Research Design Service South East

Data protection and privacy

Data protection and privacy

Who we are

The Research Design Service SE (RDS SE) is funded by the National Institute for Health and Care Research (NIHR) to provide research design advice to health and social care researchers in the South East of England. Therefore the NIHR are the Data Controller for the data processed by RDS SE.

The RDS SE complies fully with the Data Protection Act 2018 EU General Data Protection Regulations which came into effect on 25th May 2018.

How we use your information – support requests

When you complete a ‘request for support form’ on our website, we will ask you for your contact details, which include your name and a method of contact such as your email address, information about your organisation and information about your research project. This personally identifiable information is stored securely by the RDS SE on a database managed by Webfuel and is used to facilitate our advice provision. All information that you provide us with will be treated confidentially. Data may also be shared with key partners from the NIHR such as the CRN or CTU to enable to them to provide comprehensive support about your research project.

The data is also shared with the NIHR, who fund the RDS SE, for annual reporting purposes.

Our purpose for sharing data with the NIHR is for them to evaluate the management and delivery of the NIHR award. The information collected here about you and those supported through the NIHR award will allow us to evaluate the management and delivery of the NIHR award. You are responsible for informing the members of your research team that their information will be submitted to the NIHR for the purposes of evaluating the management of the award.

The Central Commissioning Facility (CCF) is part of the Department for Health and Social Care (DHSC) National Institute for Health and Care Research (NIHR), and they are responsible for evaluating the RDS SE. The contracting agent for CCF is LGC. The DHSC is the data controller and LGC is the data processor under the General Data Protection Regulation (GDPR) EC 2016/679. The NIHR and its contracting agents respect the privacy of individuals who share their data and process it in a manner that meets the requirements of the GDPR. The data we collect here is collected in the public interest. Information provided here may be subject to Freedom of Information requests.

The NIHR privacy policy includes further information including ways NIHR may use your data, contact details and details of your individual rights regarding how your data will be used. The data submitted may be shared across the NIHR, including with other NIHR coordinating centres, to allow the establishment of a collaboration, provide funding opportunities and for statistical analysis.

You will be asked to let us know about outcomes of your research application(s). All publically funded projects, funding minutes and decisions are made publically available and all successful applications are made available via the Europe PubMed Central (Europe PMC). If we are unable to obtain an outcome from you then we will use publically available sources, such as Europe PMC or information gained from funders to determine an application’s outcome. We use this information to help improve our service and to help inform our advice in the future as well as to report how are service is performing to our funders, the NIHR.

How we use your information – mailing lists

If you have agreed to join our mailing list, we will send you our monthly e-bulletin, annual newsletter and occasional information about local RDS SE events.

We will never sell or swap your details with third parties, but we do use MailChimp as a means of distributing the e-bulletin; therefore, your name and email address will also be held by them. MailChimp do not sell subscription lists, contact or market to people on these lists, or share these lists with any other party. Please see MailChimp’s Privacy Policy.

From time to time the RDS will ask you, anonymously, to evaluate the service that you have received, whether it is project support or, for example, event attendance. The feedback we receive is used to improve our service and quotes may be used as feedback to our funders. Collated data will be kept until one year after the end of successive RDS contracts, individual data will be kept for one year.

CCF asks us to circulate their RDS evaluation survey each year, to those who we have provided application support to in the latest annual reporting period. Please consult the NIHR privacy policy for the handling of that data.

How to contact us

If you wish to contact us to ensure that your contact details are correct and up-to-date or to ask for your contact information to be removed from our records, please contact us.

RSD SE’s Data Protection Officer is Anya Lux and she can be contacted at the above email address.

Should you have any complaint about the way that RDS SE processes your personal information you can make a compliant to the Information Commissioner by visiting: or by writing to the Commissioner at:

The Information Commissioner, Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.


How long will we keep your data?

Whilst your proposal is ‘active’ within the Research Design Service process we will regularly check your contact details are up-to-date and maintain records of your most recent details in our secure database.

Your contact information and data in our database will be removed from our records one year after the end of the RDS SE contract period (currently 01/10/2023), unless the information relates to a financial transaction when we are obliged to retain it for up to seven years for auditing purposes.

This Data protection and Privacy statement is subject to review and development and any changes will be posted on our website. This will help ensure that you are always aware of what personal information we collect, how we use it, how long we will retain it and under what circumstance, if any, we share it with other parties.

Cookie use

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Some of them are sent to other sites on the web that you visit, to find out more about the ones that we use, and why we use them, please keep reading.

Cookies set by our site

Google Analytics

Google Analytics sets cookies named _utma, _utmb, _utmc and _utmz. These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Very many websites will set these cookies. To provide website visitors more choice about how their data is collected by Google Analytics, Google have developed the Google Analytics Opt-out Browser Add-on. Installing the Add-on allows users to stop the browser sending information about their visit to Google Analytics. Further detail here.

Social Network Site Cookies

Facebook, Twitter, G+ etc. These are used for buttons such as like, tweet, bookmark etc. These are set by your social network upon login and are required to allow such services to interact with other websites. These cookies mean that the social sites will be able to tell that you visited our site.

Session cookies etc.

These cookies are used only for the functioning of the site – they are not sent to other sites.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit

IP address

When you visit our web pages we will collect your IP address for the purpose of both the prevention and detection of fraudulent access and misuse.

Request Support