MDI Biological Laboratory

Privacy Policy

Welcome to the MDI Biological Laboratory. In this document, we set forth our Privacy Policy with regard to the personally identifiable information that we collect online through mdibl.org and through other sources.

MDI Biological Laboratory Privacy Policy

July 9, 2018

Personally identifiable information is information that enables us to identify you, directly or indirectly, through a reference to an identifier such as your name, address, affiliation, online identifier or one or more factors specific to you. Personally identifiable  information excludes anonymous information or information from which the identity of an individual has been permanently removed.

Your use of the MDI Biological Laboratory websites and/or provision of your personal information to the MDI Biological Laboratory constitutes your consent for us to use, store, process and transfer that information in accordance with this Privacy Policy.

For the purposes of the European Union General Data Protection Regulation 2016/679 (GDPR), the data controller is the MDI Biological Laboratory, located at 159 Old Bar Harbor Road, P.O. Box 35, Salisbury Cove, ME 04672.

QUESTIONS 

If you have any questions or complaints regarding this privacy policy, please

  • Send an e-mail to privacy@mdibl.org
  • Write the MDI Biological Laboratory at 159 Old Bar Harbor Road, P.O. Box 35, Salisbury Cove, ME 04672, ATTN: Director of Information Technology
  • Call the Director of Information Technology at 207-288-9880, ext. 127

PART I  MDI BIOLOGICAL LABORATORY WEBSITE PRIVACY POLICY

Our websites include forms to request information; to donate; and to register for courses, conferences and events. We use the personal information from these forms to respond to your requests for information and to process your donations or registration fees.

This Privacy Policy discloses the MDI Biological Laboratory’s privacy practices and contains detailed information about the following:

  1. What information do we collect?
  2. What are cookies and how do we use them?
  3. How do we handle the information we collect?
  4. How do we use the information we collect?
  5. Do we share information with third parties?
  6. How can I opt out of receiving your communications?
  7. How can I review and modify my personal information?
  8. What types of security procedures are in place to protect against the loss, misuse or alteration of my personal information?
  9. Do we collect information from children?

1. What information do we collect?

a.) Information you knowingly provide to us:

The MDI Biological Laboratory collects personally identifiable information in the following ways from different parts of our websites when you:

  • Ask to receive our e-newsletters, publications and other communications
  • Make a donation
  • Participate in online surveys
  • Apply for employment
  • Engage in communications via forms, email or other communications media
  • Register for a conference, course, event, seminar, symposium or workshop
  • Participate in our fellowship or visiting scientist programs
  • Request services such as, but not limited to, meals and housing

In the course of such activities, you may knowingly share relevant personally identifiable information that may include your name, home and/or work email address, home and/or work postal address, phone number and/or fax number, employer and job title, the institution you are affiliated with, your educational records and your birth date, gender and race.

If you are making a donation or registering for a course, your personally identifiable information may include payment information, such as payment method, credit card information and the contact information — such as name and postal address — associated with your payment billing information. You are only required to provide payment information if you donate to the MDI Biological Laboratory or sign up for a course, conference, event, workshop, seminar, service or symposium that carries a fee.

b.) Website use information:

When you visit our websites, information such as your IP address, browser type and version, time zone settings, browser plug-in types and versions, operating system and platform type (e.g., Internet Explorer browser on a Windows platform) is automatically recorded by our contracted services.

Information about your visit, including the pages that you viewed or searched for, page response times, download errors, lengths of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs and methods used to browse away from the page) may be collected by our contracted services. The gathering of such information helps us identify which browsers to support and helps us determine how many people visit our websites and what sections are most popular.

The technologies used for this automatic data collection may include cookies.

2. What are cookies and how do we use them?

A cookie is a small text file containing a unique identification number that is transferred from a website to the hard drive of your computer. This unique number identifies your web browser to our computers whenever you visit our websites, enabling the websites to remember your actions and preferences.

