Privacy Policy and Use of Cookies

1. Purpose of this notice

This notice tells you how the University of Leeds in its role as Data Controller will collect and process your personal data when you access this website. This statement is made in light of the requirements of the 2018 Data Protection Act in order to alert participants to the University of Leeds data processing practices which will govern the processing of your data.

2. Automated collection of personal information

As with most other web servers, when you access these web pages certain information you provide will automatically be recorded by the University of Leeds. This may include your IP address, browser type, and information relating to the page you last visited. This information is processed to estimate how much usage of the server is made by different categories of users and in the event of a breach of security may be used to aid detection.

3. Collection of personal information using the QTool System

We are collecting your personal information using the QTool System. This includes: username; email address (if provided or used as username); password and questionnaire responses. As a university we use personally-identifiable information to conduct research to improve health, care and services. As a publicly-funded organisation, we have to ensure that it is in the public interest when we use personally-identifiable information from people who have agreed to take part in research. This means that when you agree to take part in a research study, we will use your data in the ways needed to conduct and analyse the research study. Your rights to access, change or move your information are limited, as we need to manage your information in specific ways in order for the research to be reliable and accurate. If you withdraw from the study, we will keep the information about you that we have already obtained.

Health and care research should serve the public interest, which means that we have to demonstrate that our research serves the interests of society as a whole. We do this by following the UK Policy Framework for Health and Social Care Research. By providing this information, you consent to its collection and use in accordance with the study-specific information that you have been provided with. To safeguard your rights we are committed to data security and comply with the safeguards for research which are set out in the 2018 Data Protection Act. These include obtaining ethical approval for our research and using the minimum personally-identifiable information possible.

To protect your data during electronic transfer we use ‘Encryption’, a method which converts your personal information into a code, reducing the risk of an unauthorised person reading your personal information during transfer. When your data is stored your personal information will be kept in a secure data centre at the University of Leeds.

To further protect your data we recommend you take the usual steps to protect your password:

In addition, your computer and other IT equipment can be open to viruses which may compromise the security of data you have entered. We recommend that you have up to date antivirus software running on your computer and are using the most recent version of your preferred browser (e.g. Internet Explorer).

These steps all guard against unauthorised access, improper use, alteration, destruction, and accidental loss of personal data. Please note, whilst we take all the steps we can to minimise the risks, we cannot absolutely guarantee the safety of any personal information you transmit to us online.

4. Third-party access

Access to your personal information will be restricted to people authorised by the study team and will be used in accordance with the study-specific information that you have been provided with. We will process your data in line with the information provided here and as described in the study-specific information.

5. Cookies

Cookies are small text files that are placed on your device by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Our website uses only first party cookies, which means they are set by our web server as opposed to a different web server. There are two types of cookie: session cookies, which are stored on your computer upon visiting the site and are removed when the browser session ends and persistent cookies, which are stored on your computer upon visiting the site and persist until a certain time period has passed. They can also be removed manually from within your browser settings. By using our website you agree that we can place these types of cookies on your device.

We do not use cookies to collect personal information about you. Should you wish to restrict or block cookies which are set by our website you can do this through your browser settings. The ‘help’ function within your browser or the manual that comes with your device should tell you how. You may also wish to visit www.aboutcookies.org which contains comprehensive information on how you can do this on a wide variety of browsers. Please be aware that restricting cookies may impact on the functionality of our website.

Cookie Name Details
NSC_ruppm

This cookie is set by our Citrix NetScaler appliance and is used to ensure your browsing session remains on the same web server.

This cookie is deleted when you close the browser

ParticipantContext
ParticipantContext.sig

Used to remember to which organisation you belong. This is because different research teams use QTool and control of the data associated with those projects is independent.

This cookie expires after 1 hour

QToolParticipantAuth

Used to remember your questionnaire responses and login details. This enables you to remain logged in until after closing the browser window and allows us to pre-fill questionnaires with answers you have already supplied should you wish to navigate backwards.

This cookie is deleted when you close the browser

__RequestVerificationToken

Cookie used to protect your use of QTool from a specific vulnerability known as a cross site request forgery.

This cookie is deleted when you close the browser

ASP.Net_SessionId

Used to keep information whilst you move between pages

This cookie is deleted when you close the browser

__utma
__utmb
__utmc
__utmz

These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

6. University Code of Practice

The University’s Data Protection Code of Practice also applies to the use of personal data under this website. The Code can be accessed at http://www.leeds.ac.uk/secretariat/data_protection_code_of_practice.html.

7. Changes to this notice

This notice can be changed from time to time. Any changes will only be notified via this web page.

8. Further information and Contact

If you have any queries relating to this privacy notice or the way your data is being processed through this website then please contact qtoolprivacy@leeds.ac.uk. If you are dissatisfied with their response please contact the University Webmaster, webmaster@leeds.ac.uk.