This statement sets out how the Francis Crick Institute (the "Crick", "we" or "us") will use and protect your personal information.
We may gather data about you from your use of our website, if you apply for a position with us, when you visit or attend an event at the Crick, or if you contact or correspond with us.
This Privacy Notice applies to personal information which the Crick processes relating to people who have:
It does not cover any personal information which we may process in the context of our research activities. Please contact our Data Protection Lead Dan Fitz at data-protection@crick.ac.uk if you have any questions about our research activities.
Website visitors
We collect personal information about visitors to our website, www.crick.ac.uk, if they fill out a form on our website, participate in a survey or register for an event.
Our website places cookies (text files) on your computer which can identify your browser and automatically collect information about how you use our website.
We use the information provided by cookies to determine the number of people visiting our site. It also helps us to better understand how people find and use our website. With this information we can continually improve our website and service.
Please remember that if you use a link to go from our website to another website or if you request a service from a third party this Privacy Notice will no longer apply once you have left this website. Your browsing and interaction on any other website is subject to that website’s own rules and policies.
Our cookies store the following data:
You will generally have to provide consent for cookies to be placed on your computer and for the use and storage of personal information relating to you provided by the cookies. You can withdraw your consent at any time by updating your cookie settings. In circumstances where consent is not needed for cookies to be placed on your computer (for example, where a cookie is needed for the operation of our website or for the provision of a service to you), the use and storage of any personal information provided by the cookies will be based on legitimate interests. The legitimate interests we are pursuing are the operation of our website and promotion of our research and activities.
Email subscribers
When you subscribe to emails from us, we will ask for your:
We will collect this information when you subscribe to our mailing lists. By subscribing to our mailing lists you will be automatically subscribed to receive email updates. Our use and storage of your personal information for email marketing is based on your consent. This means that you will only receive emails and information that you have asked to receive. You can withdraw your consent or change your email marketing preferences at any time, by following the 'unsubscribe' link on any of our emails or contacting us at info@crick.ac.uk.
If you unsubscribe from our emails or withdraw your consent for us to contact you, we will store your information for a period of two years to ensure that you no longer receive emails from us.
Recruitment
When you apply for a position at the Crick we will collect recruitment information such as your CV, notes of interviews, decisions to offer employment, background information, security screening (and re-screening where necessary) and third party references, and the results of your criminal records check if applicable.
When you register to attend one of our events (including via our third party provider, EventBrite), we will ask for your:
We will collect this information when you enrol to attend an event. Our use and storage of personal information is based on consent. We use personal information solely for the purposes of administering the event. We may need to share personal information with third party organisations where it is necessary to administer the event (for example, with an external venue).
We often take photographs at our events and those photos may be used on our website, social media, in our newsletters or other internal or external communications. Our use of photos in which you are clearly identifiable is based on your consent. If you are featured in a photo you will be asked to sign a consent form at the event. We will let attendees know if a photographer is present and you may appear in a general or crowd shot without us obtaining explicit consent. If you attend an event with a photographer and you don’t wish to be photographed, please speak to a member of Crick staff and we'll give you a sticker to wear - this lets the photographer know.
We may record your image on CCTV if you visit our institute. We use CCTV to protect our employees and our property.
We use third party providers, for example to help to manage our email marketing. Some of these providers are based outside the UK or Europe (e.g. in the US) and so your personal information may be transferred to countries where the data protection and privacy laws do not offer the same level of protection as the UK. Where we use a provider based outside the UK, we will take steps to ensure appropriate safeguards are in place to protect your personal information . Please contact us if you would like more information about these safeguards.
NHS testing
We have partnered with various NHS Trusts and Health Services Laboratory (HSL) to provide COVID-19 testing services for patients and NHS staff.
We carry out this testing under the lawful basis of public task.
Crick coworker testing
We aim to ensure that we maintain a safe and healthy working environment for co-workers working at 1 Midland Road (“the Building”) Because of the current pandemic, we now require all persons, including staff, who access the Building to undergo regular testing for COVID-19. We will carry out testing in conjunction with Health Services Laboratory (HSL).
If you undergo testing, we will collect the following personal data about you:
We carry out this testing under the lawful basis of legitimate interest.
We will share your data and test results with HSL, who are working with us to allow us to carry out Covid-19 testing. HSL will share any positive test results with Public Health England. If you test positive our HR team will ask you for the locations within the building and the names of the individuals you have been in contact with for more than 15 minutes and within less than 2m. Those individuals will be notified that they’ve been in close contact.
If you are undergoing testing at the Crick and have any questions about your data, please email data-protection@crick.ac.uk.
Wellcome Trust testing
The Crick is assisting Wellcome in setting up a self-swab testing programme for individuals returning to work in Wellcome’s buildings. We will carry out testing in conjunction with Health Services Laboratory (HSL).
If you undergo testing, to carry out our obligations under our contract with Wellcome and the information and services they request, we will collect the following personal data about you:
The Crick will only use this data for the purposes of performing a Covid-19 diagnostic test. The Crick will share this data and results with Wellcome and HSL. HSL will share all test results with Public Health England.
If we process your personal data, you have a number of rights. You may request a copy of the personal data we hold about you and you may object to our processing of it including where we use it for direct marketing. You can also ask us to rectify it, restrict the way in which we process it or erase it from our records. You have the right to access your personal data and details of how we process it.
Where we use or store personal information relating to you, you have the following rights:
Where we use your information for a specific purpose on the basis of consent you have the right to withdraw consent for that purpose at any time.
If you believe your data protections rights have been breached, you may have the right to claim compensation if you have suffered damage as a result.
Please be aware that these rights are not always absolute and there may be some situations in which you cannot exercise them or they are not relevant. To help you understand how they work, we have provided link to the Information Commissioner's Office's guidance on each of the rights.
Our policy is only to retain information for as long as it is required for the purpose or purposes for which we use it. We will determine how long to retain different data based on the following requirements:
We do not make use of automated decision making or profiling.
We ensure there are appropriate technical and organisational controls in place to protect your personal details. Our network is protected and routinely monitored.
You can contact us at any time using the details below if you have any queries or concerns about how the Crick handles personal information.
If we are unable to resolve your concerns about our handling of personal information, you have the right to complain to the Information Commissioner's Office.
Please read this notice carefully and contact us if you have any queries by emailing us at: data-protection@crick.ac.uk.
Or by writing to: General Counsel, The Francis Crick Institute, 1 Midland Road, London NW1 1AT
This privacy notice may change from time to time so we recommend that you review it periodically.
We will place any updates on this webpage.
