March 19, 2013


  1. Introduction
  2. TRUSTe Certification
  3. Consent
  4. Definitions
  5. Choices You Have about Sharing Information in your ORCID Record
  6. Information We Collect and How We Collect It
  7. How We Use Information We Collect
  8. How We Share Information We Collect
  9. Access, Review, Editing and Changing Data
  10. Transparency, Disputed Records, & Removal of Data
  11. Information Security
  12. International Data Transfer; Governing Law
  13. Enforcement and Arbitration
  14. Children's Privacy
  15. Changes to this Policy
  16. Questions or Concerns


1.0 Introduction

ORCID, Inc. (referred to as “ORCID”, “us” “our” and “we”) is a nonprofit organization whose mission is to solve the name ambiguity problem in scholarly communication by creating and operating an open-access registry (referred to as the "Registry") of persistent unique identifiers for individual researchers, and an open and transparent linking mechanism with other ID schemes and research objects such as publications, grants, and patents.

Researcher privacy is important to ORCID, and we believe that following research community-sanctioned privacy practices is essential to the success of ORCID and the Registry it operates. This Privacy Policy applies to the personal information ORCID collects about you through the Registry and website it operates at the orcid.org URL (the "Website"). Our privacy practices are based on three levels of openness and privacy, which you have the ability to set: public, limited access, and private. These levels are further described in sections 3 (Consent) and 5 (Choices You Have about Sharing Information) of this policy.

Our Website and Registry may contain links to and from sites maintained by third parties. This Privacy Policy does not cover your activities on those sites, any information you may provide to those sites, or information that may be collected about you by those sites.

In this document we use “you” to refer to researchers and other users of the Website and Registry.


2.0 TRUSTe Certification

TRUSTe online privacy certification

ORCID, Inc. has received TRUSTe's Privacy Seal signifying that this privacy statement and our practices have been reviewed for compliance with the TRUSTe program viewable on the validation page available by clicking the TRUSTe seal.

The TRUSTe program covers only information that is collected through this Website, https://orcid.org.

If you have a question about our privacy policy, please contact ORCID at http://orcid.org/help/contact-us. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact TRUSTe at https://feedback-form.truste.com/watchdog/request.


3.0 Consent

By using our Website, and/or by permitting the deposit and/or publication of your personal information on or through the Registry, you agree to the terms of this Privacy Policy. You have the right to add, edit, and delete data and manage privacy settings of your ORCID Record, or you may delegate others to do this for you. To change privacy settings, you may choose the appropriate privacy option using the privacy selector, available next to each item (such as: work, affiliation, email address) in your ORCID Record. More information on privacy settings and the selectors is provided in Section 5.1 (The Privacy Settings). You may contact us at http://orcid.org/help/contact-us any time with questions or concerns.


4.0 Definitions

In addition to the terms Private, Limited Access and Public (described in Section 5.1), we also use the following terms frequently in this Privacy Policy:

  • Member: An organization that has entered into a fee-based Membership Agreement with ORCID.
  • Member Creator: An ORCID Member with a specific employee-employer and/or student-institution relationship with you that has created an ORCID Record (including obtaining an ORCID identifier) on your behalf. Before creating a Record for you, a Member must first warrant to ORCID that is has the authority to do so.
  • Trusted Party: An ORCID Member organization to which you have given the right to view, edit, and/or deposit specific data in your ORCID Record. (For example, you may grant a publisher the right to update information about your publications, or grant a funder the right to read information about grants that is otherwise not viewable by the public through the Registry.)
  • Account Delegate: An Account Delegate is a person to whom you have given the authority to manage your ORCID Record on your behalf, including selecting privacy settings, naming Trusted Parties, and editing and depositing data. Account Delegates must agree to ORCID’s Terms and Conditions of Use. (Also see Section 5.3.)
  • Claim: The process of indicating that an ORCID Record created by a Member Creator refers to you and taking over ownership of the Record Account.

