Privacy Policy

Who we are

The Coupled Model Intercomparison Project IPO ‘CMIP IPO’, who manage this website, is staffed by HE Space Operations Limited under contract to the European Space Agency, the CMIP IPO host institution. HE Space Operations Limited is the responsible legal entity and their privacy policy can be found here.

CMIP processes personal data for a variety of reasons, including to conduct its research and to tell you about its research. CMIP will process your personal data in accordance with all applicable laws, including the UK and EU General Data Protection Regulations (GDPR) and the Data Protection Act 2018 (DPA).

What is personal data?

The term ‘personal data’ means any information relating to you that identifies you, or through which you can be identified, directly or indirectly. In particular, by reference to an identifier such as a name, an identification number, location data, or an online identifier or to one or more factors specific to you physical, physiological, genetic, mental, economic, cultural or social identity.

The purpose of this Privacy Notice

The purpose of this Privacy Notice is to let you know how we process your Personal Data when you visit our website, or get involved with us. This Privacy Notice therefore explains what Personal Data we collect from you and how we collect, use, store and disclose it. This Privacy Notice also contains information about your rights under applicable data protection legislation.

We are committed to compliance with data protection laws. We believe that ensuring data protection compliance is the foundation of trustworthy business relationships.

It is important that you read this Privacy Notice together with any other Privacy Notice we provide on specific occasions when we are collecting or processing Personal Data about you so that you are fully aware of how and why we are using your data. This Privacy Notice supplements the other notices and is not intended to override them.

How do we collect your personal data?

Most of the personal data we process is provided to use directly by you, for one of the following reasons:

Comments

When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

You can find out more about our use of cookies by reading our Cookie Policy.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Applications

If you make an application to us the applications will be collected by CMIP IPO for the panels we provide secretariat support to, to review. These include CMIP Panel, WGCM Infrastructure Panel and the obs4MIPs Panel.  Applications collated by CMIP IPO will also be shared with ESMO IPO and selection committees made up of named representatives of ESMO’s Scientific Steering Group and/or Working Groups in accordance with the appointing panel’s Terms of Reference.  Applications will also be shared with the World Climate Research Programme Secretariat and, if requested, members of the Joint Scientific Council. If you are a member involved in shortlisting, you can refer to the ESMO SSG for arbitration. If such a referral is made, your personal data will be shared with the ESMO IPO and SSG for arbitration purposes.

These applications will contain data about you that we need in order to process your application and reach a decision.

Who we share your data with

  • If you request a password reset, your IP address will be included in the reset email.
  • Personal data will be processed and retained only for the purpose for which it was collected. 
  • Personal data will not be published, sold, or made available for general access or to other third parties.
  • We shall only share personal data with other third parties if explicit consent has been obtained. This includes with our third-party suppliers such as Airtable, and its other associated integrations, and other third parties to carry out our functions.
  • Personal data will not be shared with third parties for marketing purposes. 

Your data may be processed using Artificial Intelligence, when signing up to our newsletter, or getting involved in the work that we do.

If you have any questions relating to the processing of your personal data, please contact 

Our legal basis for processing your data

The UK and EU GDPR, requires that a controller must have a legal basis for processing personal data. Our legal basis for processing may include:

How long we retain your data

We shall not keep your personal data for longer than it is necessary for the stated purposes except to the extent required by law, and in accordance with our Retention Schedule. The length of time data is held will depend on the purpose it was collected for and the personal data collected.

If you leave a comment on this website, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

You have rights under the data protection legislation and, subject to certain legal exemptions, we must comply when you inform us that you wish to exercise these rights. There is no charge, unless your requests are manifestly unfounded or excessive. In such circumstances, we may make a reasonable charge or decline to act on your request. Before we action your request, we may ask you for proof of your identity. Once in receipt of this, we will process the request without undue delay and within one calendar month. In order to exercise your rights please contact .

You can contact us if you wish to complain about how we collect, store and use your Personal Data. It is our goal to provide the best possible remedy with regard to your complaints.

However, if you are not satisfied with our answer, you can also contact the relevant competent supervisory authority. In the UK, the relevant supervisory authority is the ICO, contact details of which can be found below.

Your rights in connection with personal information are set out below:

Subject Access Request – You have a right to receive a copy of all the Personal Data we hold about you.

Rectification – If any of the Personal Data we hold about you is incomplete or inaccurate, you have a right to have it corrected.

Erasure – This is also known as the “right to be forgotten”. You have a right to ask us to delete your Personal Data where there is no good reason for us continuing to process it. However, certain criteria apply and if we have a legitimate reason to continue processing your personal data, we will not be legally required to delete it.

Objection – You have a right to object where we are relying on legitimate interests as our legal basis for processing your Personal Data but, in certain circumstances we may be able to continue with the processing. For example, if we have compelling legitimate grounds which override your interests, rights and freedoms or your personal information is needed for the establishment, exercise or defence of legal claims. However, you have an absolute right to object to us processing your Personal Data for direct marketing purposes. 

