CENTER FOR OPEN SCIENCE, INC.
Center for Open Science, Inc. (referred to as "COS", "Open Science Framework", "OSF", "us" "our" and "we") is a nonprofit organization that operates certain websites at the cos.io (or centerforopenscience.org) and the osf.io (or openscienceframework.org) URLs ("Websites" or "Services"). COS conducts research on scientific practices and provides grants for relevant projects. COS fosters an open and interactive community among open source developers, open science researchers, and the broader scientific community. We also support and improve the scientific workflow by connecting technologies that researchers use by means of our development and administration of the Open Science Framework.
In this document, we use "you" to refer to researchers and other users of our Websites and Services. We do not collect any personally identifiable information about you when you visit our Websites unless you choose to provide us with that information. We do not collect information from you for commercial marketing or any other purpose unrelated to our purpose.
COS is committed to protecting the privacy needs of children. COS does not intentionally collect information from children under the age of 13, and COS does not target its sites to children. Only persons who are more than 18 years old or an emancipated minor may use our Websites and Services. By accessing our Websites and Services, you are legally acknowledging that you are over the age of 18 or an emancipated minor. If you are under the age of 18, you don't have the legal right to access our Websites and Services.
CALIFORNIA SHINE THE LIGHT LAW
California residents who provide personal information in obtaining products or services for personal, family or household use are entitled to request and obtain from us, once per calendar year, information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year. To obtain this information, please email us at email@example.com with the subject line "Request for California Privacy Information", we will send you a reply e-mail containing the requested information. Not all information sharing is covered by the "Shine the Light" requirements and only information on covered sharing will be included in our response.
We have implemented industry-standard security safeguards designed to protect the personal information that you may provide. We also periodically monitor our system for possible vulnerabilities and attacks, consistent with industry standards. You should be aware, however, that since the Internet is not a 100% secure environment, we cannot ensure or warrant the security of any information that you submit to the site. There's also no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It's your responsibility to protect the security and integrity of your account details, including your username and password. To maintain the security of your information (or another user's personal information that you are authorized to manage as an Administrator), you must keep your username(s) and password(s) strictly confidential and not disclose them to anyone. You will be solely responsible for any action, activities, and access to our Websites and Services that are taken using your username and password and that occurred before you notified us of their loss. If you become aware of any security breach of your password or of the security of the Websites or Services, you must contact us as soon as possible at firstname.lastname@example.org.
TYPES OF INFORMATION WE COLLECT
Unless you are a member of the general public with limited viewing rights, in order to fully use the COS Websites and Services, you will need to create an account by providing us with at least your name, email address, and a password. You can choose to provide other information about yourself in your account profile during the registration process (for example, your organizational or company affiliation, your level of education, location, your job title, professional experience, professional affiliations and memberships, etc.). This information that you voluntarily provide may be seen by other users who view your profile.
(b) Group Participation.
We may collect information when you use our Websites, such as when you join and participate in any group, participate in any polls or surveys, or otherwise interact with other users within the community.
(c) Non-Personal Information.
Non-personal information is data about usage and service operation that is not directly associated with a specific personal identity COS may collect, analyze, and share aggregated non-personal information to evaluate how visitors use our Websites and Services.
(d) Aggregate Information.
COS may collect aggregate information, which refers to information your computer automatically provides us and that cannot be tied back to you as a specific individual. This information can be shared with third parties without restriction. Examples include referral data (the sites you visited just before and just after our site), the pages viewed, the date of your visit, time spent at our Websites, and your Internet Protocol (IP) addresses. An IP address is a number that is automatically assigned to your computer whenever you access the Internet. For example, when you request a page from one of our sites, our servers log your IP address to create aggregate reports on user demographics, traffic patterns, metascience, and for purposes of system administration.
(e) Log Files and IP Addresses.
We may collect information from the devices and networks that you use to visit the Websites in order to help improve the services we provide. Every time you request or download a file from the site, COS may store data about these events and your IP address in a log file. We may use this information to analyze trends, administer the site, track users' movements, and gather broad demographic information for aggregate use or for other business purposes. When you access or leave our Websites by clicking on a hyperlink, we receive the URL from the site from which you last visited or the one to which you're directed. We may receive the Internet Protocol ("IP") address of your computer or proxy server used to access the site, your operating system, the type of browser you used, and the type of device and/or operating system you use, the Application Programming Interface ("API") you use, or your mobile device carrier or your ISP. We also may receive location data passed to us from third-party services or GPS-enabled devices that you have set up in order to customize your experience based on location information.
(g) Web Beacons.
(h) New Technologies.
As new technologies emerge, COS may be able to improve our services or provide you with new ones, which means that COS may create new ways to collect information on our Websites. If we offer a new service or new features to our existing Websites, for example, these changes may result in our collecting new information in order to improve your user experience.
COS ADMINISTRATORS AND MODERATORS
LINKS TO THIRD-PARTY SITES AND SERVICES
We may receive information when you use your account to log into a third-party site or application in order to recommend tailored information to you and to improve your user experience on our Websites. We may provide reports containing aggregated impression information to third parties to measure Internet traffic and usage patterns.
(a) Project. A "Project" is an individual or collaborative enterprise that also may have oversight and control over smaller component(s) of the Project.
(e) Proxy. A Proxy is a person to whom the Administrator has granted the authority to manage a Project or Project component on his or her behalf, which may including setting and modifying user access, privacy settings, license terms, and editing and depositing Content.
