WHONET Data Privacy Policy

  1. Home
  2. Contact
Effective Date: 2026-05-22
Last Updated: 2026-05-22

The WHONET Team from the Brigham and Women's Hospital in Boston, MA, USA ("we," "our," or "us") operates https://whonet.org (the "Site"). We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (GDPR).

  1. Data Controller - For the purpose of the GDPR, the data controller is:
    Company Name: The Brigham and Women's Hospital
    Address: 75 Francis St. Boston, MA, USA
    Email: help@whonet.org
  2. Information We Collect
    We only collect personal data that you voluntarily provide to us through our website forms. This includes:
    • Identity Data: First name, last name, organization.
    • Contact Data: Email address.
    • Technical Data: IP address.
  3. How and Why We Use Your Data
    We will only use your personal data when the law allows us to. Most commonly, we use your data under the following legal bases:
    • Consent: You have given us clear consent to process your data for a specific purpose (e.g., checking our marketing newsletter box).
    • Contract Performance: To fulfill a request or service you have asked us to provide (e.g., managing your account).
    • Legal Obligation: To comply with standard legal or regulatory requirements.
  4. Data Retention
    We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Marketing data is kept until you opt-out or unsubscribe.
  5. Third-Party Sharing
    We do not sell your personal data. We only share your data with trusted third-party service providers necessary to run our business (e.g., email service providers like Mailchimp, hosting providers). All third parties are contractually bound to keep your data secure and processing compliant with the GDPR.
  6. Your Legal Rights
    Under the GDPR, you have the following rights regarding your personal data:
    • Right of Access: You can request a copy of the data we hold about you.
    • Right to Rectification: You can ask us to correct inaccurate or incomplete data.
    • Right to Erasure ("Right to be Forgotten"): You can ask us to delete your personal data.
    • Right to Withdraw Consent: Where you gave us consent to contact you (such as our checkbox), you can withdraw it at any time by clicking "unsubscribe" or contacting us directly.
    To exercise any of these rights, please contact us at help@whonet.org.