Policies
Inclusive Research Environment Achieved through Culture Change (I-REACCH) privacy notice for research participants
Information you need to know
The Wellcome I-REACCH Project is part of the University of Leicester.
The University of Leicester is the Data Controller for your information. The Data Protection Officer is: Parmjit Gill, who can be contacted by email: dpo@leicester.ac.uk.
This Privacy Notice provides information about how the University of Leicester collects and uses your personal information.
What is ‘personal information’?
‘Personal information’ means any information which relates to or identifies you as an individual.
What information are we collecting or using?
The personal data we process about you will be:
- Contact information: Your name and your email address, used to keep in touch with you.
- Research contributions: Notes and audio recordings from participation in meetings, focus groups, conferences, interviews, and workshops. Notes will be pseudonymised (where your identifiable data is replaced with a code). Audio recordings will be anonymised.
In addition to this, the University may process some information about you that is classed as ‘sensitive’ or ‘special category’ personal data, and which requires additional protections.
- Ethnicity data: To support our equal opportunities monitoring
- Access needs and dietary requirements: To ensure events are inclusive and accessible
- Other sensitive data: Where you chose to share this during recorded conversations. These recordings will be anonymised.
Your data will be stored securely on University systems.
Why are we processing your data?
We are collecting your data to learn more about the research culture at the University of Leicester and to evaluate the interventions we are piloting.
What is our legal basis for using your data?
The legal basis for the processing of participant information that we are collecting and using for the study is that it is ‘necessary for the performance of a task in the public interest (Public Task)’ as set out in the Data Protection Act 2018 and UK GDPR Article 6.1.(e). Research is a task that is performed in the public interest.
Our additional conditions for processing special category information are:
that it is necessary for ‘archiving in the public interest, scientific research or statistical purposes’ as set out in the Data Protection Act 2018 and UK GDPR Article 9.2.(j).
Who will my personal information be shared with?
Prior to sharing information, all identifiers are removed and replaced with a code 9pseudonymisation) so that you cannot be identified, Pseudonymised data will be shared with our research partner and with our funder. Appropriate confidentiality agreements are in place for the security of your data.
Where did the University of Leicester source my data from?
We will collect data directly from you – through survey responses, interviews, focus groups, emails, observations, and any other source of feedback you wish to share with us. We may also source data from our internal databases such as SAP, SITS and MyPGR. You will be informed before any such access occurs and have the right to opt out of us using this data.
Cookie-like technology examples
We are tracking links which show the sources of traffic to our website so we can monitor engagement.
How long will the University of Leicester keep my data?
We will retain your data only for as long as we need it to meet our purposes, including any relating to legal, accounting, or reporting requirements.
Identifiable personal data (e.g., your name and email address will be kept only as long as we necessary to fulfil all the actions that require us to hold them, for example sending you a copy of the results of the study if you have requested this. The data will be destroyed no longer than 6 months after the study ends.
Pseudonymised research data will be retained for 6 years, in line with the University of Leicester’s data retention policy.
Any fully anonymised data stored in research repositories will not be identifiable and will not include raw data or original recordings.
What rights do I have regarding my data?
You have the right to access, correct, or delete your personal data, to object to or restrict how it is used, to request its transfer to another organisation, and to avoid decisions made solely by automated processes.
Some of the above rights are not absolute. If you want to exercise any of the rights described above, please contact the University’s Information Assurance Team.
We will do our best to respond quickly and within the timeframes set out by data protection law. To help us handle your request and improve our services, we may keep a record of our communications with you.
Complaints to the University
If you are dissatisfied with the way the University have used your information, you should complain to the University’s Information Assurance Team.
Complaints to the ICO
If you are not satisfied with the way the University has handled your complaint, you also have the right to raise your concerns with the Information Commissioner’s Office (ICO). The ICO is an independent authority which oversees how personal data is used. Guidance on how to contact the ICO can be found at www.ico.org.uk.
Changes to this privacy notice
This privacy notice was published in November 2025. We may change this privacy notice from time to time and will communicate these changes directly to you where appropriate. If you have any questions about this privacy notice or if you would like to access any of your rights, please contact Information Assurance Services: ias@leicester.ac.uk.