Privacy Policy

a. Information You Provide To Us

Personal Information and Demographic Information. On the Sites/Apps, we may ask you to provide us with certain categories of information that directly or indirectly identifies you personally, such as your first and last name and e-mail address or your IP address (“Personal Information”). We may collect the following Personal Information:

(1) contact information, such as your name and email address or other contact details you may share with us when communicating, such as via our contact form or otherwise,

(2) demographic information, such as information about your area of scientific interest, education level, and occupation (“Demographic Information”),

(3) Usage Information (as defined below), which may include information you choose to submit when you visit or interact with the Sites/Apps,

(4) account information; when you create an account, you provide us with your email address and a password,

(5) financial information, which we may collect when subscribe to one of our paid plans,

(6) information you submit, such as when you upload protocols, add comments (including public comments) or otherwise post on the Sites/Apps or information you exchange with us when you contact us via email, phone or otherwise.

We may collect Personal Information through various forms and in various places on the Sites/Apps, including account registration forms, contact us forms, or when you otherwise interact with the Sites/Apps.

b. Information We Collect or Store As You Access And Use The Sites/Apps

In addition to any Personal Information that you choose to submit to us via our Sites/Apps, we and our third-party service providers may use a variety of technologies that automatically (or passively) store or collect certain information whenever you visit or interact with the Sites/Apps (all together “Usage Information”). This Usage Information may be stored or accessed using a variety of technologies that may be downloaded to your personal computer, laptop, tablet or mobile phone (a “Device”) whenever you visit or interact with our Sites/Apps.

This Usage Information may include:

• your IP address or other unique identifier (“Device Identifier”). A Device Identifier is a number that is automatically assigned to your Device used to access the Sites/Apps, and our computers identify your Device by its Device Identifier;
• your Device characteristics (e.g. Device type);
• your Device functionality (including browser, operating system, hardware, mobile network information);
• the URL that referred you to our Sites/Apps;
• the areas within our Sites/Apps that you visit and your activities there, including remembering you and your preferences;
• your Device location; and
• certain other Device data, including the time of day, among other information.

c. Cookies and Comparable Technologies Used for Data Collection

We may use various developed methods and technologies to store or collect Usage Information (“Tracking Technologies”). Tracking Technologies may set, change, alter or modify settings or configurations on your Device. A few of the Tracking Technologies include, without limitation, the following (and subsequent technology and methods later developed):

Cookies. A cookie is a data file placed on a Device when it is used to visit the Sites/Apps. A Flash cookie (or locally shared object) is a data file placed on a Device via the Adobe Flash plug-in that may be built-in to or downloaded by you to your Device. HTML5 cookies can be programmed through HTML5 local storage. Unlike Flash cookies, HTML5 cookies do not require a plug-in. Regular cookies may generally be disabled or removed by tools that are available as part of most commercial browsers, and in some but not all instances can be blocked in the future by selecting certain settings. Each browser you use will need to be set separately and different browsers offer different functionality and options in this regard. Also, these tools may not be effective with regard to Flash cookies or HTML5 cookies. For information on disabling Flash cookies go to Adobe’s website www.adobe.com. Please be aware that if you disable or remove cookies, Flash cookies, or HTML5 cookies on your Device, some parts of our Sites/Apps may not function properly, and that when you revisit our Sites/Apps your ability to limit cookies is subject to your browser settings and limitations.

Web Beacons. Small graphic images or other web programming code called web beacons (also known as “1x1 GIFs” or “clear GIFs”) may be included in our Sites/Apps’ pages and messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Sites/Apps, to monitor how users navigate the Sites/Apps, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.

Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Sites/Apps, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third party service provider, is active only while you are connected to the Sites/Apps, and is deactivated or deleted thereafter.

ETag, or entity tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are a form of Device Identifier. ETag tracking may generate unique tracking values even where the consumer blocks HTTP, Flash, and HTML5 cookies.

We may use Tracking Technologies for a variety of purposes, including:

Strictly Necessary. We may use cookies or other Tracking Technologies that we consider are strictly necessary to allow you to use and access our Sites/Apps and their core functions, including cookies required to prevent fraudulent activity, improve security or allow you to make use of shopping cart functionality.

Performance Related. We may use cookies or other Tracking Technologies that are useful in order to assess the performance of the Sites/Apps, including as part of our analytic practices or otherwise to improve the content, products or services offered through the Sites/Apps.

