As a data processor, Ethica does comply with GDPR regulations and currently multiple European institutions have Data Controller/Data Processor agreements with Ethica in place.
1. GDPR does apply to Ethica, as a data processor.
2. Participant unambiguous consent
This consent form will be presented to participants prior to joining a study, and they have to agree to this before being able to participate. The consent form is available to the participant throughout the study participation.
3. Further processing outside of what mentioned in the consent form
Ethica does not perform any processing on the data collected for a given study.
4. Participants right to access their data
Ethica provides each participant with an online account. The credentials of that account are the same as the ones used to sign up in the Ethica app. Participants can log in to their online account on Ethica's website at any time to access their data.
5. Participant's right to delete their data
6. Data Portability
Participants in any Ethica study can contact Ethica's Support team and ask for a copy of their data. We will provide them with a machine-readable file containing all data collected from them.
7. Data Storage and flow
Ethica stores all data on servers physically located in Canada. All Ethica employees and support staff are also located in Canada, therefore the data does not flow to any country other than Canada. Canada is considered by the EU Data Protection Commission as a country that provides adequate data protection.
If you have any questions regarding this topic, please feel free to email us.