WHONET Data Privacy Policy

  1. Home
  2. Contact
Effective Date: 2026-05-22
Last Updated: 2026-05-22

The WHONET Team from the Brigham and Women's Hospital in Boston, MA, USA ("we," "our," or "us") operates https://whonet.org (the "Site"). We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (GDPR).

  1. Data Controller - For the purpose of the GDPR, the data controller is:
    Company Name: The Brigham and Women's Hospital
    Address: 75 Francis St. Boston, MA, USA
    Email: help@whonet.org
  2. Information We Collect
    We only collect personal data that you voluntarily provide to us through our website forms. This includes:
    • Identity Data: First name, last name, organization.
    • Contact Data: Email address.
    • Technical Data: IP address.
  3. How and Why We Use Your Data
    We will only use your personal data when the law allows us to. Most commonly, we use your data under the following legal bases:
    • Consent: You have given us clear consent to process your data for a specific purpose (e.g., checking our newsletter box).
    • Contract Performance: To fulfill a request or service you have asked us to provide (e.g., managing your account).
    • Legal Obligation: To comply with standard legal or regulatory requirements.
  4. Data Retention
    We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Data is kept until you opt-out or unsubscribe.
  5. Third-Party Sharing
    We do not sell your personal data. We only share your information with trusted third-party collaborators (e.g. WHO, FAO).
  6. Your Legal Rights
    Under the GDPR, you have the following rights regarding your personal data:
    • Right of Access: You can request a copy of the data we hold about you. Please contact us at help@whonet.org.
    • Right to Rectification: You can ask us to correct inaccurate or incomplete data. Please contact us at help@whonet.org, or remove your data using the data management page and enter the corrected version using the Site.
    • Right to Erasure ("Right to be Forgotten"): You can ask us to delete your personal data. You may remove yourself from our records at any time using the data management page.
    • Right to Withdraw Consent: Where you gave us consent to contact you (such as our checkbox), you can withdraw it at any time by clicking "unsubscribe" or contacting us directly. You may remove yourself from our records at any time using the data management page.