Privacy Notice: Durham Reading and Exploration (DREX) Training App and websites
Please read the privacy information below – Part 1 comprises Durham University’s Generic Privacy Notice and Part 2 comprises privacy information specific to the activities of DREX.
Durham University’s responsibilities under data protection legislation include the duty to ensure that we provide individuals with information about how we process personal data. We do this in a number of ways, one of which is the publication of privacy notices. Our privacy notices comprise two parts – a generic part and a part tailored to the specific processing activity being undertaken.
The Data Controller is Durham University. If you would like more information about how the University uses your personal data, please see the University’s Information Governance webpages or contact:
Information Governance Unit Telephone: (0191 33) 46246 or 46103 E-mail: info.access@durham.ac.uk
The Data Protection Officer is responsible for advising the University on compliance with Data Protection legislation and monitoring its performance against it. If you have any concerns regarding the way in which the University is processing your personal data, please contact the Data Protection Officer:
Jennifer SewelUniversity SecretaryTelephone: (0191 33) 46144E-mail: jennifer.sewel@durham.ac.uk
The University keeps personal data for as long as it is needed for the purpose for which it was originally collected. Most of these time periods are set out in the University Records Retention Schedule.
You have the right to be provided with information about how and why we process your personal data. Where you have the choice to determine how your personal data will be used, we will ask you for consent. Where you do not have a choice (for example, where we have a legal obligation to process the personal data), we will provide you with a privacy notice. A privacy notice is a verbal or written statement that explains how we use personal data.
Whenever you give your consent for the processing of your personal data, you receive the right to withdraw that consent at any time. Where withdrawal of consent will have an impact on the services we are able to provide, this will be explained to you, so that you can determine whether it is the right decision for you.
You have the right to be told whether we are processing your personal data and, if so, to be given a copy of it. This is known as the right of subject access. You can find out more about this right on the University’s Subject Access Requests webpage.
If you believe that personal data we hold about you is inaccurate, please contact us and we will investigate. You can also request that we complete any incomplete data.
Once we have determined what we are going to do, we will contact you to let you know.
You can ask us to erase your personal data in any of the following circumstances:
Once we have determined whether we will erase the personal data, we will contact you to let you know.
You can ask us to restrict the processing of your personal data in the following circumstances:
Once we have determined how we propose to restrict processing of the data, we will contact you to discuss and, where possible, agree this with you.
If you are unsatisfied with the way in which we process your personal data, we ask that you let us know so that we can try and put things right. If we are not able to resolve issues to your satisfaction, you can refer the matter to the Information Commissioner’s Office (ICO). The ICO can be contacted at:
Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: Information Commissioner’s Office
This section of the Privacy Notice provides you with the privacy information that you need to know before you provide personal data to DREX for the particular purpose(s) stated below.
In order to use DREX you will be asked to enter the following personal information at the registration stage using free text boxes:
You will also be asked to provide some additional sensitive personal information including:
Dropdown menus provide the option of selecting ‘other’ thereby allowing you to input any answer to the question that you wish, or to provide no personal details beyond this.
The DREX app itself will collect data relating to your performance on the tasks contained therein. This includes measures of accuracy of your responses to the tasks as well as speed of responding. This data will be stored on the device you use to do the training. If this device is ever connected to the internet then this performance data will also be sent to the University who will store it anonymously and securely.
We are relying on Consent for the legal purpose of processing your personal data. The personal information that you input into DREX allows the University to use this information in order to deliver the DREX experience. In addition the University will use the data you provide via DREX for internal research and development purposes. The University’s core purpose includes undertaking research in the public interest. Processing of your data is carried out as part of this core purpose. When undertaking any such research, the University will work with anonymised patient characteristic data and assessment performance data only. All such data will be analysed to allow us to better understand rates of improvement and user characteristics.
All personal data will be kept strictly confidential and anonymous, and held on secure servers. Your name will be encrypted and email address hashed before being stored in the database. The research team only have access to anonymised data and no data will be made available to anyone else. If data is included in any publication it will be entirely anonymous and will not be identifiable as yours.
All personal data that the DREX app collects will be stored anonymously. The stored data allows the app to work for the individual user. The anonymous data will be analysed by eligible research staff to investigate if the amount of app training completed leads to changes in task performance, including changes in both accuracy and speed of responding. The additional information provided means that the eligible researchers can investigate factors that may also affect overall performance on the DREX app such as gender, age, and medical condition influences including cause, degree, location and duration of impairment.
The email address you provide allows you to be sent a password reminder should you forget it, and this data will not be used for any other purpose. The email information will not be made available to any third party or accessed by the DREX research team.
You can request to withdraw your data at any point and without providing a reason. However, removing your data will mean that the training offered via the DREX app will no longer be available to you as functionality is dependent upon the stored data. If you wish to remove your data please contact the DREX research team via email; drex.training@durham.ac.uk.
As a user, you can request to share your data with your medical clinician via the DREX portal. For further information on how your clinician can access and use your DREX data and how to authorise sharing please see the clinician data sharing letter supplied by your clinician. None of the information you supply shall be shared with any third party without your consent. However, anonymised (i.e. not identifiable) data may be used in publications, reports, presentations, web pages and other research outputs. Anonymised data may be archived and shared with others for legitimate research purposes.
This information is additional to the information in Part 1 about Retention. The University considers its relationship with DREX users to be life-long as the stored information allows the University to continue to provide the training experience to each individual user via the app. This means that we will maintain an anonymised user record for you until such time as you tell us that you no longer wish us to do so. You can stop using the app at any time, but unless you tell us that you want to remove your user details then these will remain stored securely and anonymously on the servers.
If you have any concerns regarding the processing of your personal data, or you wish to withdraw your data from the project, then please contact DREX via email: drex.training@durham.ac.uk
When someone visits www.durham.ac.uk/drex or uses the DREX app we use a third party service, Google Analytics, to collect standard internet log information and details of user behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site and different components within the app such as the audio files. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website or using the DREX app.
A cookie is a simple text file that is stored on your computer or mobile device by a website's server and only that server will be able to retrieve or read the contents of that cookie. Cookies allow websites to remember user preferences, choices and selections, such as what's in your shopping basket. The DREX app and the DREX webpages do not use cookies to collect personal information about you.
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
We regularly review our privacy information to ensure that it remains accurate and current. We will review and update this privacy information whenever we plan to use personal data for any new purpose. Any changes to this privacy information will be communicated to you.
If you have any questions which you feel have not been covered by this Privacy Notice, please do not hesitate to email us or write to:
DREX Psychology Department, Durham University, Science Laboratories, South Road, Durham DH1 3LE
drex.training@durham.ac.uk
/prod01/prodbucket01/media/durham-university/departments-/psychology/60012-3-2276X1158.jpg)