This Privacy Policy focuses primarily on people who have ORCID Records or are considering creating ORCID Records. However, this Privacy Policy also covers your use of the Website and Registry if you are only visiting our Website or searching the Registry. For example, you may be interested in how we track use of our Website and Registry and our use of cookies and other technologies under Section 6.3 and 6.4. Since by using (including searching) our Website and/or Registry, you agree to the terms of this Privacy Policy, we encourage you to review it as well.


5.0 Choices You Have about Sharing Information in your ORCID Record

We are committed to providing you with meaningful choices about your privacy and the ability to control how your information is used. A core ORCID principle is that you control the privacy settings of your own ORCID Record data through various opt-in and opt-out features, regardless of whether you create your own ORCID Record, or an ORCID Record is created on your behalf by a Member Creator. To that end, ORCID allows you the right to control how your information is published on and shared via the ORCID Registry.

5.1 The Privacy Settings

ORCID Records can be created in two ways: by you, or by a Member Creator (see Information Provided by a Third Party).

When you create an ORCID Record, you can choose to make any element (other than the ORCID ID, which is always public) public, available only to a selected groups of Member institutions, or private, as further described in the definitions of public, limited access, and private below.

If a Member Creator creates an ORCID Record on your behalf, the Member Creator selects the initial privacy settings. You will receive an email from ORCID inviting you to Claim the Record. If you do not Claim your Record, the Member Creator may continue to edit and update the Record, name Trusted Parties, and make privacy selections. If you do not initially claim your Record, you can still Claim your Record at any time in the future and take over management of the Record.

5.1.1 PUBLIC ORCID Privacy - PUBLIC Accessible by:
  • Anyone

Data marked as Public will be available to the public for viewing and use. Note that if a Member Creator creates an ORCID Record for you, we will email you and give you a period of time (set forth in the email) to let us know if you object to having your information shared with the public via the Registry. If we do not hear back from you within the given time, we assume that you are comfortable with the selections made by the Member Creator, and will share any data the Member Creator marks as Public through the Registry.
 

5.1.2 LIMITED ACCESS ORCID Privacy - LIMITED Accessible by:
  • ORCID Record owner
  • Account delegates specified by Record owner
  • Trusted organizations

Data marked Limited Access may be viewed through the Registry by you and your designated Account Delegate (if any) or Trusted Parties (if any) (and the Member Creator until you Claim the Record). You can elect to share a field or specific data within a field with Trusted Parties. Trusted Parties will have on-going viewing rights to the specified Limited Access data. At any time, you can elect to terminate viewing access for any Trusted Party on the Account Settings page of your Record. Note that once you give an organization the right to view Limited Access data, ORCID has no control over how the organization uses the Limited Access data, including sharing it with others. Therefore, you should only grant Trusted Party status to those that you trust.
 

5.1.3 PRIVATE ORCID Privacy-PRIVATE Accessible by:
  • ORCID Record owner
  • Account delegates specified by Record owner

Data marked as Private may be viewed through the Registry only by you and any Account Delegate you designate. Private data are not shared with the public, Trusted Parties or other Members of ORCID (except in the case of a Member Creator until you Claim your Record).
 

Only our staff, and our agents’ or contractors’ staff, with a “need to know” to manage the Registry and process data for us are able to view Private and Limited Access Data. See How We Use Information We Collect and Information Security, below.

5.2 Changing Settings

You can change your privacy settings at any time. However, the new settings will only apply after you have made the change. ORCID has no control over uses of data already made available via the Registry or disclosures made in places other than the Registry.

5.3 Account Delegates

You may delegate management of your ORCID Record to an Account Delegate (such as your research administrator or administrative assistant). An Account Delegate can act on your behalf with respect to your ORCID Record, including editing and depositing data, naming Trusted Parties, and designating privacy settings. S/he will have access to all information in your ORCID Record, including Limited Access and Private data. Therefore, you should only grant Account Delegate status to a person you trust. ORCID cannot control how an Account Delegate will interact with your ORCID Record. You may revoke Account Delegate status at any time at the Account Settings page of your Record.