Functionality Related. We may use cookies or other Tracking Technologies that are required to offer you enhanced functionality when accessing the Sites/Apps, including identifying you when you log in to our Sites/Apps or keeping track of our specified preferences, including in terms of the presentation of content on our Sites/Apps.

Advertising Related. We may use Tracking Technologies to deliver content, including ads, relevant to your interests on our Sites/Apps and third party sites based on how you interact with our advertisements or content. This includes using Tracking Technologies to understand the usefulness to you of the advertisements that have been delivered to you. Further information on this is found in Section 5 below.

Users Located in the European Economic Area, UK or Switzerland. f you are located in the EEA, UK or Switzerland, we will ask for your consent to the usage of any Tracking Technologies exceeding the Strictly Necessary category. This means that Tracking Technologies, including cookies, falling in any of those categories will only be used in case you provide your consent and otherwise be disabled.

There may be other Tracking Technologies now and later devised and used by us in connection with the Sites/Apps. Further, third parties may use Tracking Technologies with our Sites/Apps. We may not control those Tracking Technologies and in such event, we are not responsible for them. However, with your consent to potentially encountering third party Tracking Technologies in connection with the use of our Sites/Apps, you acknowledge that our statements under this Privacy Policy do not apply to the Tracking Technologies or practices of such third parties. For more information on advertising and advertisers, and related Tracking Technologies, click here.

d. Information Third Parties Provide About You

We may, from time to time, receive information about you from third parties, including other individuals, such as when you sign in to our Sites/Apps using a third-party service, when you use third-party services to store or export files generated using our Sites/Apps, or when an individual mentions you in a citation when using our Sites/Apps. To the extent we receive information from those sources, it will be treated as Personal Information and we will apply this Privacy Policy, unless we have disclosed otherwise. Please note that third-party services (such as those you may use to sign in or to export files to), are not provided by us and are subject to those third parties’ privacy policies and practices which we have no control over and assume no responsibility for.

In exceptional cases, we may receive information about you from courts, authorities or others during legal proceedings or authority proceedings and investigations.

For information on your Personal Information received via the Send-a-Friend Functionality, please see below.

e. Information You Provide About a Third Party (Usage of Send-a-Friend Functionality)

You may send someone else a communication from the Sites/Apps, such as sending an invitation to a friend. If so, the information you provide (names, e-mail addresses, mobile number, etc.) is used to facilitate the communication with this third party and is not used by us for any other marketing purpose unless we obtain consent from that person.

Please be aware that when you use any send-to-a-friend functionality on our Sites/Apps, your e-mail address, mobile number, name and message may be included in the communication sent to your addressee(s).

a. Legal Bases for processing Personal Information

We rely on the following legal grounds to process your Personal Information:

• Performance of a contract – We need to collect and use your Personal Information to enter into or perform our agreement with you to deliver the services via out Sites/Apps as described in this Privacy Policy.
• Legal obligation – We may collect, use and retain some of your Personal Information if we face a legal obligation to do so.
• Consent – We may use or disclose some of your Personal Information or use cookies as described in this Privacy Policy subject to your consent.
• Legitimate interests – We may use your personal information for our legitimate interests where those legitimate interests are not overridden by your rights and interests.

a. When You Agree To Receive Information From Third Parties

You may be presented with an option on our Sites/Apps to receive certain information and/or marketing offers directly from third parties. If you consent to it, your Personal Information will be disclosed to such third parties and all information you disclose will be subject to the third party privacy policies and practices of such third parties. We are not responsible for such third party privacy policies and practices of such third parties and, therefore, you should review such third party privacy policies and practices of such third parties prior to agreeing to receive such information from them. If you later decide that you no longer want to receive communications from one of these third parties, you will need to contact that third party directly.

With your consent, third party analytics service providers may set and access their own Tracking Technologies on your Device and they may otherwise collect or have access to information about you, potentially including Personal Information, about you. We are not responsible for those third party technologies or activities arising out of them.

b. Other Parties Providing Services on Our Behalf

We may use third party vendors to perform certain services on behalf of us or the Sites/Apps, such as hosting the Sites/Apps, designing and/or operating the Sites/Apps’ features, tracking the Sites/Apps’ activities and analytics, and enabling us to send you special offers or perform other administrative services, including IT and IT security services. We may provide these vendors with access to Personal Information, including Device Identifiers, to carry out the services they are performing for you or for us.

