Privacy policy

When you apply for a job we collect information such as CVs, contact details and diversity information. When you progress to the interview stage we collect interview notes and decisions to offer employment. When you accept the offer of employment we collect background information, security screening (and re-screening where necessary), third-party references, and the results of your criminal records check if applicable.

We collect this information directly from you and from the third-party referees or other third parties (eg security screening). We process this information for recruitment purposes. We may share some information with third-party referees or services.

To process this information, we rely on legitimate interest, consent, legal obligation or performance of contract depending on the types of data collected and the stages during the recruitment and/or onboarding processes.

When you apply for a PhD programme or an early-career group leader position we collect recruitment information such as CVs, contact details, diversity information, research proposals and third-party references. When you progress to the interview stage we collect interview notes and decisions regarding offers of employment or acceptances to PhD programmes. When you accept the offer of employment/programme we collect background information, security screening (and re-screening where necessary) and third-party references.

We collect this information directly from you and from the third-party referees or other third-parties (e.g. security screening). We process this information for recruitment purposes. We may share some information with third-party services. For successful PhD applicants, we will share your application data with a partner university for the purposes of university admission.  For successful Group Leader applicants, we may share your application data with a partner university. For Group Leader applicants, we may share your application with non-Crick external specialist search committee members.

To process this information, we rely on legitimate interest, consent, legal obligation or performance of contract depending on the types of data collected and the stages during the recruitment and/or onboarding processes.

If you are employed by the Crick or you are a contractor, service partner, temporary staff, visiting scientist or secondee, please refer to the Crick Employee Privacy Statement available on our intranet.

If you were a student or postdoc, or employed at the Crick as technical staff, we will keep your information to compile ‘Next Destination’ data, which will be used to generate anonymised reports for various purposes including Athena Swan applications, summaries for the Crick's founders, etc. We might also contact you to invite you to participate in future activities of the Crick. We collect this information by you or by public websites or platforms (eg LinkedIn). We rely on legitimate interest to process this data. If you would like to opt-out from this processing activity, contact connect@crick.ac.uk.

When you apply for a work experience placement at the Crick, we collect information such as name, email address, address, date of birth, diversity information, education information and teachers' references. If you are accepted for a work experience placement, we will collect some medical information and security screening information.

We collect this information directly from you, your teachers’ references or other third-parties (eg security screening). We may share some information with your teachers for obtaining references, with third-party services for the purposes of recruitment (eg occupational health provider), or with work experience partners for the purposes of administering the work experience programme.

To process this information, we rely on legitimate interest, consent or legal obligation, depending on the types of data.

If you are selected to participate in a work experience placement, we might also take photographs and/or videos of you in order to showcase your experiences and encourage other students to take part in the scheme.

Your image may be used on our website, social media, in our newsletters or other internal or external communications.

We will only take your picture/video if you have signed a consent form.

When you subscribe to receive emails from us we collect your name, email address and content preferences so we can tailor messages better to your interests.

We collect this information directly from you to subscribe you to our mailing lists. We do not share your personal data with third parties, but we use third parties to facilitate the distribution of emails. We may also use your email address to set up custom audience tools on social media. 

You can withdraw your consent or change your email marketing preferences at any time, by following the 'unsubscribe' link on any of our emails or contacting us at info@crick.ac.uk or the email provided to you during the sign-up process. If you unsubscribe from our emails or withdraw your consent for us to contact you, we will store your information for a period of two years to ensure that you no longer receive emails from us.

When you register to attend one of our events, a seminar or a webinar (including via our third-party providers eg EventBrite), we will ask for your name, email address and other relevant information as determined on an event-by-event basis, for example job title or work-related email address. We might also ask for your dietary requirements or access needs.

We will collect this information when you register for an event. We use personal information for the purposes of administering the event. We may use third party event providers or platforms. We may also need to share personal information with third party organisations where it is necessary to administer the event, eg with an external venue, or share your dietary requirements with a catering provider.

