We sign a data processing agreement with each Enterprise customer that covers privacy for their users. Typically that agreement is based on the customer's standard DPA, but if the customer does not have a standard DPA we provide our standard agreement as a starting point for discussion.
✔ Yes, the scope and purpose of our data processing is in line with GDPR; we only process data as necessary and ensure data location is kept within the EU for EU customers
✔ Your data is kept fully confidential
✔ We can provide an up-to-date copy of all data as requested
✔ We can deploy RSpace on your GDPR-compliant on‑premises or cloud environment
✔ We sign the Processor Agreement provided by our customers, to ensure transparency in the scope and purpose of processing
No.
The only data relating to users we process is their name and email address. This will not be passed on to any third parties.
It's entirely up to institutions to decide how long to retain data, eg. of students who have access to RSpace but have since graduated. Institutions can appoint as many System Administrators as they need, and these administrators can activate and deactivate accounts whenever they like. These features are covered in trainings.
The following policy covers users of RSpace Community. We sign a data processing agreement with each Enterprise customer that covers privacy for their users.
At Research Space, we respect your privacy and data protection rights and recognize the importance of protecting the personal data we collect and process. This Privacy Policy is designed to help you to understand what personal data we collect about you and how we use and share it.
For the purposes of the General Data Protection Regulation (or any successor or equivalent legislation in the UK) (“GDPR”), Research Space is the controller of your personal data. We can be contacted about data protection issues in writing at info@researchspace.com.
We collect and use the following information to provide, improve and protect our Services:
Account. We collect, and associate with your account, information like your name and email). Some of our services let you access your accounts and your information with other service providers.
Services. When you use our Services, we store, process and transmit your files and documents you create.
Usage. We collect information from and about the devices you use to access the Services. This includes things like IP addresses, the type of browser and device you use, the web page you visited before coming to our sites, and identifiers associated with your devices. Your devices (depending on their settings) may also transmit location information to the Services.
Cookies and other technologies. We use technologies like cookies to provide, improve, protect and promote our Services. For example, cookies help us with things like remembering your username for your next visit, understanding how you are interacting with our Services, and improving them based on that information. You can set your browser to not accept cookies, but this may limit your ability to use the Services.
We may share information as discussed below, but we won’t sell it to advertisers or other third-parties.
Others working for Research Space. Research Space uses certain trusted third parties to help us provide, improve, protect, and promote our Services. These third parties will access your information only to perform tasks on our behalf andin compliance with this Privacy Policy.
Other users. Our Services display information like your name and email address to other users in places like your user profile and sharing notifications. Certain features let you make additional information available to other users.
RSpace Enterprise Admins. If you are an RSpace Enterprise user, your administrator may have the ability to access and control your RSpace Enterprise account. Please refer to your employer’s internal policies if you have questions about this. If you are not an RSpace Enterprise user but interact with an RSpace Enterprise user (by, for example, joining a shared folder or accessing stuff shared by that user), members of that organization may be able to view the name, email address and IP address that were associated with your account at the time of that interaction.
Law & Order. We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to (a) comply with the law; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of RSpace or our users; or (d) protect Research Space’s property rights.
Security. We are committed to keeping your information secure and testing for vulnerabilities. We also continue to work on features to keep your information safe in addition to things like alerts when new devices and apps are linked to your account. You can find out more about our technical and organizational safeguards on our Security page.
Retention. We’ll retain information you store on our Services for as long as we need it to provide you the Services. If you delete your account, we’ll also delete this information. But please note: (1) there might be some latency in deleting this information from our servers and back-up storage; and (2) we may retain this information if that is necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.
If you are a resident of the EEA, we do not transfer your data outside the EEA. Third party services we work with that have access to your data, e.g. Segment, Intercom, will protect your personal data when it is transferred outside of the EEA by processing it in a territory which the European Commission has determined provides an adequate level of protection for personal data; or otherwise ensuring appropriate safeguards are in place to protect your personal data.
Depending on your location and subject to applicable laws, you may have certain data protection rights. If you are a resident of the EEA or the UK you have the following data protection rights:
If you wish to access, correct, update or request deletion of your personal data, you can do so at any time.
You can object to processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data.
You have the right to opt-out of marketing communications we send you at any time. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by clicking on the “unsubscribe” or “opt-out” link in the communications we send you. Please note, however, that it may not be possible to opt-out of certain service-related communications. You can let us know at any time if you do not wish to receive marketing messages by contacting us on the Intercom Messenger or by contacting us using the contact details below.
Similarly, if we have collected and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA and the UK are available here.
You can exercise any of these rights by submitting a request to info@researchspace.com.
If we are involved in a reorganization, merger, acquisition or sale of our assets, your information may be transferred as part of that deal. We will notify you (for example, via a message to the email address associated with your account) of any such deal and outline your choices in that event.
We may revise this Privacy Policy from time to time, and will post the most current version on our website. If a revision meaningfully reduces your rights, we will notify you.
Have questions or concerns about RSpace, our Services and privacy? Contact us at info@researchspace.com.