The use of cookies is an industry standard, and cookies are used on most major websites. Most web browsers are initially set up to accept cookies. If you prefer, you can reset your browser to notify you when you have received a cookie. You can also set your browser to disable cookies.

While we do not require you to use cookies, certain services will not function properly if you set your browser to disable cookies. For instance, we generally use cookies to identify returning visitors so they don’t have to re-enter preferences when they return to the site or browse from one page to another.

The information we collect with cookies also allows us to statistically analyze the use of our websites, and to improve and customize our content and other offerings. However, we only disclose information collected with cookies to third parties on an aggregated basis without any information that personally identifies you.

Note: If you have previously chosen to accept or reject cookies from this web site you may reset your preference using the button below.  This will cause a banner to appear at the bottom of the page where you can choose again.  This setting only applies to this web site.

[cookies_revoke]

3. How do we handle the information we collect?

The MDI Biological Laboratory takes our commitment to respect and protect your privacy and security very seriously. We are committed to high ethical standards in our financial transactions and to inspiring trust by conducting transactions only with third parties that employ high-level security technology to protect personal information.

We will only process your personal information, including sharing it with third parties, in cases in which

  • You have provided your consent, which can be withdrawn at any time (see below)
  • Processing is necessary for the performance of an agreement to which you are a party, i.e., a donation or course enrollment
  • Processing is required by law
  • Processing is required to protect your vital interests or those of another person
  • Processing is necessary to our legitimate interests, provided your fundamental rights do not override those interests

4. How do we use the information we collect? 

Personally identifiable information collected by the MDI Biological Laboratory is used  to:

  • Solicit and process donations
  • Solicit and process applications and registrations
  • Process data on employees, job applicants and volunteers
  • Respond to comments, requests or inquiries
  • Provide information on educational offerings
  • Publicize activities and achievements
  • Evaluate programs
  • Create reports
  • Investigate and prevent fraudulent activities
  • Comply with applicable law or regulatory requirements
  • Other legitimate business purposes

We also use aggregated, anonymous data for a variety of legitimate purposes, including to analyze the collective characteristics and behavior of visitors to our websites; to assess visitor interest in our websites, e-newsletters and other forms of digital outreach; and to report demographic and other anonymous information to funding sources.

5. Do we share information with third parties?

The MDI Biological Laboratory does not share or sell personally identifiable information with third parties except 1.) as is necessary to complete  transactions requested by you, in which case the transaction takes place under strict confidentiality and security protections; 2.) in cases in which such information is required in order to comply with the law; and 3.) in cases in which processing is necessary for the purposes of our legitimate interests, provided your interests and fundamental rights do not override those interests.

6. How can I opt out of receiving your communications?

The MDI Biological Laboratory provides interested parties with the opportunity to opt out of receiving communications from us. If you no longer wish to receive specific communications or services, you can

  • Send an e-mail to privacy@mdibl.org
  • Write the MDI Biological Laboratory at 159 Old Bar Harbor Road, P.O. Box 35, Salisbury Cove, ME 04672, ATTN: Director of Information Technology
  • Call the Director of Information Technology at 207-288-9880, ext. 127

Instructions for opting out of any MDI Biological Laboratory e-mail newsletter you receive are included with each e-mail.

7. How can I review and modify my personal information?

You have the following options for modifying personal information previously provided to the MDI Biological Laboratory or for deleting such information:

  • Send an e-mail to privacy@mdibl.org
  • Write the MDI Biological Laboratory at 159 Old Bar Harbor Road, P.O. Box 35, Salisbury Cove, ME 04672, ATTN: Director of Information Technology
  • Call the Director of Information Technology at 207-288-9880, ext. 127

8. What kinds of security procedures are in place to protect against the loss, misuse or alteration of my information?

The MDI Biological Laboratory’s websites have security measures in place that are equal to or better than those reasonably expected of an independent, nonprofit research institute to protect against the loss, misuse and alteration of personally identifiable information that is under our control. While we cannot guarantee that loss, misuse or alteration of data will not occur, we take reasonable precautions to prevent such occurrences. Most of the information collected through our websites, including credit card numbers collected for financial transactions, is encrypted prior to transmission.

