Ripeta Privacy Notice
This Notice applies to the websites at www.ripeta.com and related services (“Ripeta”).
Ripeta is operated by Digital Science & Research Solutions Inc, a Delaware corporation with offices at 625 Massachusetts Ave, Cambridge, MA 02139, USA (“Digital Science” or “we”). This Notice explains what personal data we collect, how we may use and manage it and the rights you may have in relation to such personal data. When we refer to “personal data” in this Notice, we mean information relating to an identified or identifiable individual that we collect and use in connection with Ripeta; not aggregate or other anonymised data or information we process on behalf of our customers.
How do we collect and use personal data?
We collect personal data in the following ways:
- Information you provide to us directly online. For example, when you register to use Ripeta, submit content via Ripeta, complete one of our web forms, or make a support request, we collect the personal data you provide, like your name, email address and other basic contact details / professional information. We will use this information to enable you to access and use Ripeta, carry out checks in respect of content submitted via Ripeta, fulfil the request you have made and/or to track and improve the quality of the services we provide, which may involve asking you about your experience with Ripeta. More occasional examples could include where you respond to a survey, complete a support request or enter into a competition.
- Information you provide to us in person. For example, when you visit one of our exhibition booths or attend one of our events, you may provide us with your contact details. We will use this information to answer your enquiries or provide other information requested by you.
- Information we collect from third parties or publicly available sources. If you are a member of the research community, we may collect publicly-available information about you and the content you’ve authored from research-related data sources, such as ORCID. We may use this information in Ripeta to help us and our customers to verify your association with content you’ve previously published or submitted for publication.
- Information we collect from our other interactions / business dealings. For example, if you attend a webinar, contact us via social media or otherwise interact with our business, including as a representative of a current / prospective customer, supplier or partner, we will make a record of those dealings, which may contain personal data. If you visit one of our offices, this may be captured on CCTV and used by us for security reasons.
In all the above cases, where we have a relationship with you, we may also use the personal data we collect to manage and keep a record of that relationship and other business administration purposes you would reasonably expect and, subject always to your preferences, to provide information we think may be of interest to you.
In many of the above cases, we may also use the information collected to create aggregate or other non-personal data to enable us to benchmark and improve Ripeta and for other analytical or research purposes.
If you provide personal data to us about someone else (such as one of your colleagues), please ensure that you have their permission to do so and they areaware of the contents of this Notice.
The legal basis for our use of your personal data
In order to comply with European data privacy laws, we are required to set out the legal bases for our use of your personal data, which are as follows:
- Where you have given us your explicit consent, which you can withdraw at any time. For example, we rely on your consent to fulfil specific requests you have made, such as to receive our blog emails, or provide information you have opted-in to receive;
- Where the processing is necessary for the performance of our contract with you, or to enter into such a contract. For example, if you register to use Ripeta, we will need to use your details to set-up and administer your account;
- Where the processing is necessary to comply with our legal obligations; or
- The processing is in our legitimate interests, provided these are not overridden by your individual rights. For example, we rely on our legitimate interests to collect personal data from research-related content such as journal articles, and to include that information in the reports we write. We also rely on our legitimate interests to contact you when you have not previously given us your consent to do so, to use CCTV on our premises for security reasons and to create aggregated or other non-personal data from your personal data.
Who we share your personal data with
We may share your personal data within our corporate group on a confidential basis for our internal administrative, billing and other business purposes. We do not generally disclose or share personal data with third parties, except where it’s necessary for legitimate business reasons, such as:
- To the agents, advisers and service providers that assist us in running, and that we use to administer, our business;
- To the subcontractors and service providers we use to provide and support Ripeta;
- If required to enable the integration or use of third party resources accessed or used on Ripeta;
- If part of our business is sold to or integrated with another business, to our advisers and any prospective purchasers (and their advisers);
- In such circumstances for which you have given your consent;
- If and to the extent necessary for the performance of the contract we have with you or in order to enforce any claims we are entitled to;
- If we are required by law or ordered by a court to disclose such information;
- If Ripeta is integrated or offered in connection with another service, to the providers of that service for the purpose of the integration, which may involve access to information such as your name, email address and usage information.
We include appropriate confidentiality and security obligations in our contracts with our service providers and only permit them to process your personal data for specified purposes and in accordance with our instructions (not for their own purposes).
We take appropriate technical and organisational security measures to protect personal data from accidental or unlawful destruction, accidental loss and unauthorised access, destruction, misuse, modification or disclosure.
Retention of your personal data
We only keep your personal data for as long as it is necessary for the purposes for which it was collected, after which it will be destroyed, erased, or anonymised.
To run our business and provide Ripeta, we may transfer personal data from the UK or the European Economic Area (EEA), including to our affiliates and service providers, many of whom are located outside of these jurisdictions. Whenever we make such transfers, we will ensure an appropriate level of protection is afforded to your personal data by implementing at least one of the following safeguards:
- Ensuring the destination country has been deemed to provide an adequate level of protection for personal data;
- Using model form contracts that have been officially declared to afford your personal data an appropriate protection.
Please email us at email@example.com if you would like more information about these safeguards.
Depending on your preferences, we may send you marketing communications we think might be of interest to you. Some of these messages may be tailored to you, based on your interests (e.g. previous browsing activity) and any other information we may hold.
European data privacy laws give rights to individuals in respect of personal data that organisations hold about them, for example:
- Requesting a copy of the personal data that we hold about them;
- Objecting to the processing of their personal data; or
- Requesting that their personal data is rectified or deleted, or its processing limited.
To make any requests regarding your personal data, please email us at firstname.lastname@example.org. We will comply with any requests to exercise your rights in accordance with applicable law. Please be aware, however, that there are a number of limitations to these rights, and there may be circumstances where we’re not able to comply with your request.
Third party sites
If any part of Ripeta is made available on or through third party websites or other resources, includes links to such resources, or other resources contain links to any part of Ripeta, this is done for convenience only. We recommend that you check the privacy and security policies of such resources as they are not subject to this Notice.
If you would like any further information, or have any questions or concerns, regarding your personal data, as a first step, please email us at email@example.com or write to us at:
- If you’re based in Europe: 4 Crinan Street, London N1 9XW, UK
- If you’re based outside of Europe: 625 Massachusetts Ave, Cambridge, MA 02139, USA
You have the right to make a complaint at any time to your local supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns in the first instance.
Changes to this Notice
We reserve the right to modify or replace this Notice at any time by posting the revised Notice on our website. You are responsible for reviewing and becoming familiar with any such change each time you access any part of Ripeta.
Last updated: January 2022