The Medical Research Council Lifecourse Epidemiology Unit (MRCLEU) is a research establishment within the University of Southampton. The MRCLEU complies with the requirements of the General Data Protection Regulations (GDPR) and the Data Protection Act (2018) with regard to the collection, processing, storage and disclosure of personal information. The University of Southampton is the joint “Data Controller” and we adhere to the requirements of the Southampton University Privacy Policy

https://www.southampton.ac.uk/about/governance/policies/privacy-policy.page

The MRCLEU collects a large amount of research information about our cohort participants.

Our legal basis for using your information, under GDPR and the Data Protection Act 2018, is performance of a task carried out in the public interest (Article 6(1)(e) in the GDPR); and, where sensitive personal information is involved, for scientific or historical research purposes or statistical purposes (Article 9(2)(j) in accordance with Article 89(1)). In addition we seek consent when appropriate, which we use to help ensure our research is ethical and complies with other applicable laws.

All our research studies comply with the University of Southampton’s Privacy Notice for Research Participants. You can access the Privacy Notice here:

https://www.mrc.soton.ac.uk/web2/research/privacy

The Research Information we collect

We will only collect your data with permission. Once we have collected it, it will be processed for research use. It will be stored securely and confidentially. We will de-identify the research data, so you cannot be identified from it. Data will only be released to accredited researchers who have been approved by the MRCLEU.

Where we store your personal data

All information you provide to us is stored on our secure servers in a secure building. All of our laptops are encrypted. No personal details are saved on local drives. All paper records, photographs and recordings are held in secure buildings.

We use strict procedures and security features to prevent unauthorised access to our systems.