UniProt privacy notice
This Privacy Notice explains what personal data is collected by the specific service you are requesting, for what purposes, how it is processed, and how we keep it secure.
1. Who controls your personal data and how to contact us?
The UniProt Consortium is formed by three institutions that are joint data controllers.
The EMBL-EBI data controller’s contact details are:
Rolf Apweiler and Ewan Birney, EMBL-EBI Directors
EMBL-EBI, Wellcome Genome Campus, CB10 1SD Hinxton, Cambridgeshire, UK.
The EMBL Data Protection Officer’s contact details are:
EMBL Data Protection Officer
Tel: +49 6221 387-0
Email: [email protected]nullembl.nullorg
EMBL Heidelberg, Meyerhofstra?e 1, 69117 Heidelberg, Germany.
The SIB data controller’s contact details are:
Alan Bridge, Co-Director SIB Swiss-Prot Group
Email: Alan.null[email protected]nullsib.nullswiss
SIB Swiss Institute of Bioinformatics, CMU, 1 rue Michel Servet, 1211 Geneva, Switzerland.
The SIB Data Protection Officer’s contact details are:
Tel: +41 21 692 40 50
Email: [email protected]nullsib.nullswiss
SIB Swiss Institute of Bioinformatics, Quartier Sorge – Batiment Genopode, 1015 Lausanne, Switzerland.
The Protein Information Resource data controller’s contact details are:
Georgetown University Medical Center, 3300 Whitehaven Street, NW, Suite 1200, Washington, WA DC 20007, United States.
2. Which is the lawful basis for processing personal data?
Processing your personal data is necessary for our legitimate interests in providing services to you, to help improve our resources and for the purposes of day-to-day running of the UniProt resource and underlying infrastructure.
3. What personal data is collected from users of the service? How do we use this personal data?
The personal data collected from the services listed below is as follows:
Website and API
- IP address
- Date and time of a visit to the service
- Operating system
- Amount of data transmitted
- Email address
The data controller will use your personal data for the following purposes:
- To provide the user access to the service
- To answer questions from users
- To better understand the needs of the users and guide future improvements of the service
- To create anonymous usage statistics
- To conduct and monitor data protection activities
- To conduct and monitor security activities
4. Who will have access to your personal data?
Personal data will only be disclosed to authorized staff at the institutions that form the UniProt Consortium.
5. Will your personal data be transferred to third countries (i.e. countries not part of EU/EAA) and/or international organisations?
There are no personal data transfers to international organisations outside of the UniProt Consortium.
UniProt uses Google Analytics as a third-party analytics service to collect information about website performance and how users navigate through and use our sites to help us design better interfaces. We do not use Google Analytics to track you individually or collect personal data.
6. How long do we keep your personal data?
Any personal data directly obtained from you will be retained as long as the service is live, even if you stop using the service. We will keep the personal data for the minimum amount of time possible to ensure legal compliance and to facilitate internal and external audits if they arise.
7. The joint Data Controllers provide these rights regarding your pers onal data
You have the right to:
- Not be subject to decisions based solely on an automated processing of data (i.e. without human intervention) without you having your views taken into consideration.
- Request at reasonable intervals and without excessive delay or expense, information about the personal data processed about you. Under your request we will inform you in writing about, for example, the origin of the personal data or the preservation period.
- Request information to understand data processing activities when the results of these activities are applied to you.
- Object at any time to the processing of your personal data unless we can demonstrate that we have legitimate reasons to process your personal data.
- Request free of charge and without excessive delay rectification or erasure of your personal data if we have not been processing it respecting the data protection policies of the respective controllers.
Requests and objections can be sent to our helpdesk (email@example.com).
It must be clarified that rights 4 and 5 are only available whenever the processing of your personal data is not necessary to:
- Comply with a legal obligation.
- Perform a task carried out in the public interest.
- Exercise authority as a data controller.
- Archive for purposes in the public interest, or for historical research purposes, or for statistical purposes.
- Establish, exercise or defend legal claims.