Restriction – You have a right to ask us to restrict the processing of your Personal Data in certain circumstances. For example, you may require us to suspend processing information about you whilst checks are made to ensure it is accurate.

Portability – You have the right to ask us to transfer any Personal Data you have provided to us to another party, subject to certain criteria being satisfied. We will provide this Personal Data in a structured, commonly used and machine-readable format.

Right to withdraw consent – If you have given us your consent for the processing of your Personal Data, you can withdraw this at any time. Please note, the withdrawal has no effect on the legality of the data processing carried out in the past on the basis of your consent. To exercise your right to withdraw consent contact us at .  

Right to complain – If you are unhappy with the way in which your personal information has been or is being processed, you have the right to make a complaint about it to the Information Commissioner’s Office (ICO).They can be contacted at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF (www.ico.org.uk).

You can contact us at any time at  if you have further questions about the issue of privacy and data protection.

Where your data is sent/international transfers of data

Visitor comments may be checked through an automated spam detection service.

To provide our services, we may need to share your personal data with third parties and suppliers outside the European Economic Area (the “EEA”), including those in the United States.  If we do this, we will ensure your personal data receives the same protection as if it were being processed inside the EEA. For example, our contracts with our suppliers stipulate the standards they must follow to process personal data. 

We currently implement the following safeguards to protect your personal data:

  • Encrypting data when in transit.
  • Implementing standard contractual clauses (SCCs), as approved by the European Commission.

Ensuring those in the US are certified under the EU-US Data Privacy Framework. If not, other safeguards will be utilised such as SCCs.

Mailing lists

Personal data collected by our mailing lists may include:

  • Name
  • Email
  • Affiliation
  • Gender (for diversity monitoring)
  • Country

The data collected from mailing list registration forms by the CMIP IPO will be stored only for as long as is necessary for the purpose for which it was collected. However, your data will be automatically deleted on closure of the CMIP-IPO project at ESA, scheduled for 28th February 2027. Personal data will only be shared and handled with the CMIP Panel, WGCM Infrastructure Panel (WIP) and WCRP secretariat. If information we have about you is inaccurate, out of date or incomplete you have the right to have it rectified. For this, and any other requests, concerns, or questions regarding this notice please contact the CMIP IPO, or the HE Space Data Protection Officer Raluca Popescu (HE Space Operations B.V., Tel.: +31 71 341 7514, Email: ).

Marketing

With your consent we may contact you via email and/or phone to promote or inform you about our services. If you have provided consent, we may also contact you to promote services provided by third parties. Where we are legally required to obtain your consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.

Where we contact you for direct marketing purposes, we will comply with the requirements set out in the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).

To start or stop receiving marketing information from us, simply contact us at .

CMIP Internal Community members

The CMIP Internal Community is defined as members of the CMIP Panel, WIP, Task Teams, Fresh Eyes on CMIP, and other CMIP Working Groups. Personal data collected for our Internal Community may include:

  • Name
  • Email
  • Affiliation
  • Gender (for diversity monitoring)
  • Country

Internal community members’ data is held securely by the CMIP International Project Office (IPO). Your data will be automatically deleted on closure of the CMIP IPO project at ESA, scheduled for 28th February 2027. Any personal data will only be shared and handled within the CMIP Internal Community and WCRP Secretariat. If information we have about you is inaccurate, out of date, or incomplete, you have the right to have it rectified. For any requests, concerns, or questions regarding this notice please contact .

Applications, surveys, events, and other forms on this website

The section summarises the privacy policy for data collected by the CMIP IPO for any applications, surveys, or forms on this website.

Personal data collected may include:

  • Name
  • Email
  • Affiliation
  • Gender (for diversity monitoring)
  • Country
  • Nationality (for diversity monitoring)
  • Job title (for diversity monitoring)
  • Headshot photo (for advertising purposes)

The data collected is processed and held securely by the CMIP International Project Office (IPO). Your data will be automatically deleted on closure of the CMIP IPO project at ESA, scheduled for 28th February 2027. Any personal data provided will only be shared and handled where necessary, for example for the purposes of review and selection. If information we have about you is inaccurate, out of date, or incomplete, you have the right to have it rectified. For any requests, concerns, or questions regarding this notice please contact .

The Data Protection Principles

We will comply with the EU GDPR, UK GDPR and the DPA 2018. Article 5 of the UK and EU GDPR contains the data protection principles, which require that Personal Data shall be:

  • Processed lawfully, fairly and in a transparent way.
  • Collected for specified, explicit and legitimate purposes and not used in any way that is incompatible with those purposes.
  • Adequate, relevant and limited to what is necessary.
  • Accurate and, where necessary, kept up to date.
  • Kept for no longer than is necessary for the purposes we have told you about.
  • Kept securely.

We operate according to the principles of the UK/EU GDPR, regardless of the location of the data subject.

Privacy policy updates

This privacy notice may be updated occasionally. This version was last updated on 08/08/2024.

To top
On this Page