Privacy Policy

MC1R Data Foundation

Last updated: July 2025

1. Introduction

The MC1R Data Foundation ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, participate in our research studies, or interact with our services.

This policy is designed to comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our services, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Name and contact information (email address, mailing address)
  • Demographic information (age, location, skin type)
  • Research participation data (survey responses, product reviews)
  • Technical information (IP address, browser type, device information)
  • Communication preferences and consent records

2.2 Research Data

For participants in our research studies, we collect:

  • Self-reported health and skincare information
  • Product usage and preference data
  • Survey responses and feedback
  • Optional images (with explicit consent)
  • De-identified research data for analysis

2.3 Automatically Collected Information

When you visit our website, we automatically collect:

  • Log data (pages visited, time spent, links clicked)
  • Device information (operating system, browser version)
  • Location data (country/region level only)
  • Cookies and similar tracking technologies

3. How We Use Your Information

Research and Development

To conduct research studies, analyze data, and develop improved products and services for the redhead and MC1R-expressive community.

Communication

To send you updates about our research, new studies, and relevant information about sun protection and skincare.

Website Improvement

To analyze website usage, improve user experience, and optimize our services.

Legal Compliance

To comply with legal obligations, protect our rights, and ensure the security of our services.

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

  • Research Partners: De-identified data may be shared with academic researchers and product developers for research purposes
  • Service Providers: With trusted third-party service providers who assist us in operating our website and conducting research
  • Legal Requirements: When required by law or to protect our rights and safety
  • Consent: With your explicit consent for specific purposes

5. Your Rights Under GDPR

Right to Access

Request a copy of your personal data and information about how we process it.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data in certain circumstances.

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing of your data for specific purposes.

Right to Withdraw Consent

Withdraw consent for data processing at any time.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Staff training on data protection practices
  • Incident response procedures

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Specifically:

  • Research Data: Retained for the duration of the research project plus 10 years for scientific integrity
  • Contact Information: Retained until you withdraw consent or request deletion
  • Website Analytics: Retained for 2 years
  • Legal Records: Retained as required by applicable law

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website. You can control cookie settings through your browser preferences.

Essential Cookies

Required for website functionality and security.

Analytics Cookies

Help us understand how visitors use our website.

Preference Cookies

Remember your settings and preferences.

9. International Data Transfers

Your personal information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards, including:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions for certain countries
  • Other appropriate safeguards as required by law

10. Children's Privacy

Our services are not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@gingerscience.org
Address: MC1R Data Foundation
Subject Line: Privacy Policy Inquiry

You also have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns adequately.