5.4 Claiming Records / Unclaimed Records

If a Member Creator creates an ORCID Record on your behalf, you will receive an email from ORCID inviting you to claim the Record. Until you claim a Record, the Member Creator may continue to make privacy selections with respect to your Record, and edit and update your Record. When you claim a Record and at any time thereafter, you can elect to take over management of your Record, including through an Account Delegate. Any changes you make to privacy settings will override Member Creator settings.


6.0 Information We Collect and How We Collect It

ORCID collects information from users of the Website and Registry in four ways: information you directly give us; information given to us by a third parties; information we collect from your use of the ORCID Website; and information we collect from cookies.

6.1 Information You Give Us

To use certain features of the ORCID Website, users must register with ORCID. Registration requires that you provide us with personal information including your name and email address. You are not required to register with us to use the ORCID Website; however, if you do not register, certain features (e.g., creating an ORCID Record or serving as an Account Delegate) are not available.

If you want to create an ORCID Record (including obtaining an ORCID identifier), you will need to provide ORCID with personal information, including, at minimum, your name and email address. If you want to claim an ORCID Record created on your behalf (see below: Information Provided by a Third Party), you will need to register with ORCID and confirm your name and email address. You may also include certain additional information about yourself in your ORCID Record, such as affiliations, title, education, grants, patents, and publications.

We also collect information from you if you contact the Help Desk, the ORCID Ombudsman or Executive Director, submit a Record Verification Form, or make posts in any online chat rooms, blogs or other public forums offered from time to time on the Website. ORCID may associate your Account information (e.g., name and email address) with these activities.

6.2 Information Provided by a Third Party

A Member Creator may obtain an ORCID identifier and create an ORCID Record for you. In the process, the Member Creator provides ORCID with personal information about you, including at a minimum your name and email address. Before a Member Creator creates an ORCID Record and has an ORCID identifier assigned on your behalf, we ask the entity to represent and warrant that it has the authority and your consent to provide us with information about you, to contact you about the Record, and to distribute certain information in the Record to the public. If the Member Creator does not represent to us that it has your consent to make the data publicly available through the Registry, it must mark the data it deposits as Private, and the information will not be made publicly available unless you change the privacy setting to Public. If the Member Creator creates a Record for you, we will email you and give you a period of time (set forth in the email) to let us know if you object to having any information shared via the Registry; if we do not hear back from you within the given time, we will assume that you comfortable with the privacy selections made by the Member Creator, and will share any data marked as Public by the Record Creator. Please note that Member Creators, not ORCID, determine whether they have the authority and consent to (i) create an ORCID Record on your behalf, and (ii) make certain Record data available to the public based on their internal policies, contracts they may have with you and applicable laws. See Choices You Have About Sharing Information in the ORCID Registry above.

Trusted Parties may deposit information in your Record if you give them the authority to do so. You may provide this authorization on a Member website that has integrated with ORCID, or directly in the ORCID Registry.

Your Account Delegates may deposit information in your Record. You may specifically designate Account Delegates in the ORCID Registry at the Account Settings page of your Record.

6.3 Information ORCID collects from your use of the Website

ORCID will collect information about your use of the Website and Registry. We do this to monitor when and by whom Registry information has been changed, and also to monitor traffic on the Website and Registry. When a visitor accesses our Website or Registry, we collect certain information using web analytics tools, including details about the users, such as the visitor’s IP address, the type and version of the Internet browser that is being used, the site from which the visitor accesses our Website, the type of device being used (e.g. computer, smart phone, tablet), or the screen resolution; and details about usage, including page traffic.

