Main content

Home

Menu

View
Wiki Version:
GBIF has legitimate interests in collecting and maintaining the information needed to provide biodiversity-related evidence that supports scientific research and policy. Beyond that, we collect the minimum amount of personal information needed to fulfill the purpose of your interactions with us. We don’t sell this information to third parties, and we process it only as described in this Privacy Notice. As an EU-based body, we comply with the General Data Protection Regulation (GDPR). But regardless of where you come from, where you are or where you live, we apply the same standard of privacy protection to all our users. Working from offices in Denmark, the GBIF Secretariat had both an interest and a responsibility to understand the implications of the European Union's new General Data Protection Regulation (GDPR) on its operations. As might be expected, the most pressing issues revolve around compliance with new requirements on processing personally identifiable data. GBIF's host country agreement with Denmark and the globally distributed nature of its network creates some unusual if unexceptional circumstances. But while seeking legal advice, we held firm on two principles: 1) that GBIF is an international organization, as defined by the GDPR and 2) that our commitment to openness and transparency requires acting as if any processing of personal data by GBIF is subject to the terms of the regulation. A thorough assessment of GBIF's legal basis for processing personal data highlighted additional recommendations on how communicate and maintain best practices across the network. Much of the attention and comment about the GDPR focused on consent-based permissions, but it's important to recognize that the GDPR includes significant exceptions for research. Moreover, the regulation does not establish individual consent as the one and only basis for legal compliance. In fact, in many cases, the names of individual observers, collectors, curators and even GBIF network staff are critical for maintaining data provenance, scientific credibility or operational integrity. For this reason, GBIF claims necessary and "legitimate interests" in collecting and maintaining such information to provide biodiversity-related evidence that supports scientific research and policy—even where such information may be personally identifiable. In practice, the GDPR requires that these interests be balanced against the rights of indivdiuals, though the alignment of GBIF's interests with those of the wider scientific, research and policy communities and, ultimately, the public, likely weighs in GBIF's favour. What's the case with GBIF may differ elsewhere in the chain of provenance, though, so GBIF has accepted a recommendation that we seek to inform individuals of its privacy policy via our network. A planned twice-yearly email communication to all data publishers will share details on how GBIF itself handles and processes of personal data and advise them on best practices, hoping to help ensure the network's compliance with personal data processing requirements.
OSF does not support the use of Internet Explorer. For optimal performance, please switch to another browser.
Accept
This website relies on cookies to help provide a better user experience. By clicking Accept or continuing to use the site, you agree. For more information, see our Privacy Policy and information on cookie use.
Accept
×

Start managing your projects on the OSF today.

Free and easy to use, the Open Science Framework supports the entire research lifecycle: planning, execution, reporting, archiving, and discovery.

Copyright © 2011-2024 Center for Open Science | Terms of Use | Privacy Policy | Status | API
TOP Guidelines | Reproducibility Project: Psychology | Reproducibility Project: Cancer Biology