Participant privacy notice
Information about Our Future Health
We are grateful to every person who joins Our Future Health. Our Future Health will collect information from millions of volunteers right across the UK to create one of the most detailed pictures we’ve ever had of people’s health. Researchers will be able to use this information to make new discoveries about human health and disease.
Our Future Health Limited is the data controller responsible for your personal data. We are registered with the UK Information Commissioner’s Office (the ICO) number ZA769724. Our data protection officer (“DPO”) is responsible for handling questions that relate to this privacy notice. You can contact the DPO by email at dpo@ourfuturehealth.org.uk or by post to DPO, Our Future Health, 2 New Bailey, 6 Stanley Street, Manchester M3 5GS.
Our Future Health collects, stores and links many data sources, with the aim of providing a resource for health researchers to make new discoveries about human health and disease. “We, us, our” is Our Future Health, and “you, your” is an individual who has chosen to participate in Our Future Health.
This privacy notice explains how we process and protect the personal data of individuals (participants) who have chosen, and provided their informed consent, to participate in Our Future Health. This privacy notice applies to the processing of participant personal data alongside the Participant Information Sheet (“PIS”).
What personal data we collect
In this section, we explain the types of personal data that we process and why, along with any data that third parties process on our behalf. We collect, use, store and transfer the following types of data:
- Identity Data includes your name, title and date of birth.
- Contact Data includes your address, email address, telephone number and any communication we have had with you (including emails, phone calls, voicemail and conversations you may have had with our support team).
- Profile Data includes your participant ID, feedback, survey responses, data from devices that are linked to your account, and all other data linkages you have consented Our Future Health to access.
- Special Category Data includes personal data which reveals your racial or ethnic origin, genetic data, biometric data for the purpose of uniquely identifying you, data concerning health or data concerning your sex life or sexual orientation.
- Biological Data is special category data. It includes physical samples and data derived from analysis of biological samples you have provided to us, such as blood, saliva as well as imaging scans and other clinical data.
This data is required to enable researchers to make new discoveries about human health and disease. For more information, please refer to the participant information in your account page.
How we collect your personal data
We use a variety of ways to collect data from participants, and we try to make this as easy and convenient as possible. This may be through Our Future Health directly or third-party partners who manage and deliver appointments, under contract to us, to collect blood samples and physical measurements (where applicable). As a participant, we may collect your personal data in any of the following ways:
- By you filling in a questionnaire about yourself. We will ask you to complete an online questionnaire including questions about your lifestyle and health (for example, through our website or via the Our Future Health smartphone app).
- By you checking your consent status.
- By giving a sample of your blood or saliva.
- By giving your informed consent to participate, you allow Our Future Health to access, store and link to health-related records about you held by NHS England and other UK NHS bodies. We will keep collecting this information as the study goes on, for many years.
- By connecting devices which collect health and fitness data, such as a Fitbit or Apple Watch, or smartphone and/or web applications.
- By linking to other non-health data sources, for which you have given us consent.
If you join Our Future Health through NHS Blood and Transfusion (NHSBT), they will share with us information relating to your appointment, including your:
- Donor ID
- Donation Identification Number (DIN)
- future appointment details
- blood sample outcome to enable Our Future Health to ensure the best operation of the programme
Our legal basis and purpose for processing your personal data
All collection and processing of personal data must be legally justified with what is called a “legal basis”, under the UK GDPR and Data Protection Act 2018.
When processing the personal data from participants involved in Our Future Health, the legal bases are:
Purpose / Activity | Type of Data | Lawful Basis and Summary |
When you register to open an account with Our Future Health to participate in Our Future Health. | Name Date of Birth Phone Number Email Address Home Address | Article 6(1)(f) of the UK GDPR: We process this information to achieve our legitimate interests to ensure you:
|
Processing personal data that identifies a participant | Name Participant ID NHSBT Donor ID DIN Number Voucher ID Date of Birth Email Address Home Address | Article 6(1)(f) of the GDPR: We process this information to achieve our legitimate interests to:
|
Processing Special Categories* of Personal Data from a participant | Health, Biometric and Genetic Data | Article 9(2)(j) of the GDPR: We process this information in the public interest in the area of public health relating to scientific or historical research purposes or statistical purposes. As part of this, it may be processed for quality control purposes to ensure the quality of our data and functionality of the Trusted Research Environment. |
Recording a participant’s informed consent | Name Participant ID Number Date of Birth Email Address Home Address | Article 6(1)(c) of the GDPR: We process this information to comply with a legal obligation |
*The GDPR defines “special categories of personal data” as information that reveals a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership; and the processing of genetic data or biometric data for the purpose of uniquely identifying a natural person; data concerning health or data concerning a natural person’s sex life or sexual orientation. This sensitive data is subject to enhanced protections.