Additional information for users located in the European Economic Area: A disclosure of Personal Information to other parties performing services on our behalf is based on Art. 28 GDPR in connection with the respective data processing agreement concluded with the recipient. Through these agreements, we have contractually bound these recipients to process your Personal Information only on our behalf and in accordance with our instructions.

c. Administrative and Legal Reasons

We may access, use, preserve, transfer and disclose your Personal Information, including disclosure to third parties: (i) to satisfy any applicable law, regulation, subpoenas, governmental requests or legal process if such is required by law or permitted by law and based on our prevailing legitimate interests; (ii) to protect and/or defend the Sites/Apps, the Terms of Service or other policies applicable to the Sites/Apps, including investigation of potential violations of the aforementioned terms and policies; (iii) to protect the safety, rights, property or security of our company, our systems, assets, the Sites/Apps or any third party, other user; (iv) to detect, prevent or otherwise address fraud, security or technical issues. Further, we may use IP address or other Device Identifiers, to identify users, and may do so in cooperation with third parties such as copyright owners, internet service providers, wireless service providers and/or law enforcement agencies, including disclosing such information to third parties, all in our discretion, subject to applicable law. Such disclosures may be carried out without notice to you.

d. Business Transfer

We may share your information, including your Device Identifiers and Personal Information, Demographic Information and Usage Information with our parent, subsidiaries and affiliates. We also reserve the right to disclose and transfer all such information: (i) to a subsequent owner, co-owner or operator of the Sites/Apps or applicable database; or (ii) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including, during the course of any due diligence process.

a. Do Third Party Content And Links To Third Party Sites Appear on The Sites/Apps?

The Sites/Apps may contain content that is supplied by a third party, and those third parties may collect Usage Information and your Device Identifier when pages from the Sites/Apps are served to you. In addition, when you are on the Sites/Apps you may be directed to other sites that are operated and controlled by third parties that we do not control. We are not responsible for the data collection and privacy practices employed by any of these third parties or their sites. For example, if you “click” on a link, the “click” may take you off the Sites/Apps onto a different site. These other sites may associate their Tracking Technologies with you, independently collect data about you, including Personal Information, and may or may not have their own published privacy policies. We encourage you to note when you leave our Sites/Apps and to review the third-party privacy policies of all third party locations and exercise caution in connection with them.

b. Are There Third Party Ads Served On The Sites/Apps?

The Sites/Apps may use third parties such as network advertisers to serve advertisements on the Sites/Apps and may use third party analytics service providers to evaluate and provide us and/or third parties with information about the use of the Sites/Apps and viewing of ads and of our content. Network advertisers are third parties that display advertisements, which may be based on your visits to the Sites/Apps and other apps and sites you have visited. Third party ad serving enables us to target advertisements to you for products and services in which you might be interested.

The Sites/Apps’ third-party ad network providers, the advertisers, the sponsors and/or traffic measurement services may themselves set and access their own cookies (including Flash cookies), web beacons and other Tracking Technologies on your Device and track certain behavioral Usage Information regarding users of your Device via a Device Identifier. These third-party Tracking Technologies may be set to, among other things: (a) help deliver advertisements to you that you might be interested in; (b) prevent you from seeing the same advertisements too many times; and (c) understand the usefulness to you of the advertisements that have been delivered to you. You acknowledge that associated technology may access and use your Device and may set or change settings on your Device in connection with the associated operations. Note that any images (or any other parts of content) served by third parties in association with third party ads or other content may serve as web beacons, which enable third parties to carry out the previously described activities.

Depending on the applicable law the usage of some or all of this technology may be subject to your prior consent, for more information see Section 1.c.

Unless stated otherwise by us, third-party Tracking Technologies are not controlled by us, even if they use our technology to help store or collect data. This Privacy Policy does not apply to the methods for collecting information used by these third-party advertisers and others or the use of the information that such third parties collect. We do however work with third parties to make efforts to have you provided with the information on their practices and any available opportunity to exercise choice. The relevant third party’s Terms of Service, privacy policy, permissions, notices and choices should be reviewed regarding their collection, storage and sharing practices. We make no representations regarding the policies or practices of third party advertisers or advertising networks.

