Privacy on the GBC website
The Public Website (www.globalbiodata.org)
The data we collect: if you browse the public website then the following information is logged by our server: your browser, operating system, IP address, the date and time of your visit, the pages visited, and the amount of data transferred.
Why we collect the data: the data are used to monitor for suspicious activities (e.g., attempts to hack the site), to diagnose problems on the site, and to create anonymous usage statistics. We do not attempt to identify or profile individuals based on these data.
Lawful basis for processing the data: processing these data is necessary for our legitimate interest of allowing the website to remain secure and robust.
Who has access to the data: personal data are only accessible to staff at the GBC secretariat who work on the website and the SiteGround support team (see ‘Third party processors’ below).
Data transfer: these data are located on a server in the UK and are not transferred to any other country.
Data retention: we will keep web logs and security logs for a maximum of one year before anonymising them.
Under the General Data Protection Regulation (GDPR) you have a number of rights concerning your data (see the ICO website for an overview of these). If you want to exercise these rights (e.g., to access, modify, or erase your data) then please contact the Data Controller.
You have the right to:
1. Not be subject to decisions based solely on an automated processing of data (i.e., without human intervention) without you having your views taken into consideration.
2. Request at reasonable intervals and without excessive delay or expense, information about the personal data processed about you. Under your request we will inform you in writing about, for example, the origin of the personal data or the preservation period.
3. Request information to understand data processing activities when the results of these activities are applied to you.
4. Object at any time to the processing of your personal data unless we can demonstrate that we have legitimate reasons to process your personal data.
5. Request free of charge and without excessive delay rectification or erasure of your personal data.
6. It must be clarified that rights 4 and 5 are only available whenever the processing of your personal data is not necessary to:
● Comply with a legal obligation.
● Perform a task carried out in the public interest.
● Exercise authority as a data controller.
● Archive for purposes in the public interest, or for historical research purposes, or for statistical purposes.
● Establish, exercise or defend legal claims.
If you want to exercise these rights then please contact the Data Controller.
Last update: 20 April 2020