User Contact FormUser Contact Details
User Contact Details
Personal Data acquired: name, surname, email, city, and various typologies of data.
Privacy Policy
This page outlines the Research Data Alliance Privacy Policy. Effective Date: July 1, 2024. Policy Update May 6, 2026 (v2.0)
The Research Data Alliance (RDA), www.rd-alliance.org (the “Site”), is committed to protecting the personal information of all individuals who use our services. This Privacy Policy explains what personal data we collect, why we collect it, the legal basis for doing so, how we use it, and your rights under the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable UK data protection law.
“Personal data” means any information relating to an identified or identifiable living individual.
1. Data Controller
The Data Controller for this website and all its content is:
| Organisation | Research Data Alliance Foundation |
| Address | Rutherford Appleton Library, Harwell Oxford, Didcot, Oxfordshire, OX11 0QX, England |
| Company No. | 09021881 |
| Charity No. | 1162762 |
| [email protected] |
The Site is operated on behalf of the RDA Foundation by Marameo Design PTY LTD (Australian Business Number: 33 631 679 25). The RDA Foundation does not have a designated Data Protection Officer (DPO), as this is not currently required under Article 37 GDPR given the nature and scale of our processing. This assessment is reviewed periodically. Any data protection queries should be directed to the contact address above.
2. Scope
This Privacy Policy applies to personal data collected through the Site and through electronic communications sent to the RDA. It does not apply to third-party websites linked from the Site. The RDA does not endorse and is not responsible for the content or privacy practices of third-party websites.
3. What data we collect and how
3.1 Data you provide voluntarily
You may browse the Site without providing personal data. However, certain functions — such as registering for events, subscribing to newsletters, or submitting a contact form — require you to provide personal data including:
- Name and surname
- Email address
- Organisation / company
- City or country of location
- Any other information you choose to include in a message to us
3.2 Registration and community membership
To become a member of the RDA community and access RDA services, users must register an account. The personal data collected during registration is used to manage your membership, communicate with you, and provide access to RDA resources.
3.3 Automatically collected data
Our servers automatically collect certain technical information when you visit the Site, including:
- IP address (anonymised where possible)
- Browser type and version
- Operating system
- Pages visited and time spent
- Referring website
- Date and time of visit
Some of this information is collected via cookies and similar tracking technologies. Please see Section 11 for further details.
3.4 Event registration data
When you register for webinars or other RDA events, data such as your name, organisation, and email address may be collected via third-party event platforms. Those platforms process your data subject to their own privacy policies, which we will make available to you at the point of registration.
3.5 Children
The Site is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently done so, please contact us at [email protected] and we will delete the data promptly.
4. Legal basis for processing
We process your personal data only where we have a lawful basis to do so under Article 6 GDPR. The basis depends on the purpose:
| Purpose | Legal Basis | GDPR Article |
| Responding to your enquiries | Contract / legitimate interests | 6(1)(b) / 6(1)(f) |
| Sending newsletters (opt-in) | Consent | 6(1)(a) |
| Event registration and attendance tracking | Contract / legitimate interests | 6(1)(b) / 6(1)(f) |
| Site operation and security | Legitimate interests | 6(1)(f) |
| Statistical analysis of Site usage | Legitimate interests | 6(1)(f) |
| Compliance with legal obligations | Legal obligation | 6(1)(c) |
| Sharing with RDA members for knowledge base | Legitimate interests | 6(1)(f) |
Where we rely on legitimate interests, we have assessed that our interests do not override your rights and freedoms. You may request a copy of our Legitimate Interests Assessment by contacting us at [email protected]. Where we rely on consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing before the withdrawal.
5. How we use your Data
- To respond to your enquiries and fulfil requests
- To register you for events and track attendance
- To send you publications, newsletters, or other communications you have requested
- To operate and improve the Site
- To conduct statistical analysis of Site usage (in aggregated, non-identifying form)
- For internal business purposes including audits
- To maintain our community membership database
6. Disclosure of your Data
6.1 RDA members
We may share certain personal data with RDA organisational and regional members for the purpose of building a shared knowledge base and supporting collaboration within the RDA community. This processing is based on our legitimate interests. You have the right to object to this processing — see Section 9.5.
6.2 Third-party service providers
We use a number of third-party services that may process your personal data on our behalf as data processors. These include analytics providers, email platforms, and event management tools. We ensure appropriate data processing agreements are in place with these providers.
6.3 Legal disclosure
We may disclose your data where required to do so by law or in response to valid requests from public authorities. We will notify you of such requests where legally permitted to do so.
6.4 Business transfers
In the event of a merger, acquisition, or restructuring of the RDA Foundation, personal data may be transferred as part of that process, subject to equivalent data protection obligations.
7. International Data Transfers
The RDA operates globally and uses third-party service providers (including Google Analytics) that may transfer data outside the European Economic Area (EEA) and the United Kingdom. Where such transfers occur, we ensure they are protected by one or more of the following safeguards:
- An adequacy decision by the European Commission or UK Secretary of State
- Standard Contractual Clauses (SCCs) approved by the European Commission
- UK International Data Transfer Agreements (IDTAs) where applicable
You may request further information about the safeguards in place for international transfers by contacting [email protected].
