protection Regulation (GDPR). You can contact our Data Protection Officer by emailing firstname.lastname@example.org or telephoning 0208 223 2103.
What type of information we have
- We collect and process the following information:
Contracts for commercial or research projects: personal identifiers (name, surname), contact details (email addresses, telephone numbers and postal address) and other characteristics such as organisation names, address and main contact person e.g. a head teacher for a school’s contract.
- Images and video assets collected during events and research projects. During an event or a research project we might be taking pictures or video clips to document an event for example. We will always ask for your consent before doing so. All media assets collected are safely stored on password protected personal computers at the University of East London. Selected members of staff can only access those assets and use them for a specified purpose. The different purposes for which we might use images or videos are clearly marked on our consent forms that you would have had an opportunity to sign when giving your consent.
- For Wiki Registration – name and email address – However, as individuals can upload data from a variety of media sources including reports about themselves, it is possible that the following personal data may be included:
- Email address
- Date of birth
- Information about the racial background of an individual
- Information about the ethnicity of an individual
- Information about the physical or mental health of an individual
- Information about the religion or the philosophy of an individual
- Information about the sexuality of an individual
- Information about the political views of an individual
- Information about the criminal offences or convictions(s) of an individual
- Photos of or about the individual
- Videos of or about the individual
However, we do not process any of the information included in a person’s Wiki. The only information we process are: username, email address, telephone number and postal address, which are provided as part of the registration process.
How we get the information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- To purchase our software license e.g. Rix Wiki, Easy Survey, WikiMe
- To purchase our professional training and consultancy services
- To take part in a research project
We do not process or control any of the information provided by you, or those whom you support in your Rix Wiki.
Under the GDPR, the lawful basis we rely on for processing this information is:
(a) We have a contractual obligation, e.g. via licensing agreement, commercial or research contracts.
(b) Your consent, e.g. when you are invited to take part in an event which has media coverage. Before attending such event, you will have an opportunity to find out about the event and give your permission for pictures, videos to be takes and specify for which purposes these could be used.
You can remove your consent for taking part in our research projects or the use of your media that we have at any time. You can do this by contacting Rix Admin email@example.com
(c) Under our Legitimate Interest. This is used when we capture images at events, or where we need to share limited personal data for the purposes of administration or to collect statistical data for usage analysis.
What we do with the information we have
We use the information that you have given us in order to:
- Provide the agreed software setup, support, service or training
- To contact you if we need to notify you about anything in relation to our contract.
- To conduct research, educational activities, publications, presentations, dissemination and marketing.
Please note that we only use your information for activities that you have given us explicit consent for.
We do not share the information we have on you with anyone unless:
- You have given us consent to do so e.g. case studies, images, and videos or;
- We have a legal obligation to disclose data to an organisation with enforcement powers such as the police or;
- We believe it is necessary to protect life.
How we store your information
Your information is securely stored in the UK using Microsoft Azure which is a secure, encrypted, industry recommended standard that complies with the obligations to keep personal data secure against unlawful processing or accidental loss, destruction or damage.
We keep your personal data in an electronic format on password protected computers. The data is stored for the duration of the contract and further retained for six months after the finishing date of your contract (unless otherwise stated in your contract). After this period, we will delete all of your personal data. Before doing so we will contact you to double check that you do not wish to continue using our services or renew your licence. We will then dispose your data by securely deleting all the files.
Your data protection rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal data in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
If you make a request, we have one month to respond to you.
How to complain
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113