The protection of your data is important to us. This page documents the data we collect from you and what you can do to remove it if you choose to.
Introduction
is the European Union's General Data Protection Regulation. ݮƵis compliant with GDPR as a data Controller and is committed to the highest data privacy and protection standards.
This page is also intended to address privacy concerns under the
Data Collection and Removal
ݮƵcollects the following information when using our platform
- General users: name, email, IP address, phone number
- ݮƵRepresentatives: name, email, IP address, phone number
- Procurement contacts: name, email, phone number
This information is needed to be part of the ݮƵcommunity. To cancel your account and be removed from the community, email wrds-support@wharton.upenn.edu. The information will be removed within 5 business days.
Use of Information
WRDS’ uses user and other information primarily for statistical purposes to identify the dominant areas of interest of users and better prepare future content of the site. The main goal is to constantly improve the value of the site and to protect the security of the entire ݮƵsystem.
Occasionally, ݮƵwill send emails to advise users of additional databases, changes within the site, or information that may be otherwise helpful.
For general users, phone number is only used for 2-factor authentication (2FA).
Data Sharing and Protection
ݮƵdoes not sell personal information to any 3rd party organization. ݮƵshares information with 3rd parties only as needed and described below. ݮƵUsers may access their own database usage history at any time from the Account page. ݮƵrepresentatives at each institution (often a librarian or department chair) are entitled to see database usage from their institution. Data providers are entitled to see aggregate usage information of their own databases, but not personally identifiable details.
ݮƵstaff, in coordination with Wharton Computing and the University of Pennsylvania, conduct security audits of the platform.
The University of Pennsylvania employs a Data Protection Officer who currently has the title “Privacy and Security Officer”.
3rd Parties Receiving Data
Users are advised that information maintained by ݮƵmay be disclosed in connection with judicial or administrative proceedings or if in the sole discretion of ݮƵdisclosure is necessary to protect ݮƵor the Trustees of the University of Pennsylvania.
ݮƵpartners with Cisco for their Duo 2-factor authentication (2FA) product. As a service that confirms identities, by its nature Duo collects information about users. This includes email address, phone number, IP address, device info, and ݮƵuser name - but not first or last name. Cisco is a Data Processor under GDPR and maintains a .