SBGrid - News and Events

Privacy Policy - Academic Software Initative

Published: March 8, 2024

ACADEMIC SOFTWARE INITIATIVE PRIVACY POLICY

This policy governs privacy considerations around the Academic Software Initiative (ASI), based at Harvard Medical School, which includes software use through SBGrid, BioGrids, and all other initiatives that rely on ASI software infrastructure (collectively the Academic Software Platform “ASP”).

This policy is incorporated by reference and made a part of the ASI License Agreement.

The following discloses the information gathering and dissemination practices for the ASI through ASI websites: https://sbgrid.org/, https://data.sbgrid.org, https://biogrids.org, and in connection with the related ASP.

INFORMATION GATHERING AND USE

Member Information
The information ASI collects about its members can be divided into two categories: Consortium Participation Information and Software Access and Use information.

The Consortium Participation Information (CPI) that ASI collects is of the type necessary to support full access to Consortium services and may include:

ASI Principal Investigator (“PI”)(in nonprofit context) or chief Scientist (in for profit context) Information: name, preferred pronoun, gender, phone, email, social media accounts, and identification as historically underrepresented in science, institutional affiliation (as applicable), lab or company website, and university or company billing and administrative information.
For those identified as administrative, billing, or technical contacts: Name, email, phone number, and institutional or company affiliation.
ASI Users (includes but is not limited to Licensed Users and Research Group members): name, email, phone number, laboratory affiliation, social media account.
All of the above user types: historical information about participation in SBGrid events, historical information about use of SBGrid services, response to post-event surveys.

Examples of how ASI will use CPI include:

Compliance: completing licensing agreements
Invoicing: tracking subscription elections, invoicing, and processing fee payments
Communication: direct communication with Consortium members
Services: identifying software tools available, providing support, tracking usage
Transparency: making useful information available to members and the public, including listing member laboratories on ASI websites with the names of PIs, institutional affiliations and the year each lab joined ASI
Strategic decisions to support the portfolio of ASI services

The operational information ASI collects is used to monitor and improve ASI technical operations and software resources and to help guide future software development. ASI operational information may include irreversibly hashed UNIX user names, irreversibly hashed computer IP addresses, lab/university name, operating systems type and computer architectures, program usage duration and volume, and crash statistics in the form of application exit status. ASI does not collect file names, file paths, program logs, program output, or any locally stored user data or metadata. We use the user-level operational information to better support our software, to curate our software library, and give useful feedback to program developers. ASI may also share de-identified, aggregate user-level operational data with developers about the particular software they contributed to ASI, to help developers to continue to improve the programs.

We also use de-identified, aggregated operational data internally, in funding proposals and policy and research papers. A selection of the deidentified, aggregate data may also be disseminated on ASI websites and other public forums to help all members of the community better understand structural biology software and hardware trends.

ASI may also provide member information to third parties as necessary to satisfy any applicable law, regulation, legal process or governmental request; detect, prevent or otherwise address fraud, security, or technical issues; or protect our rights and safety and the rights and safety of our users or others.

Other Information
ASI also collects other information from public sources and disseminates it through the website, including:

Photos and additional biographical information about individual members, such as work history and nationality, with their knowledge and consent;
Names of the developers of software tools and their institutional affiliations and email addresses;
Photos and biographical information about individual developers, such as institutional affiliations, work history, nationality, with their knowledge and consent;
Information about publications by members, developers and other researchers;
Names and biographical information for workshop presenters;
Names, photos and biographical information on ASI staff and advisory board members.

If you send us an email, the email address you provide may be used to send you information, respond to inquiries, and/or other requests or questions. We will not share, sell, rent, swap, or authorize any third party to use your email address for commercial purposes.

THIRD PARTY TOOLS

All business information collected by ASI is stored on systems, which are located behind a firewall located at Harvard Medical School (e.g. Admin Database, LDAP, SYMPA mailing list), in third-party cloud-based systems such as GSuite, Salesforce, and other comparable business tools which are used to support our operation. We also may use YouTube, Twitter and FaceBook and other social media sites for distribution of webinars and other information published on the ASI websites. All these third-party tools may also be governed by their own additional privacy policies (e.g. https://www.salesforce.com/company/privacy/). Please note that ASI does not control and can take no responsibility for the privacy practices and data security measures of such third parties.

Website Analytics and Cookies
Google and other third parties may use cookies, web beacons, and similar technologies to collect or receive information from this website and elsewhere on the internet and use that information to provide various measurement services and target ads. For more information on Google Analytics, consult their terms of use, privacy practices, and ads settings. You can opt out of the collection and use of this information through tools like the Network Advertising Initiative opt-out page.

Cookies are small files that are stored on your computer (unless you block them). We use cookies to understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. You may disable cookies through your individual browser options or you can opt out of the collection and use of this information through tools like the Network Advertising Initiative opt-out page.

Security
The ASI employs administrative, technical, and physical security measures to protect the security of the operational information under our control. UNIX User names and IP addresses are irreversibly hashed as part of data collection, and only resulting unique hash values are transmitted to ASI. The remaining operational information is encrypted on users’ computers and transmitted to ASI using secure protocols. The data is encrypted at rest on servers under ASI administration.

Also, ASI is not responsible for the security measures or privacy practices of any third party program or software contained in the ASI software library, which might collect additional information and transmit it directly to developers.

Please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure.  

Further Information
If you have any questions about usage of business information, operational information or other information by ASI, please contact us at accounts@sbgrid.org.

Effective Date: The effective date of this policy is March 8, 2024.