You should, however, log out at the end of each computer session to ensure that others cannot access your personal information and correspondence, especially if you share a computer with someone else or are using a computer in a public place such as a library or an internet cafe.

Also, our websites may link to other sites that are not under our control. If you click on a third-party link, you will be taken to a website that we do not control. Our Privacy Policy does not apply to the privacy practices of that website. We are not responsible for third-party websites or their policies.

If you believe your information may not be secure for any reason, please contact us immediately at privacy@mdibl.org.

9. Do we collect information from children?

The MDI Biological Laboratory does not knowingly collect personally identifiable information from children under the age of 13. If we learn that we have collected  personally identifiable information of a child under the age of 13, we will take reasonable steps to delete such information from our files as soon as is practicable. Please contact us if you believe we have any information from or about a child under the age of 13.

PART II – MDI BIOLOGICAL LABORATORY PRIVACY POLICY FOR INFORMATION COLLECTED OTHER THAN THROUGH OUR WEBSITES

If you submit personally identifiable information to the MDI Biological Laboratory through a channel other than our websites, including in the form of hard copy, checks and documents such as licenses and passports, the same privacy rules set forth in Part I, above, will be applied to the personally identifiable information you submit through such channels, including your opt-out rights.

PART III  YOUR EUROPEAN PRIVACY RIGHTS

For European Residents Only. If you are a resident of the European Union (EU), you have rights in certain circumstances under the GDPR in relation to your personally identifiable information as follows:

  • Request access to your personal information. You may have the right to request access to any personally identifiable information we hold about you, as well as related information, including the reasons for processing the personal information; the recipients or categories of recipients with whom the personal information has been shared, where possible; the period of time for which the personal information will be stored; and the source of the personal information.
  • Request correction of your personal information.You may have the right to obtain, without undue delay, the rectification of any inaccurate personally identifiable information we hold about you.
  • Request erasure of your personal information.You may have the right to request that the personally identifiable information we hold about you is deleted.
  • Request restriction of processing your personal information. You may have the right to prevent or restrict the processing of your personally identifiable information.
  • Request transfer of your personal information. You may have the right to request the transfer of your personally identifiable information directly to a third party where this is technically feasible.

If you believe we have not complied with our obligations under this Privacy Policy or the European data protection laws, you have the right to make a complaint to an EU Data Protection Authority, such as the UK Information Commissioner’s Office (https://ico.org.uk/).

If you wish to exercise your European data subject rights, you have the following options:

  • Send an e-mail to privacy@mdibl.org
  • Write the MDI Biological Laboratory at 159 Old Bar Harbor Road, P.O. Box 35, Salisbury Cove, ME 04672, ATTN: Director of Information Technology
  • Call the Director of Information Technology at 207-288-9880, ext. 127

PART IV  YOUR CALIFORNIA PRIVACY RIGHTS (CalOPPA)

The California Online Privacy Protection Act (CalOPPA) is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. (See more at https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?division=8.&chapter=22.&lawCode=BPC.)

In accordance with CalOPPA, this Privacy Policy notifies you of the following:

  • What information we collect
  • With whom it is shared
  • How it can be reviewed or changed
  • How it is secured
  • How policy changes will be communicated
  • How we handle do-not-track (DNT) signals from web browsers
  • How to block tracking technology
  • If we share data with third parties
  • How to address concerns over misuse of personal data

PART V  UPDATES TO PRIVACY POLICY

The MDI Biological Laboratory may make changes to the Privacy Policy from time to time to reflect changes in legal or regulatory obligations or in the way in which we handle personally identifiable information. We will post any revised versions of our Privacy Policy on our websites. Any changes will be effective on the effective date stated in the revised Privacy Policy.

Privacy Policy effective July 9, 2018. Updated Nov. 6, 2018.