8. Data Retention
We retain personal data only for as long as necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law. The following indicative retention periods apply:
| Category of Data | Indicative Retention Period |
| Community membership data | Duration of membership plus 3 years |
| Event registration data | 3 years from the date of the event |
| Contact / enquiry data | 2 years from last contact |
| Newsletter subscription data | Until unsubscription plus 1 year |
| Server log / technical data | 12 months |
| Financial / legal records | 7 years (legal obligation) |
9. Your rights
Under the GDPR and applicable UK data protection law, you have the following rights in relation to your personal data. These are not absolute rights and may be subject to limitations.
9.1 Right of access (Article 15)
You have the right to request a copy of the personal data we hold about you, along with information about how we use it. We will provide this free of charge within one calendar month of receipt of your request.
9.2 Right to rectification (Article 16)
You have the right to request correction of inaccurate or incomplete personal data we hold about you.
9.3 Right to erasure (Article 17)
You have the right to request deletion of your personal data in certain circumstances, for example where the data is no longer necessary for the purposes for which it was collected, or where you withdraw consent. To exercise this right, contact [email protected].
9.4 Right to restriction of processing (Article 18)
You have the right to request that we restrict the processing of your personal data in certain circumstances, for example while the accuracy of the data is being contested.
9.5 Right to object (Article 21)
You have the right to object at any time to processing of your personal data where we rely on legitimate interests as the lawful basis. This includes processing for direct marketing purposes or sharing with RDA members. Where you object, we must stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms. To object to any processing, contact us at [email protected].
9.6 Right to data portability (Article 20)
Where processing is based on consent or contract and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format.
9.7 Right to withdraw consent
Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing before withdrawal. To unsubscribe from newsletters, use the unsubscribe link in any newsletter email, or contact us directly at [email protected]
9.8 Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO): www.ico.org.uk / 0303 123 1113. In EU member states, you may also contact your national supervisory authority. To exercise any of the rights above, please contact [email protected]. We will respond within one calendar month. We may need to verify your identity before processing your request.
10. Security
We implement commercially reasonable technical and organisational measures to protect your personal data against loss, misuse, and unauthorised access or alteration. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.
Email communications are generally transmitted unencrypted. If you need to share sensitive information with us, please indicate this so we can arrange a more secure channel.
11. Cookies and Tracking Technologies
TWe use cookies and similar technologies to operate the Site, personalise your experience, and conduct statistical analysis. The following third-party services set cookies on your device when you visit the Site:
| Service | Purpose | Personal Data Collected | Lawful Basis |
| Google Analytics | Statistical analysis of Site usage | Anonymised IP address, cookies, usage data | Legitimate interests |
| Google Tag Manager | Tag and script management | Cookies, usage data | Legitimate interests |
| Google Maps Widget | Display of maps | Cookies, usage data | Legitimate interests / consent |
| Social media widgets (X / LinkedIn / Facebook) | Social sharing functionality | Cookies, usage data | Consent |
| Contact form | User enquiries | Name, email, city, message content | Legitimate interests / contract |
| Newsletter platform | Contact management | Name, email address | Consent |
| RSS feed | Content distribution | Cookies, usage data | Legitimate interests |
You can manage your cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of the Site.
12. Updates to this Privacy Policy
We review and update this Privacy Policy periodically. Where changes are significant, we will post a prominent notice on the Site for a reasonable period and notify registered users by email where practicable. Continued use of the Site after the revised Policy takes effect constitutes acknowledgement of the changes. Where we rely on consent for any new processing, we will seek fresh consent before commencing that processing. If you object to any change, please contact us at [email protected].
13. How to contact us
For any questions, concerns, or requests relating to this Privacy Policy or our data protection practices, please contact:
| Organisation | Research Data Alliance Foundation |
| [email protected] | |
| Postal address | Rutherford Appleton Library, Harwell Oxford, Didcot, Oxfordshire, OX11 0QX, England |
Download a copy of the RDA Privacy Policy
Some of the data gathered from the platform is obtained via the use of third-party services. The data collected and how this is used is listed below:
Google Analytics
Statistics
Personal Data gathered: Anonymous IP address. Cookies and usage data.
Google Tag Manager
Tag Management
Personal Data acquired: Cookies and data on usage
Newsletters, Announcements
Contact Management and Communications
Personal Data gathered: email, name and surname
RSS
Feed Management
Personal data gathered: Cookies and data on usage
Like button and Facebook social widgets, Tweet button and Twitter and AddThis social media widgetsrn
Interaction with Social Networks
Personal Data gathered: Cookies and usage data
Widget Google Map
Visualisation of content from third-party platforms
Personal Data gathered: Cookies and usage data
The Data Controller
Information
Research Data Alliance Foundation
Rutherford Appleton Library, Harwell Oxford, Didcot, Oxfordshire, OX11 0QX – England
Company No: 09021881
Registered Charity Number: 1162762
Data Controller email: [email protected]