The overall purpose of Our Future Health is to preserve and advance human health. To use the legal basis of legitimate interest to process your personal data we must demonstrate that:
- Our Future Health has a legitimate interest to process this data
We provide a resource for health-related research, which will benefit the wider public from the discovery and testing of more effective approaches to prevention, earlier detection and treatment of diseases. Our legitimate interest is to preserve and advance human health. - That the data processing is necessary to meet that legitimate interest
Without the data that participants provide for analysis, we would be unable to establish the resource and researchers would not have the data they need to do the research. We remove identifying information from the data that researchers can use, and we store only that which we need for as little time as necessary (this is known as data minimisation). - That the interests of participants to process the data is balanced
We are required to conduct an assessment to ensure that our legitimate interests or need to process your data to conduct the research study, is balanced and proportionate and does not present any material risks to you. This means that we only collect data that is deemed necessary for the research study and that you would reasonably expect us to collect. We must also ensure that it is robustly protected and secure. All data collection has been approved by an independent ethics board whose role is to protect the rights and interests of participants.
When you provide your informed consent to join Our Future Health, you allow us to collect, store and make available information about you for health-related research for public good. You can review the informed consent you gave within your account, on the Our Future Health website.
Our Future Health may from time-to-time choose to link to other datasets which will enable additional health research, for example your fitness-tracking device or data related to diet and exercise. These linkages will be presented with the scientific rationale for extending data collection beyond conventional health data, however, it is entirely your choice as to whether you decide to allow these additional data linkages.
If you are eligible to receive a reimbursement voucher, a voucher will be issued to you via the participant dashboard. When you select to claim your voucher, you will be provided a URL which, when followed, allows you to select a retailer and download their voucher via a third-party voucher platform. No directly identifiable information is shared with the voucher platform or the retailer. Only a URL (along with an embedded unique voucher ID) is shared with the voucher platform. However, this is solely identifiable to Our Future Health.
Our Future Health are bound by strict medical, regulatory, and ethical rules which prevent us using participant and staff personal data in other ways not related to the programme.
For participants in England joining via NHS Blood & Transplant (NHSBT)
If you join Our Future Health through NHSBT, Our Future Health will share information with NHSBT about your participation, including your consent and withdrawal status to ensure the best operation of the programme.
In addition, Our Future Health will share the following information about you with NHSBT:
- specific genetic information from your blood sample
- personal data about you, to link the genetic information we will share with your NHSBT donor record
Our Future Health acts as a processor of NHSBT in relation to the sharing of genetic information with NHSBT and are contractually bound by robust security and data usage standards. You can read more about how NHSBT will use your data and keep it safe in the Participant Information Sheet and NHSBT’s privacy policy.
How we share your personal data
Data provided to Our Future Health is transferred to and stored in a highly secure data environment. During data transfer and at rest all data is encrypted to secure your identity and preserve your privacy. Personal identifiable data is then removed, and your information is transferred to a Trusted Research Environment (TRE) where it is accessed by researchers in a form which does not allow you to be identified.
Our Future Health enables external researchers from around the world to access the de-identified data. Researchers may be working for universities, commercial companies (including diagnostic and pharmaceutical companies) and charities focused on specific diseases. All of the work undertaken in the TRE is required to be health-related and for public good.
Researchers access the data within a TRE hosted by Our Future Health in a secure cloud storage environment. Subject to a written agreement, subsets of de-identified data are also transferred and hosted in other TREs, hosted by partners of Our Future Health, to allow researchers to work with other datasets not available in the Our Future Health environment. Re-identifying the de-identified data in the recipient TRE would be unlawful. Even though such re-identification is quite a remote possibility, we took the strategic policy decision to treat all de-identified data released into a TRE as ‘personal data’. Therefore, the highest ethical and data protection standards will apply to the de-identified version of your data too.
A full list of all TRE environments where your de-identified data is stored is available here. All environments where data is transferred and stored meet strict accreditation criteria. You can read more about the concept of TREs here and our TRE accreditation standards here.
All activity in the Trusted Research Environments is verifiably logged so that we (and external auditors) have visibility of the ways the de-identified data is accessed, recalled, stored and transferred. We undertake annual audits across all environments. Researchers are data controllers in their own right in relation to any de-identified data they may have access to and, as such, also have the highest levels of responsibility for complying with the UK GDPR. In addition, they sign a contract which includes an agreement not to attempt to re-identify participants at any time. Our Future Health only share your data with researchers who have been approved by our Access Board, and who are conducting health research for public good. Read more about our Access Board.
Access to the data resource by the police or other law enforcement agencies will be agreed to only under court order.
Our Future Health has undertaken the commitment to never allow access to participant information for anything other than for health research that is for the public good and never sell or provide participant personal information for the purposes of advertising or sharing with insurance companies.
When directed by you, or where both Our Future Health and our third-party suppliers and partners have a legitimate interest in data sharing (e.g., for the compatible purposes of managing our clinics, including handling complaints and management reporting) we may also share your personal data with these third parties. All such sharing is in compliance with your rights and any suppliers are contractually bound to support our legal obligations.
