The Center for Open Science is committed to our users’ privacy and protection of their data. On May 25, 2018, extensive changes in EU data protection law (General Data Protection Regulation, or GDPR) go into effect. We are using this opportunity to make improvements for all users, not just those in EU. We’re taking a number of steps to ensure GDPR readiness:
Ensuring our 3rd party processors are GDPR compliant
The OSF and its suite of products relies on a number of 3rd party vendors for its operation. We’ve worked with each vendor to ensure their GDPR compliance and executed Data Processing Addendums to our agreements with them.
Reviewing policies and procedures to allow users to export their data
Data portability is important, and our users aren’t subject to lock-in. We’ve audited our protocol for exporting data to ensure users can take their data with them.
Review protocol for notifying users in the event of a data breach
We take data security very seriously and employ industry best practices to safeguard your data. That said, it’s prudent to have a plan in place for notifying users should a breach occur. We’ve reviewed protocol and commit to promptly communicating any breaches of personal or private data to affected users.
Reviewing policies and procedures to allow users to opt out, export, or delete their dataYou’re always welcome to deactivate or delete your account or export your data. If you’d like to delete your account and personal data, please email firstname.lastname@example.org.
You can get also more details on our FAQs.