THYME Privacy Notice
This privacy notice is for attendees of THYME events and visitors to the THYME website. It sets out the ways in which BioVale gathers, uses, stores and shares your data. It also sets out how long we keep your data and what rights you have in relation to your data under the General Data Protection Regulation (GDPR).
For the purposes of this privacy notice, BioVale is the Data Controller as defined in the General Data Protection Regulation
Who we are
Our website address is: https://thyme.biovale.org.
Where do we get your data from?
Much of the data we hold on you comes from the application form to join the THYME network, registration forms for THYME events, business cards or email correspondence. Additional information may also have been provided by you as part of your interactions with us at wider events or conferences. Information relating to you may also have been provided to us by third parties e.g. your contacts or colleagues.
What data do we have?
Personal data including name, job title, the name of your employer, your employers address and telephone number.
What is our legal basis for processing your data?
BioVale needs to collect and retain certain types of data, in various formats, about its contacts, members and subscribers in order to fulfil its functions as a membership, cluster and business development organisation.
Typically, data will be processed:
· Because you have given us your consent;
· To fulfil our legitimate interests of cluster and business development as required by our funders.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How do we use your data?
BioVale may process your personal data for the following purposes:
1. To add your details to our THYME network directory to help you network with others at the THYME universities and raise your personal profile
2. To enable effective communication with you including without limitation, providing you with information relating to the THYME project, BioVale’s services and events, funding and/or collaboration opportunities as well as links to other people working within the bioeconomy regionally or globally
In addition, please note:
Whilst at THYME events you may be captured in photographs or video footage as part of a wider group shot. These images/recordings may be used by BioVale for promotional purposes e.g. in the promotion of future Biovale events. If you have concerns about the use of your image please contact BioVale for more information, firstname.lastname@example.org.
Who do we share your data with?
BioVale may share your data with:
· Employees of BioVale and the University of York
· Third parties that process data on behalf of BioVale to support it in fulfilling its obligations and responsibilities to and relationship with you (e.g. software and system providers);
· Third party providers or employers involved in facilitation or delivery of BioVale events or meetings;
· Professional and regulatory bodies (e.g. BASIS) in relation to accreditation for attendance at BioVale events;
· Government departments/agencies to whom we have a statutory obligation to release information (including Research England and ERDF);
· Law enforcement agencies such as the police or relevant authorities dealing with emergency situations (only as required or appropriate in line with Data Protection legislation).
BioVale may also disclose your data to other 3rd parties not listed above on a case-by-case basis. Disclosures will be made in full accordance with the data protection legislation and only where necessary. Consent will be sought with you where appropriate and you will be told about such disclosures unless exception circumstances apply.
How do we keep your data secure?
BioVale takes information security extremely seriously and has implemented appropriate technical and organisational measures to protect personal data. Access to information is restricted on a need-to-know basis and security arrangements are regularly reviewed to ensure their continued suitability. For further information see https://www.york.ac.uk/it-services/security/.
How do we transfer your data safely internationally?
In certain circumstances, it is necessary to transfer your Personal Data (including Special Category Data) outside the European Economic Area. In respect of such transfers, the University will comply with our obligations under Data Protection Law and ensure an adequate level of protection for all transferred data.
How long will we keep your data?
BioVale will retain your data in line with legal requirements or for two years after the end of the THYME project. Retention timeframes will be determined in line with the University of York’s Records Retention Schedule.
What rights do you have in relation to your data?
Under the General Data Protection Regulation, you have a right of access to your data, a right to rectification, erasure (in certain circumstances), restriction, objection or portability (in certain circumstances). You also have a right to withdraw consent. You can verify or correct information in your record at any time by contacting the BioVale Administrator at email@example.com or writing to the BioVale Administrator at 1 Hassacarr Close, Chessingham Park, Dunnington, York, YO19 5SN. We will promptly correct any information found to be incorrect.
Questions or concerns
If you have any questions about this privacy notice or concerns about how your data is being processed, please contact firstname.lastname@example.org.
Right to complain
If you are unhappy with the way in which BioVale has handled your personal data, you have a right to complain to the Information Commissioner’s Office. For information on reporting a concern to the Information Commissioner’s Office, see www.ico.org.uk/concerns.