How we keep your data secure
Your data is transferred and stored in a highly secure data environment. During data transfer and at rest all participant data is encrypted to secure your identity and preserve your privacy. Once stored in our main database the identifying information is removed, and your information is transferred to a Trusted Research Environment (“TRE”) in a form which does not allow anyone to identify you.
Our Future Health stores all your data securely and to the highest industry and professional standards. Some of the steps we take to maintain secure and robust platforms:
- Undertake routine security testing of all platforms.
- Commission external experts to regularly test the security of our systems.
- Undertake an annual DPIA (Data Protection Impact Assessment).
Researchers must register with Our Future Health and be approved by an Access Board before they are given access to data. To preserve the privacy of participants all personal identifiers are removed before we transfer data to a TRE, so that individual participants cannot be identified.
Only a small number of approved (and security-checked) staff members at Our Future Health have access to identifiable data. This allows us to add more information to your record as it becomes available, and to manage your account.
Sometimes we ask third parties, including suppliers and partners, to carry out business functions on our behalf. Where we are required to share personal data with these third parties, we conduct robust due diligence assessments to ensure that they have appropriate security standards in place that protect your personal data, and we enter into a written contract imposing adequate security and usage standards on them.
You can view a current list of third-party processors, and details of the processing they do for Our Future Health here.
How long we keep your data
The Data Protection Act 2018 and UK GDPR legislation sets out additional rights and obligations for data controllers conducting scientific research for public good, for example data can be stored for research for long periods of time. We aim to balance your rights with the needs of researchers, to allow for maximum value to be extracted from the datasets, for health research in the public interest.
Our Future Health will run for a very long time. We hope to collect as much information as we can about people’s health as they get older, so researchers can look back to find the earliest signs of diseases. On this basis, Our Future Health will retain all data collected unless you fully withdraw from the research study.
International transfers
Where processing activities require data to be transferred outside the UK, EEA or country with a data adequacy decision, we will only make that transfer if:
- The country to which the de-identified data is to be transferred ensures a level of protection for personal data;
- We have put in place appropriate safeguards to protect your de-identified data, such as an appropriate contract with the recipient;
- The transfer is necessary for one of the reasons specified in data protection legislation, such as the performance of a contract between us and you; or
- You explicitly consent to the transfer.
How to withdraw from Our Future Health
There are two ways to withdraw from Our Future Health; partial or full withdrawal. You can withdraw at any time without giving us a reason.
- Partial withdrawal. This means we will not contact you again, or obtain any further information from your records, but we can continue to store the data we have already collected about you and researchers can continue to analyse those samples and data before you withdrew.
- Full withdrawal. This means we will not contact you again and we will destroy all the personal data and samples we collected from you. However, it won’t be possible to remove your data from any research that took place before your exit.
You can read more about withdrawal from Our Future Health here.
You can read more about what happens to your data and samples if you decide to withdraw here.
Your data subject rights
You have rights under data protection laws that relate to the personal data which we hold about you. In this section, we explain what your rights are, as they relate to Our Future Health.
Where we rely on our legitimate interest for health research, some of your standard rights, under UK GDPR, are affected:
Your right | Definition |
Right of access | Health research programmes like Our Future Health are not required or permitted by law to provide participants with their data in certain circumstances. For example, for some requests we may be required to carry out a serious harms test, and/or consider if it is deemed manifestly excessive. This means that, in certain circumstances, it may not be possible to fulfil a participant’s request to obtain a copy of the personal data processed about them during the study. If this is the case, we will respond to let you know. |
Right to object | These rights are covered by your ability to withdraw from Our Future Health, at any time and for any reason. |
Right to erasure | On request, data that identifies you personally can be deleted, but there are instances where de-identified data will be retained. This is because erasing data when a dataset has been locked for analysis would seriously impair the purposes of the research activity. In those circumstances, Our Future Health will retain de-identified data where erasing it would render impossible or seriously impair the researcher’s ability to complete their research. To ensure data governance and security, all data is retained in archival back-ups on a rolling 3-month basis. Therefore, deletion requests will not be fully completed until the archived back-up is replaced. Please be advised, however, that Our Future Health is legally required to retain details of all participants’ informed consent, along with the active time period and withdrawal, therefore, this data set cannot be deleted. |
Right to rectification | You have the right to update, correct or complete your personal data. This right does not apply to health data which you have provided to us. |
Right to data portability | This right relates to moving or copying your personal data from one data controller to another. This right would not be applicable in relation to Our Future Health since our lawful basis for processing your personal data is legitimate interests. |
Contact details
Our DPO will be happy to answer any questions and address any concerns about Our Future Health’s use of your personal data and can be contacted by email at dpo@ourfuturehealth.org.uk
If you are not satisfied with our response, or to make a complaint, you can contact the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues.
This privacy notice was last updated in May 2023. If we may make changes to this privacy notice, at any time, the most current version will be published here.