Oxfordshire Science Festival Data Management Policy
The Festival will not sell audience data.
The Oxfordshire Science Festival (OSF) may, with consent from the individuals, share aggregate or anonymised data with carefully selected third parties, such as the UK Science Festival Network, for developing the culture of successful science festivals in the UK.
OSF may interrogate data, with the assistance of third-party researchers. In this instance ethics approval will be sought from a university research ethics committee (or equivalent) and this will be highlighted at the point of data capture. These data may be audio-visual, text based, or biometric information, which may be combined over a time period with data from other sources. Records will be kept confidential at all times during analysis and only aggregate or anonymised results of analysis will be used in publications of any form.
In the event that personal data, such as a written quote, photograph or audio-visual recording are to be used in a publication, which clearly identify an individual, OSF will only do so where the individual (or his/her parent/guardian) has given specific consent.
If individuals do not want to appear in group photographs or audio-visual recording, for instance at crowded events or in recorded audience Question & Answer, where perimeter signage has indicated an ‘opt-out’ clause, individuals must make their views known and identify themselves to the Festival team in the recording/s, otherwise OSF assumes consent and will not specifically identify any individuals thereafter.
OSF will store data related to the Festival audience using local servers or using a professional third-party data storage facility. The preferred supplier, SmartSurvey, stores data on UK/EU-based servers, is ISO27001 certified and fully compliant with the internationally recognised standard for the information security management system (ISMS). The standard requires systematic examination of information security, with comprehensive policies to manage proactively data security risks.
Data will be managed in accordance with the Data Protection Act 1998 and you may ask us to remove your records by contacting firstname.lastname@example.org.