6.4 Information from Cookies and other Technologies

To provide you with a customized and personal service, we may use cookies to store and help track information about you. Cookies are small pieces of data that are sent to your browser from a web server and are stored on your computer’s hard drive. We use cookies to assign an identification number to the device and browser that you are using, and to help you navigate our Website and Registry, for example by saving passwords and preferences so that you don’t have to re-type them each time you visit. We also use cookies to better understand how our users interact with the Website and Registry and use our services.

Some of our service providers also may use cookies on our site. The use of cookies by our service providers is not covered by our privacy policy. We do not have access to or control over these cookies.

Most browsers are initially set to accept cookies, and we assume that if you do not disable cookies you consent to our use of them. However, you are not required to accept cookies to use our Website, although some features may not be available to you or may not function properly if you block cookies. You can control the use of cookies by: setting your browser to notify you when you receive a cookie; setting your browser to refuse to accept cookies; deleting cookies after visiting our Website; and/or browsing our Website or Registry using your browser’s anonymous usage setting (called “Incognito” in Chrome, “InPrivate” in Internet Explorer, and “Private Browsing” in Firefox and Safari).


7.0 How We Use Information We Collect

We use the information we collect to provide the ORCID Website and Registry to the public and to Members:

  • If a Member Creator creates an ORCID Record on your behalf, we will use the email address they provide to contact you to Claim your Record.
  • If you have an ORCID Record we may use your email address to contact you with requests from Members to deposit or edit information in your ORCID Record. We may also contact you about your use of the ORCID Website and Registry.
  • We will use personal information to contact you with service messages related to or affecting your ORCID Account, including, without limitation: changes to privacy policy or functionality that affects how a user manages privacy; changes to terms and conditions; changes to registration procedures or fields included; any change in the type of information collected.
  • We will also use personal information to send you newsletters, special offers, promotions and other information about ORCID. You may subscribe during the registration process or at http://orcid.org/newsletter/subscriptions
    ORCID Email Opt out
    You may opt-out of receiving these messages by unchecking the box as you register. You may unsubscribe at http://orcid.org/newsletter/subscriptions, by changing your email preferences in your Account Settings, or by clicking on the unsubscribe message included in each newsletter. Please note that we reserve the right to notify you about changes or updates to your ORCID Account and the registry as described in the preceding paragraph.
  • We use the information we collect to operate, protect, evaluate and improve the ORCID Website and Registry, its features, and ORCID operations generally. Note that this use includes Private and Limited Access data; for example, we may use such data for disambiguation or to resolve any disputes about identity and Records.
  • We also use the information we collect about when and by whom information was deposited in your ORCID Record to help verify questions you have about your Record or resolve any disputes about the accuracy of information in a Record.


8.0 How We Share Information We Collect

Except as set forth in this in this Privacy Policy, or as required by law, ORCID does not share any non-public information about you with other parties. For example, we do not share your information with Members except as set forth herein, and we do not sell your information to marketers, advertisers or other entities.

8.1 With the Public & Members

The Registry

In addition to ORCID’s commitment to giving Record holders control over their ORCID Records, ORCID seeks to support open access to information for the research community. ORCID shares with the public free of charge any data marked as Public through the Registry for viewing and use.

Your designated Account Delegates have access to all of your Record information (other than user name and password) including data marked as Limited Access and Private. Your designated Trusted Parties are able to view your Public data and the Limited Access data you have approved sharing.

If there is a dispute regarding data in your Record, we may share your email address with your permission and relevant deposit history (e.g., what data was deposited by whom) with the disputing or depositing party or a third party dispute resolution agent, so that the dispute may be resolved.

Our Terms and Conditions of Use (for individuals) and our Membership Agreement (for Members) state that individual data Records may not be used in any manner that is defamatory or misleading; cannot be modified so as to make them false, incomplete, or misleading; are subject to your rights of publicity; and if any person or entity uses the data for marketing purposes, they must give you the right to opt-out of such communications. Although we post this notice, ORCID does not undertake the responsibility to police third party uses of data. If you object to a third-party use of your data, you should contact and make a complaint directly to the third party.