(f) Contributing User. A Contributing User may access, deposit, and edit Content to a Project or a Project component.
(g) Active User. An Active User may have select interactive use of the COS Websites and Services, subject to restrictions imposed by the Administrator.
(h) Passive User. A passive user, including journal editors/reviewers, other scientists, and members of the general public, may use the COS Websites and Services solely as an information resource without any ability to change or modify any Project content.
(i) Public API. An application program interface available to the public to facilitate computer communication with OSF. COS Websites and Services are accessible via various Public APIs, including but not limited to, GitHub, Twitter, Facebook, YouTube, Google Scholar and Google Groups, and LinkedIn.
(j) Privacy Settings. Privacy Settings define whether Project Content may be publicly displayed, displayed with restricted access to a limited group, or private.
(k) Trusted Party. A Trusted Party is an individual or organization to which the Administrator has given the right to view, edit, and/or deposit specific data within a Project or Project component.
Projects and Project components can be created by an Administrator. The Administrator may choose whether to designate and make Content public, limited access or private. If an Administrator wishes to send you an invitation to participate in a Project or Project component, the Administrator or COS will send you an email. Once you accept the invitation, your personal profile information may be made available to others collaborating on the Project, subject to the specific privacy access restrictions imposed by the Administrator of your Project.
(a) Public. Content originally designated by the Administrator as "Public" will be available to the public. If you accept an invitation to participate in a Project, your personal profile information may be shared with the general public.
(b) Limited Access. Content marked as "Limited Access" may be viewed through our Websites and Services by the Project Administrator, a Proxy, a Contributing User, an Active or Passive User, and a Trusted Party, subject to the restrictions imposed by the Administrator.
(c) Private. Content marked as "Private" may be viewed only by those specifically designated by the Administrator.
If an Administrator changes the privacy settings of a Project, those changes will be applied prospectively. For example, if an Administrator changes a privacy setting from "Public" to "Private" or "Limited Access", there is no way for COS to restrict people who have previously viewed or downloaded the previously publicly accessible Content from using it.
HOW WE USE YOUR PERSONAL INFORMATION
(a) Consent to COS to Use Personal Information.
COS may use personal information you supply to provide services that support the activities of the organization, its members, and their collaboration on Projects. When accessing the Websites, your personal user information may be tracked by COS in order to support collaboration, ensure authorized access, and enable communication between collaborators.
(b) Communications from COS.
We use the information you provide to customize your experience on the site. We may communicate with you using email or other means available to us regarding the availability of services, service-related issues, or announcements that we believe may be of interest to you. We may, for example, send you welcome messages and emails regarding new features or services, and promotional information from COS. You may opt out of receiving promotional messages from COS by following the instructions contained in the email. As long as you're a registered user, however, you can't opt out of receiving service messages from us. COS may also use personal information in order to customize content on the site to you, such as news relevant to you or to your industry or company.
(c) Communications from Others.
Personal contact information may be provided to other members of a Project on a secure site to encourage and facilitate collaboration, research, and the free exchange of information. Please remember that any information (including personal information) that you disclose on the public sections of our Websites, such as forums, message boards, and news groups, becomes public information that others may collect, circulate, and use. Because we cannot and do not control the acts of others, you should exercise caution when deciding to disclose information about yourself or others in public forums such as these.
(d) Sharing Information with Third Parties.
Information you put on your profile and any messages or comments you post on the public areas of our Websites may be seen by others. In keeping with our open process, COS may maintain publicly accessible archives of Projects for which the privacy level is designated as or amended to "Public" by the Administrator. In addition, should you post a comment or send an email to any of COS's hosted mail lists or discussion forums, subscribe to one of our newsletters or register for one of our public meetings, your email address may become part of the publicly accessible archives.
Information on our Websites may result in display of some of your personal information outside of COS. For example, when you post messages or comments that are open for public review and/or discussion, your profile information, including your name as the contributor and your email address, may be displayed in public search engine results. Similarly, if you post to public areas of our Websites using a Public API such as Twitter, Facebook, or Google Groups, your account profiles associated with these third party products may be displayed to the public. Your public profile also may be indexed and displayed through public search engines when someone searches for your name on our Websites.
YOUR OPT-OUT OPTIONS
You may access, modify, correct, or delete your personal information controlled by COS regarding your profile, and you may close your account. You can also contact us for any account information which is not on your profile or readily accessible to you. If you close your account, some or all of your profile information may continue to remain visible on the Websites.
You should be aware that information that you've shared with others or that others have copied may also remain visible after you have closed your account or deleted the information from your own profile. In addition, you may not be able to access, correct, or eliminate any information about you that other users have copied or exported out of the Websites, because this information may not be in our organization's control. Your public profile may be displayed in search engine results.
From time to time COS may email you electronic newsletters, announcements, surveys or other information unrelated to any Project. If you prefer not to receive any or all of these communications, you may opt out by following the directions provided within the electronic newsletters and announcements. COS also may conduct polls and surveys of our users, and your participation in this type of research is at your sole discretion. COS may follow up with you regarding your participation in this research. You may at any time opt out of participating in these polls and surveys.
Further, COS may send you occasional Service-related emails that you may not opt-out of (e.g. changes or updates to features of our Services that have security or privacy implications, technical and security notices, account verification).