The Center for Open Science is committed to our users’ privacy and protection of their data. On May 25, 2018, extensive changes in EU data protection law (General Data Protection Regulation, or GDPR) go into effect. We are using this opportunity to make improvements for all users, not just those in EU. We’re taking a number of steps to ensure GDPR readiness:
Reviewing and updating our Privacy Policy and Terms of Use
We’ve reviewed and updated our Privacy Policy and Terms of Use to be simpler, clearer, and more explicit about what data we collect and how it’s used. Soon, you will be asked to give explicit consent to these terms.
Ensuring our 3rd party processors are GDPR compliant
The OSF and its suite of products relies on a number of 3rd party vendors for its operation. We’ve worked with each vendor to ensure their GDPR compliance and executed Data Processing Addendums to our agreements with them.
Reviewing policies and procedures to allow users to export their data
Data portability is important, and our users aren’t subject to lock-in. We’ve audited our protocol for exporting data to ensure users can take their data with them.
Review protocol for notifying users in the event of a data breach
We take data security very seriously and employ industry best practices to safeguard your data. That said, it’s prudent to have a plan in place for notifying users should a breach occur. We’ve reviewed protocol and commit to promptly communicating any breaches of personal or private data to affected users.
Reviewing policies and procedures to allow users to opt out, export, or delete their data
You’re always welcome to deactivate or delete your account or export your data. If you’d like to delete your account and personal data, please email support@osf.io.
You can get also more details on our FAQs.
