Confidentiality

Protecting the data you give us is our top priority. All of your data will be stored on secure servers at the University of Cambridge and will be password protected. Identifiable information (such as name, address, date of birth) will be stored separately from non-identifiable data. Non-identifiable data will be identified by a specific code. This process is called pseudonymisation. Only the database manager will have access to your identifiable information.

Researchers will have access only to your pseudonymised data, which they will use for research. Data shared with external researchers will be shared using highly secure research databases (repositories) and will be fully anonymised.

When we receive your medical data, we will remove all personally identifiable information and pseudonymize it. We will store this data securely as mentioned above. Spectrum 10K complies with the following regulations to ensure all data are stored correctly and managed properly:

• UK General Data Protection Regulation (GDPR)
• Data Protection Act, 2018 (DPA)

The GDPR is a regulation in EU law on data protection and privacy put into place to protect the data of EU citizens. The GDPR has been retained in UK law as the Data Protection Act 2018 and will continue to be read with technical amendments to ensure it can function in UK law.

Important things that you need to know:

• Your saliva sample will be stored and analysed at a licensed laboratory and biorepository. Your sample will be labelled with a barcode and no personally identifiable information will be shared with this laboratory.
• Upon registration, we will assign you a unique ID which we will use to identify your sample and survey data. Therefore, we will work with pseudonymised data when carrying out analyses.
• Your personal information will be stored securely in a safe haven at the University of Cambridge in a manner that is compliant with school policy, GDPR & DPA 2018.
• Only approved research personnel will have access to your pseudonymised data.