The Public Data File

In addition, annually, ORCID will release to the public a downloadable data file, the “Public Data File”, containing all Public data from ORCID Records created or Claimed by individuals. The public will have free access to the data for viewing and use. ORCID is releasing the Public Data File under a CC0 1.0 Public Domain Dedication developed by Creative Commons, in which ORCID waives all copyright and related rights it owns in the Public Data File to the extent permitted by law. Accordingly, ORCID does not impose restrictions or conditions (including those contained in the Terms and Conditions of Use and the Membership Agreement) on use of the Public Data File, but it has posted recommended community norms for use. ORCID is sharing the Public Data File to ensure that all scholarly communication stakeholders, including organizations that are not Members of ORCID, have broad access to what we hope becomes a vital part of the scholarly communication infrastructure.

8.2 With our Vendors

We may share your information with agents or contractors (for example, a vendor may host ORCID’s servers, and a vendor may process invoices and credit card payments from Members), but only on a “need to know” basis to help us operate ORCID, the Registry and the Website, and only if the vendor signs a written agreement which requires it to maintain the confidentiality and security of your information and not to use it for other purposes.

8.3 Commercial Use of Data

ORCID’s Terms of Use for the Registry bar the following re-uses of ORCID Data:

  • Users of the Registry may not use the email or physical addresses obtained from the Registry to send any marketing or other commercial communication to anyone, unless they give the person the right to opt-out of such communications.
  • Users may not use any Record Data to send junk mail, spam, chain letters, pyramid schemes, or other similar communications.

Because the Public Data File is released under a CC0 Waiver, we cannot impose any restrictions on use; however we do suggest that people follow community norms in using the Public Data File as well. ORCID does not otherwise limit commercial use of Public Data by third parties or of Limited Access Data by entities to which you (or a Account Delegate) gives access. You can block commercial re-use of any data by marking it Private.

8.4 Other
  • Aggregated Data: We may share aggregated usage data with our Members or others in the research community or publish information based on aggregated usage data so Members and others can understand how the ORCID Registry is being used. We will only do so in a way that your personal identity is protected.
  • Legal Reasons: If (a) required by law, public safety or public policy, or we are served with a warrant, court order, or subpoena; or (b) we need to defend against legal claims, we may provide your information, including Limited Access and Private data to regulators, enforcement agents, government entities, or others making claims against us. We will provide information about any government data requests received and Accounts affected to the extent allowed. We may also share your information, including Limited Access and Private data, to enforce our Terms and Conditions of Use and Membership Agreements (including investigation of potential violations).

If ORCID is involved in a merger, consolidation, acquisition, asset sale or other corporate restructuring, we will give Record Holders notice (by posting on the ORCID Website), and the option to opt-out of the transfer, before Limited Access and Private Data is transferred or becomes subject to a different privacy policy.


9.0 Access, Review, Editing and Changing Data

You may review, delete, and edit information in your ORCID Record and change preferences. Please note that changes will be applied prospectively. For example, if you change a privacy setting from Public to Private, or Limited Access, there is no way to stop people who have previously viewed or downloaded the Public data from using it.

  • You may review information about you and change your privacy settings in your ORCID Record by logging into your ORCID Record. If you think that any information in your Record is wrong, we strive to give you ways to update it quickly or delete it, subject to legitimate business or legal purposes, including the Dispute Procedure outlined below in Transparency, Disputed Records and Removal of Data.
  • You may choose to disable your ORCID Record in the Registry by deactivating the Account from the Account Settings page of your Record. In the event that an ORCID Record is disabled, we will maintain as Private your name and email address, so as not to assign the same identifier to another person and to allow you to re-claim your identifier in the future.
  • You may make yourself “invisible” to the public by marking all fields other than the ORCID identifier Private.
  • You may revoke Trusted Party or Account Delegate status at any time using the Account Settings page.
  • You may update your password, email, and notifications preferences at any time using the Account Settings page.

