ContactSubmit a dataset
MENU

Privacy Policy

Introduction

IsoArcH respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what personal data we collect, how we use it, and your rights regarding that data. This policy does not cover personal data stored within files uploaded to our Repository, as IsoArcH.

Personal data

Personal data, or personal information, means any information relating to an identified or identifiable natural person (directly or indirectly). It does not include data where the identity has been removed in such a manner that the natural person is not or no longer identifiable (anonymous data). IsoArcH processes personal data in accordance with the General Data Protection Regulation (GDPR).

Data controller

The data controller is:
IsoArcH Association
11 Village du Duer, 56370 Sarzeau, France
Email: [email protected]

Data we collect

At the administrative level, IsoArcH collects and stores your name and contact details. From this information we derive university/departmental affiliations. A log is kept of email correspondence, and an additional log is made of the times you have accessed the service and uploaded data or metadata records.

At the metadata catalogue level, the names and affiliations of people involved in the creation, editing, processing, and transformation of datasets stored in the data repository are made publicly available via harvestable metadata records in order to permit the accurate citation of data and enable due credit to be taken for involvement in the creation of the data.

At the website level we do not collect any personal data unless you voluntarily provide it, such as when you submit a message through our contact form or contribute data to the platform.

How we process your personal data

Your personal data is only used and stored for the following purposes:

  • To register you as a user
  • To help with any enquiries you might have relating to IsoArcH
  • To manage access to stored research data
  • To email you information about changes to the service, service interruptions or performance issues, or other messages directly relating to your use of the service
  • To give you due credit for your involvement in the creation of research data added to the data repository

We may also use anonymised data, meaning data from which you cannot be identified, for the purposes of:

  • Service evaluation, reporting and management information
  • Education and research
  • Promotional purposes

Legal basis for the processing

We will only process your personal data if there is a legitimate basis for doing so. Depending on the purpose, personal data are processed because:

  • you give your consent
  • it is essential for implementing an agreement that has been made with you
  • it is essential in order to fulfil a legal obligation
  • it is essential in order to protect your vital interests
  • a public interest task is concerned
  • IsoArcH has a legitimate interest in doing so

Cookies

Our website does not use any advertising or third-party tracking cookies.
We may use strictly necessary cookies to enable basic functions such as form submission or session security. These cookies do not store personally identifiable information and do not require user consent under GDPR.

Analytics

We use Umami Analytics, a privacy-focused web analytics service, to understand how our website is used.
The SaaS instance of Umami does not use cookies, does not collect personal data, and does not track users across sites. It provides us with anonymous, aggregated information such as the number of page views, device type, or referring websites.

You can learn more about Umami’s approach to privacy at: https://umami.is

Anti-spam protection

To protect our forms from spam and abuse, we use Cloudflare Turnstile, a privacy-preserving CAPTCHA alternative.
Cloudflare may temporarily process technical data (such as IP address and browser information) to determine whether a visitor is a human, without using cookies or tracking users for advertising purposes. For more details, you can consult Cloudflare’s privacy policy: https://www.cloudflare.com/privacypolicy

Use of third-party services

We do not sell, rent, or share your personal data with third parties for commercial purposes. We only use third-party services (such as Umami and Cloudflare) that are aligned with privacy and data minimization principles.

Information security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have established procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your rights

Under the GDPR, you have the right to:

  • Access your personal data
  • Request rectification or erasure
  • Object to processing or request restriction
  • Lodge a complaint with a data protection authority

You can exercise your rights by contacting us at: [email protected]

Data retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Updates

This Privacy Policy may be updated to reflect changes in our practices or legal requirements. The latest version will always be available on our website. Changes made to this privacy policy will never be in violation of the GDPR and the privacy rules arising from it.