• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Connecting Researchers and Research

Sign in/Register
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Privacy Policy
  • About
        • Our Mission
          • 2025 Vision
          • ORCID Trust
          • Annual Reports
        • Team
          • ORCID Board
          • ORCID Team
          • Work with Us!
        • Services
          • Member Portal
          • Annual data files
          • Member API
          • Public API
          • ORCID Registry
        • Governance
          • Bylaws
          • Board Elections
        • Policies
          • Privacy Policy
          • Dispute Procedures
          • Public Client Terms of Service
          • Open Source Project License
          • Public Data File Use Policy
          • Terms of Use
          • Brand Guidelines
  • For Researchers
        • Benefits for Researchers
        • Researcher FAQ
        • Video Tutorials
        • Your ORCID Record
        • Get Help
  • Membership
        • Membership Benefits
          • Benefits for Funders
          • Benefits for Publishers
          • Benefits for Research Organizations
          • Benefits for Research Resources
        • Get Membership
        • Member List
        • ORCID Map
        • Membership Comparison
          • Basic Membership
          • Premium Membership
          • ORCID Consortia
        • ORCID Consortia
          • Consortia Agreement
          • Consortia Onboarding Checklist
          • Roles and Responsibilities of ORCID Consortia
  • Documentation
        • Features
          • Member Portal
          • Member API
          • Public API
          • ORCID Registry
          • Annual Data Files
        • Workflows
          • Journal Articles
          • Employment
          • Peer Review
          • Funder and Grants
          • View More
        • Integration Guide
          • Getting Started with Your Integration
          • Sandbox Testing Server
          • Registering a Member API Client
          • Integration and API FAQ
          • View More
        • API Tutorials
          • Get an Authenticated ORCID iD
          • Read Data on a Record
          • Add and Update Data on an ORCID record
          • Hands On with the ORCID API
          • View More
        • Member Portal
          • Member Portal Organization Admin Guide
          • Member Portal Email Guide
          • Member Portal Beta Program Guide
  • Resources
        • ORCID Community
        • Community Programs
          • Certified Service Providers
          • ORCID API Users Group
          • Historical Task Forces, Working Groups, and Steering Groups
        • Get Involved
          • Community Groups
          • Developers
          • Give Feedback
          • ORCID API Users Group
        • Member Resources
          • ORCID Enabled Systems
          • Publishers Open Letter
          • Funders Open Letter
          • Standard Member Agreement
          • Outreach Resources
          • Register a Sandbox API Client
          • Register a Production API Client
  • News & Events
        • News
          • ORCID News
          • Member News
          • Consortia News
          • Integration News
          • Blog
          • Product Updates
        • Events
          • Events Calendar
          • Webinars

Keeping ORCID Trusted and Trustworthy: Updates to our Privacy Policy

May 1, 2019 By Will Simpson

Privacy is a fundamental concern for ORCID. One of the bedrock principles that guide our operations is that “Researchers will control the defined privacy settings of their own ORCID record data” — they decide what information they share, and who they share it with. We are committed to this principle even though the information in ORCID records is often available publicly from other sources.

Every year we review our privacy and security practices to ensure that they remain in line with this important principle and the other values outlined in the ORCID Trust Program. We also ensure that these practices reflect global best practices. We make any needed adjustments and then submit them for evaluation by a third party. This year our policy and practices were reviewed against assessment criteria of the EU-U.S. and Swiss-U.S. Privacy Shield Verification Program; TRUSTe has provided a letter of attestation of this review.

This year’s changes increased the privacy policy readability and made it easier to navigate how to get your questions and concerns addressed. We also made a few updates to our policy and practices to help strengthen your rights as an ORCID user and increase your privacy and data security protections.

These are the key updates to ORCID’s Privacy Policy:

  • Clearer release policy for government data requests. Our policy has always indicated that we may share information with regulators, enforcement agents, courts and/or other government entities if legally required to do so. In our most recent review, we decided that the language we used in this statement was ambiguous, leading to a lack of clarity about the conditions under which your data may be shared. We therefore removed the conditions of public safety or public policy, leaving only the legal requirement as a condition under which we would share data (section 6.4)
  • Stronger privacy protections for deactivated accounts. While email addresses have always been protected in our database, we have decided to provide additional privacy protections for addresses belonging to individuals who have decided to deactivate their account. We maintain email addresses so that, in future,  users can reactivate their ORCID iD if they wish. However, these addresses are now stored in a cryptographically-masked form that enables the iD to be matched to the email if the owner chooses to reactivate the account, but is not otherwise visible or accessible under any circumstance, including by ORCID staff (section 7.0)
  • Greater security for data “at rest”. ORCID data are now even more secure. They have always been encrypted when displayed on a webpage or sent, with your permission, to another system. Now data are also encrypted “at rest”, ie, stored in an encrypted filesystem. This means that even if a bad actor were able to get direct access to the hard drives in our data centre, they would still not be able to read any Registry data. This closes off a potential attack vector, and complements the many other security measures we have in place. (section 10.0)
  • Clearer policies for GDPR complaint handling. Under the European General Data Protection Regulations (GDPR), organizations are expected to handle complaints about the data they hold on individuals in a specific way. Our policy now clarifies these methods and provides a reference to the local Data Protection Agencies that can help with resolving complaints if needed (section 11.0)
  • All ORCID sites under one privacy policy. ORCID recently changed the tool we use to provide support services, including our helpdesk ticket handling, feature request forum, and help documentation. The previous tool had its own privacy policy and, with this change, the websites at support.orcid.org are now covered by ORCID’s privacy policy (section 15.0)

If you have any questions or concerns about ORCID’s privacy policy or these changes, please let us know. 

Thank you for your continued trust in ORCID!

 
Blog

Filed Under: ORCID News, Product Updates

Primary Sidebar

Search

Blog Posts by Category

  • Consortia News (39)
  • Integration News (50)
  • Member News (30)
  • News (434)
  • ORCID News (196)
  • Product Updates (75)

Recent Posts

  • Restructuring Engagement to Optimize Member Support
  • OpenAIRE EXPLORE Makes it Simple to Add Works to Your ORCID Record
  • 2021 Product: Our Progress to Date and Future Plans
  • Use Your ORCID Record to Build Your Career: An Interview with Dr. Adriana Romero-Olivares
  • ORCID and Morressier

Sign up for blog updates

We will only use your email to notify you when we have new blog posts. You can unsubscribe at any time. See our Privacy Policy for more information.

Check your inbox or spam folder to confirm your subscription.

ORCID logo

CC0 The text of this website is published under a CC0 license Images and marks are subject to copyright and trademark protection.

  • About ORCID
  • Privacy Policy
  • Terms of Use
  • Accessibility Statement
  • Contact us
  • Dispute procedures
  • Brand Guidelines