While we may use a variety of companies to serve advertisements on the Sites/Apps, you may wish to visit http://www.networkadvertising.org/optout_nonppii.asp, which provides information regarding this practice by Network Advertising Initiative (“NAI”) members, and your choices regarding having this information used by these companies, including the “opt-out” procedures of NAI members. Opting out of one or more NAI members only means that those NAI members no longer will be able to deliver targeted content and/or ads to you, which will affect this and other sites, but does not mean you will no longer receive any targeted content and/or ads. Also, if your browsers are configured to reject cookies when you visit this opt-out page, or you subsequently erase your cookies, use a different Device or change web browsers, your NAI opt-out may not, or may no longer, be effective. Additional information is available on the NAI’s web site accessible by the above link. You may also opt-out of receiving third party behavioral ads on this site by visiting the Digital Advertising Alliance (“DAA”) website at http://www.aboutads.info/choices/#completed. Similar limitations may apply to the DAA opt-out.

Contacting us

If you have any questions about our Privacy Policy or practices described in it, you should contact us by e-mail: info@protocols.io.

You may also contact our data protection officer under privacy@protocols.io.

If you located in the UK or EEA, you can contact our local representatives in the UK or EEA via dataprotection@springernature.com.

a. Transfer and Processing of Data

For users within the United States, we process data in data centers located in the United States. We have adopted reasonable physical, technical, and organizational safeguards against accidental, unauthorized, or unlawful destruction, loss, alteration, disclosure, access, use, or processing of user data in our possession. We comply with state and federal laws governing the protection of personal information.

For users located in the European Economic Area: Within the scope of our information sharing activities, your personal data may be transferred to other countries(including countries outside the European Economic Area (EEA)) which may have different data protection standards than your country of residence. For users within the EEA and Switzerland, we also use data centers located in the United States for processing. Such processing is performed in accordance with Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and free movement of such data, known as the General Data Protection Regulation (“the GDPR. This includes the imposition of required safeguards with respect to accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of data. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take the required measures to keep up an adequate level of data protection when sharing your personal data with recipients established in such countries. In the case of a transfer to a country outside of the EEA, this transfer is either safeguarded by a so-called adequacy decision from the European Commission declaring that such country provides for an adequate level of data protection, or, if such adequacy decision does not exist, the conclusion of EU Standard contractual clauses (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en) and additional measures, if necessary.

For users in the UK: We transfer data from the UK to data centers located in the United States for processing. We may also share your Personal Information with recipients outside the UK. Such processing is performed in accordance with the UK Data Protection Act 2018 (“DPA 2018”), the UK GDPR. In the case of a transfer to a country outside of the UK, this transfer is either safeguarded by an adequacy regulation declaring that such country provides for an adequate level of data protection, or, if such adequacy regulation does not exist, the conclusion of an International Data Transfer Agreement (IDTA) or an International Data Transfer Addendum (Addendum) to EU Standard contractual clauses, as the case may be.

b. Retention and Deletion

We will only retain your personal information for as long as necessary to fulfill the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.

In some circumstances, we may anonymize your Personal Information so that it can no longer be associated with you, in which case it is no longer Personal Information and may be retained for longer periods of time.

As a general practice, if you close your account with us, we will delete Personal Information associated with your account after three (3) months, unless longer retention is required (e.g. for complying with legal retention obligations).

Under the legislation applicable to you, you may be entitled to exercise some or all of the following rights.

If you are located in the EEA, UK, or Switzerland, have the right to:

• request access to and/or copies of all Personal Information, including to find out the categories of information we hold about you, the purposes of processing, the recipients and potential data retention periods.
• request that we correct any Personal Information that pertains to you.
• request that we restrict processing of your Personal Information.
• request that we delete any Personal Information that pertains to you.
• request that we provide you with (a copy of) your Personal Information in a structured, commonly used and machine-readable format to transmit this information to another provider.
• object, on grounds relating to your particular situation, to the processing of your information, where we process your personal data based on our legitimate interests. In case we process your information for direct marketing purposes, you may object to this at any time.
• not be subjected to any automated decision-making, including profiling, that has a legal effect on you or similarly significantly affects you. We do not use your personal data for any such automated decision-making.
• fully or partially withdraw your consent to the collection, processing, and/or transfer of your Personal Information, where consent is the legal basis, at any time and without giving reasons as indicated upon consent collection or by contacting us as indicated below.

You can exercise your rights by contacting info@protocols.io.

You also have a right to lodge a complaint with a national data protection authority. Each European Union member nation has established its own Data Protection Authority; you can find out about the Data Protection Authority in your country here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.