Our use and storage of personal information is based on legitimate interest or performance of contract. We also rely on consent to subscribe you to our newsletter and to process your dietary requirements data.

We often take photographs at our events and those photos may be used on our website, social media, in our newsletters or other internal or external communications. Our use of photos in which you are clearly identifiable is based on your consent. If you are featured in a photo you will be asked to sign a consent form at the event. We will let attendees know if a photographer is present and you may appear in a general or crowd shot without us obtaining your consent. If you attend an event with a photographer and you don’t wish to be photographed, please speak to a member of Crick staff and we'll give you a sticker to wear - this lets the photographer know.

If you are a speaker at one of our events we will promote your participation via platforms such as Twitter, LinkedIn and by marketing emails. External platforms may continue to store and use personal information after the event has ended. To process this data, we rely on legitimate interest to promote the participation to our events.

When you have been invited to participate in a survey, and depending on the type of survey, we may collect different types of personal information such as name, email address, gender, age, ethnicity, preferences, highest qualification etc. For some surveys we may not hold any identifiable data.

We collect the data directly from you. We may use third-party platforms to do this. We may use an external party to evaluate the surveys.

We rely on legitimate interest to ensure that our events, exhibitions or other content are appealing to the audience, understand future requirements, receive feedback and for reporting purposes.

We collect personal information about visitors to our website, www.crick.ac.uk, if they fill out a form on our website, participate in a survey or register for an event.

Please check our cookies notice for more information.

If you are a visitor to the Crick, you will be required to provide some information to your host such as name, company name, arrival time, departure time. We use a third-party system to manage visitors’ registrations and room bookings. We are also using a third-party security services provider that will have access to manage visitors’ access to the building and security. We rely on legitimate interests (health and safety and security reasons) to process this information.

When you enter the Crick premises and tap your card in the gates, we store your access data.  Our security system is operated by a third party. To process this information, we rely on legitimate interests (health and safety and security reasons) to protect our employees, our property and you.

We will record your image on CCTV if you visit the Crick, eg for an event or for business. CCTV footage is kept for 30 days. Our security system is operated by a third party. We rely on legitimate interests (health and safety and security reasons) to process this information. We use CCTV to protect our employees, our property and you.

We collect supplier, funder, partner and in general third-party data for business purposes. Data may include name, professional contact details etc. We collected this data directly from you, or an employee of your company. To process this data, we rely on legitimate interest, contract or legal obligation.

We collect your information if you have donated to the Crick. Donations are received by Cancer Research UK before being used to support the Crick’s purposes. Cancer Research UK and the Crick share information about donors and prospective donors with each other on the basis of legitimate interest. Cancer Research UK also undertakes due diligence checks on donors and prospective donors and shares the results with the Crick. We rely on legitimate interest or legal obligation to share and process this data. For more information see Cancer Research UK’s Privacy Policy.

We may process your data if you participate in research.

We may collect the data directly from you, but we usually collect the data from another research organisation. In this case, the relevant research team/ organisation has provided you with the details of the types of personal data used for the study/ project, as well as the purposes of processing. If you have any questions about the particular research study you are participating in, please use any contact details that have already been provided.

Depending on the study, it may be possible that we share minimally identifiable personal data with other research teams we collaborate with, in the UK or abroad, to carry out further related research (where this is in the public interest or necessary for the purposes of another organisation’s legitimate research interests). The data will be pseudonymised so you won’t be identified. We use terms in our collaboration agreements that protect the privacy and confidentiality of your data.  

We rely on legitimate interest to process this data. Where researchers are processing special category data, the added condition of scientific research with necessary safeguards is used. Where we need to rely on a different lawful basis, such as consent, we will inform you of this in the Participant Information provided to you.

We do not collect your information when you communicate with us through our social media. We do not collect or store this data. The social media platform is the data controller for this data.