Records of Deceased Persons

The Record/Account of a deceased person is maintained as-is, according to the following:

  • Record data, privacy settings, Account Delegate, and Trusted Party designations of the ORCID Record remain as set by the Record owner before death.
  • If the Record owner selected one or more Account Delegates, the Delegates may continue to manage the record as per the Record owner's wishes.
  • Any current Trusted Parties may still write/access the record according to the settings at the time the record is frozen. However, Account Delegates (if they exist) may affect these settings as outlined previously.
  • A person who has assumed management of the deceased researcher’s email account may request that all email from ORCID to the researcher be turned off.
  • Posthumous publications may be added to the ORCID Record only if arrangements had been made prior to death (e.g., one or more Account Delegates were assigned who add the publication(s), and/or a Trusted Party relationship had been made that would allow for the addition of the publication(s) without further action.)
  • No indication is made by ORCID to highlight Records of deceased persons, though Account Delegates, at their discretion, could use existing fields to provide this detail, if desired, for example, including such information in the biography field, or after the person’s name.
  • If ORCID is contacted to remove or correct a Record for someone who is deceased, the requestor will be referred to the Record's Account Delegate(s) (if any), or, if needed, the request will be handled according to ORCID’s established Dispute Procedure described in Section 10.


10.0 Transparency, Disputed Records, & Removal of Data

To ensure the transparency of the ORCID Registry, we keep an audit trail of when and by whom Registry information has been deposited or changed and any changes to privacy settings. ORCID will use this information to assist you in addressing concerns about the provenance of data in the Registry and questions about identity ambiguity or theft. If you have a concern about the accuracy of data in your ORCID Record or another ORCID Record, please submit a ticket to our Help Desk. We will review your concerns in accordance our Dispute Procedure. ORCID reserves the right (but shall not be required) to remove or hide from the Registry and its servers any Record data that violates the privacy, publicity or other rights of any person, is the subject of a dispute, or for any other good cause, including without limitation, in any situation in which ORCID is advised by legal counsel that the retention or public availability of such data poses a legal risk to ORCID.

We will retain your information for as long as your Account is active, or as needed to provide you services, including reactivation. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.


11.0 Information Security

We are committed to protecting the Registry and our users from unauthorized access to or unauthorized alteration, disclosure or destruction of personal information in the ORCID Registry or which we otherwise hold. For example:

  • We store information about you in a data center with restricted access, and we use a variety of technical security measures to secure your data. We also use secure socket layer (SSL technology) and intrusion detection and virus protection software.
  • Data are stored on servers which are not accessible via the Internet.
  • We periodically review our information collection, storage and processing practices, including physical security measures.
  • We restrict access to information marked as Private or Limited Access or which is otherwise not public to ORCID employees, contractors and agents who need to know that information to manage the ORCID Registry and process such data for us, and who are subject to confidentiality obligations.
  • All passwords are hashed and are not visible to ORCID, its contractors or agents, or even you.

Despite these measures, we cannot guarantee that unauthorized persons will not be able to hack our system or otherwise defeat our security measures.

Your access to some of our services and content may be password protected. To maintain the security of your information (or information in another person’s ORCID Record that you are authorized to view), please keep your username(s) and password(s) strictly confidential and do not disclose them to anyone. We also recommend that you sign out of your Account or service at the end of each session. You may also wish to close your browser window when you have finished your work, especially if you share a computer with someone else or are using a computer in a public place. You will be solely responsible for any action, activities, and access to our Website and Registry that were taken through your username and password, and that occurred before you notified us of their loss.


12.0 International Data Transfer; Governing Law

Note that we may store and process personal information on servers or on a cloud located outside of the country where you originally deposited the data. The data protection laws of the country or countries where this personal information will be stored or processed might not be as comprehensive as those in your country. However, be assured that we take steps to ensure that your privacy is protected. Regardless of where we store and process data, we take steps to protect your information, consistent with the principles set forth in this Privacy Policy, which are intended to comply with the Safe Harbor Principles issued by the U.S. Department of Commerce for data transfers from the European Union and Switzerland to the United States.

