A website about the work of the Recovery Research Team at the Institute of Mental Health

Home / Privacy Policy

Privacy Policy

Data Protection Policy

 

Our Policy

  1. Introduction

researchintorecovery.com has been created for researchers, mental health professionals, policy makers, people with personal experience of mental health problems and their families, and anyone who is interested in recovery and wellbeing in the field of mental health.

The primary aim of the website is providing information about the research carried out by the Recovery Research Team at the Institute of Mental Health, University of Nottingham, United Kingdom, and to provide information about other activities of the recovery research team. The site also includes resources that have been produced by the recovery research team and by our collaborators.

The inclusion of information on this site is at the discretion of Professor Mike Slade (Head of the recovery research team).

researchintorecovery.com is committed to complying with data protection law and to respecting the privacy rights of individuals. The policy applies to all our staff.

This Data Protection Policy (“Policy”) sets out our approach to data protection law and the principles that we will apply to our processing of personal data. The aim of the Policy is to explain how we ensure that we process personal data in accordance with the law and with the utmost care and respect. References to we, our or us in this privacy notice are to Research into Recovery, Institution of Mental Health, Innovation Park, The University of Nottingham Triumph Road, Nottingham, NG7 2TU, UK.

  1. How we use your personal data

2.1 We use your information from the website to help us understand what works and what doesn’t on our website. We’ll use information you submit through our contact forms and other ways of giving feedback to help you with specific issues.

2.2 Under the GDPR, we must establish a legal basis for processing your personal data and let you know what this is. It is in our legitimate interest to process your personal data for the outline above. This processing shouldn’t impact on you negatively and is necessary for our website to function correctly.

2.3 We may process data about how you use or website (“usage data”). The usage data may include; your IP address geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths.

2.4 We may process your personal information (“personal data”). This personal data

2.5 We may process information contained in any enquiry you submit to us via our contact form (“enquiry data“). The enquiry data may be processed for the purposes of response to your enquiry, and/or marketing. The legal basis for this processing is in line with the terms listed above (2.2)

2.5 We may process [information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters] (“notification data“). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent (See. 3. Digital Marketing).

2.6 We may process information contained in or relating to any communication that you send to us via email (“correspondence data“). The correspondence data may include the contents of the communication and metadata associated with this. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.

  1. Digital Marketing

Email, post and SMS marketing: from time to time, we may contact you by email, post or SMS with information about products and services we believe you may be interested in.

We will only send marketing messages to you in accordance with the marketing preferences you set. You can then let us know at any time that you do not wish to receive marketing messages by clicking on the unsubscribe link in the marketing messages we send to you.

  1. Providing your personal data to others

We share personal information with the following parties:

  • Any party approved by you;
  • Other service providers and advisors; for example, email marketing specialists, professional advisors, data analysis and IT services (including Google Analytics)
  • External funding providers: to provide intelligence on our work areas as part of our funding agreement.
  • Our Partners;
  • The Government or our regulators; where we are required to do so by the law or to assist with their investigations or initiatives.
  • Police, law enforcement and security services; to assist with the investigation and prevention of crime and protection of national security.
  1. International transfer of your personal data

The personal data we collect, supplied by you, may be transferred and stored to other third-party organisations. See (9.5)

  1. Retaining and deleting your personal data

The duration for which we retain your personal information will differ depending on the type of information and the reason why we collected it from you. However, in some cases personal information may be retained on a long-term basis: for example, personal information that we need to retain for legal purposes will normally be retained in accordance with usual commercial practice and regulatory requirements.

Generally, where there is no legal requirement, we retain all physical and electronic records for a period of 6 years after your last contact with us. An exception to this rule is:

  • Information that may be relevant to research projects/studies that are externally funded or supported may be retained for longer periods in order to allow us to assess the longer-term impact of our research projects/studies.

It is important to ensure that the personal information we hold about you is accurate and up-to-date, and you should let us know if anything changes, for example if you change your phone number or email address. You can update some of the personal information we hold about you by using the details set out in the “Our Details” section below.

  1. Amendments.

We may update this Privacy Policy from time to time. When we change this notice in a material way, we will update the version date at the bottom of the document. For significant changed to this notice, we will try to give you reasonable notice unless we are prevented from doing so. Where required by law, we will seek your consent to changes in the way we use your personal data.

  1. Your rights

You have the following rights in relation to your personal information:

  • the right to be informed about how your personal information is being used;
  • the right to access the personal information we hold about you;
  • the right to request the correction of inaccurate personal information we hold about you;
  • the right to request the erasure of your personal information in certain limited circumstances;
  • the right to restrict processing of your personal information where certain requirements are met;
  • the right to object to the processing of your personal information;
  • the right to request that we transfer elements of your data either to you or another service provider; and
  • the right to object to certain automated decision-making processes using your personal information.

You should note that some of these rights, for example the right to require us to transfer your data to another service provider or the right to object to automated decision making, may not apply as they have specific requirements and exemptions which apply to them and they may not apply to personal information recorded and stored by us. For example, we do not use automated decision making in relation to your personal data. However, some have no conditions attached, so your right to withdraw consent or object to processing for direct marketing are absolute rights.

Whilst this privacy notice sets out a general summary of your legal rights in respect of personal information, this is a very complex area of law. More information about your legal rights can be found on the Information Commissioner’s website at https://ico.org.uk/for-the-public/.

  1. Third Parties

We may use the following third-party service providers named below to process and store your data:

9.1 Cookies: text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org  or www.allaboutcookies.org

You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.

9.2 Embedded Content: Sometimes we’ll embed content in our pages that we don’t control or operate. This is common for social media sites such as Facebook and Twitter. When you interact with these elements, which are always marked clearly, you’ve not interacted with our website but instead the service embedded, and we can’t guarantee what data is collected.

9.3: Search Engine: Google powers our website search. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either us or any third-party marketers.

9.4: Google Analytics: We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

9.5 MailChimp US: which we use to manage email marketing subscriber lists and send emails to our subscribers. Read their privacy policy. As we are in the European Economic Area (EEA), MailChimps’ Data Processing Addendum meets the requirements of the GDPR in order to permit us to continue to lawfully transfer EU personal data to Mailchimp and permit Mailchimp to continue to lawfully receive and process that data.

  1. Links policy

researchintorecovery.com includes links to other websites that appear to be a useful resource for visitors who are interested in research about recovery and wellbeing. Through these links, we aim to give visitors access to relevant, up-to-date and evidence-based information.

We do not link to other websites in exchange for cash, services or other considerations and we are not responsible for the content of other websites.

We do not link to commercial sites or to websites that charge visitors to view their contents except for links to academic journals where visitors can almost always view an abstract but on many occasions have to pay to view the full paper.

We try to regularly check that links are working. If you spot a broken link, please contact us.

 

  1. Our Details

You can contact us here.