As a not-for-profit organization, we are not subject to the jurisdiction of the United States Federal Trade Commission, which oversees the implementation of Safe Harbor Principles. Consequently, ORCID is not able to self-certify compliance on the US Department of Commerce Safe Harbor List. However, we engage in an annual certification process to verify that our privacy policy is accurate and in conformity with the Safe Harbor Principles.

This Privacy Policy shall be governed by the laws of the State of New York (United States), excluding New York’s conflict of interest rules. By using our Website or Registry, or permitting the deposit and/or publication of personal information on or through the Registry, you agree that (i) your personal information may be transferred to our facilities and those of the third parties with whom we share it as described in this Privacy Policy and (ii) any claims of any kind that you have regarding this Privacy Policy and our use and sharing of data shall be resolved in accordance with the procedures set forth in Section 13.


13.0 Enforcement and Arbitration

We engage in periodic self-assessment and annual external review by TRUSTe to ensure compliance with our Privacy Policy. TRUSTe certifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and in conformity with the Safe Harbor Principles.

If you have any concerns or claims with respect to our Privacy Policy, please contact us as indicated in Questions/Concerns. We will investigate and attempt to resolve any complaints and disputes regarding our use and disclosure of personal information. If you have questions or concerns about the accuracy of data in your or another person’s Record, please submit a ticket to our Help Desk and we will review your request in accordance with our Dispute Procedures. Please see Transparency, Disputed Records, & Removal of Data.

If the complaint or dispute cannot be resolved through our internal process, and ORCID does not adequately respond to your question, please contact TRUSTe at https://feedback-form.truste.com/watchdog/request.

If you are not able to resolve your concerns through ORCID’s internal mechanism or through TRUSTe, arbitration as set forth in this paragraph will be your final and exclusive recourse for dispute resolution. If arbitration is necessary, it will be conducted by telephone and email, and if it must be done in person, it will be conducted in New York, NY, and each party consents to such jurisdiction. The arbitration will be conducted by one arbitrator member of the American Arbitration Association, and under the rules of commercial arbitration of the American Arbitration Association. Both parties will bear equally the cost of arbitration (exclusive of legal fees and expenses). All decisions of the arbitrator(s) will be final and binding on both parties and enforceable in any court of competent jurisdiction. The arbitration panel should apply New York law, without regard to its conflict of laws principles. In addition, in the case of any disputes involving data transfers from outside the United States, the arbitration panel shall also apply the Safe Harbor Enforcement Principles issued by the U.S. Department of Commerce, without transferring the dispute to any other entity or jurisdiction for resolution.


14.0 Children's Privacy

ORCID provides general audience Website and does not offer services directed to children. Should a child whom we know to be under 13 send personal information to us, we will delete that information immediately. Parents may also contact us through our Contact Us form to request removal of any personal information about a minor.


15.0 Changes to this Policy

We may change our Privacy Policy from time to time. We will post any changes to this Privacy Policy on this page. Your continued use of the Website and/or Registry will be deemed conclusive acceptance of modifications. Please check this Privacy Policy from time to time for changes. We will not reduce your rights under this Privacy Policy with respect to data previously deposited without your consent. If in our discretion we think that any changes are significant, we will take additional steps to inform you (for example, by posting a notice of changes on our Website and/or Registry homepage and/or by sending you an email to inform of such changes) prior to the change becoming effective and obtain your consent through an opt-in mechanism (for example, by having you agree to the changes the next time you log onto the Website or clicking an “I consent” button on an email).


16.0 Questions or Concerns

If you have any additional questions or concerns about this Privacy Policy or our practices, please contact ORCID at ombud@orcid.org or by writing to Executive Director, ORCID Inc., 10411 Motor City Drive, Suite 750, Bethesda MD 20817, USA.