Terms and conditions for the use of data in Symplectic Elements

1. The User shall use the data held in SE only for the purpose of research administration, in accordance with the role assigned to them by their department or division.

2. Research Services retains the right to reuse the information within the system, for training, documentation and reporting purposes without explicit consent from account holders.

3. The User shall process any personal data (including any sensitive personal data) held in Symplectic Elements in accordance with the requirements of the General Data Protection Regulation (GDPR) and the University’s data protection policy and guidelines from time to time in force. 

4. The User shall not disclose (verbally or in writing) any data held in SE to any unauthorised person. Unauthorised persons may include colleagues and other staff of the University, including other Symplectic Elements users who may not have authority to access particular types of data. Data shall be disclosed only to those with a legitimate need to use it.

5. In handling the data held in SE, the User shall comply with the University’s Information Security policy.

6.  The User shall not release their access password or log-in details to any other person and must take all reasonable steps to ensure that these details remain confidential and secure at all times.

7.  Any data saved from the system (whether in electronic or printed form) shall be held in a secure and confidential manner and shall be held only for as long as it is needed for SE or research administration purposes.

8. If data is downloaded to a laptop or other portable device, the device shall be encrypted.

9. If leaving their desk, the User shall log out of Symplectic Elements or lock their computer.

10. If accessing SE remotely (ie away from their work place), the User shall ensure that data displayed on the screen is not visible to unauthorised persons.
 

11. The API may only be accessed by or with the approval of an authorised user. An authorised user is a user who has applied to and been provided with an API account, username and password by the SE Helpdesk. 

12. The API may only be used to access data relating to users for which the authorised user is authorised to do so from the relevant departments or units. 

13. Data obtained via the API is subject to all terms and conditions of use in this document (including sections Personal data, Security).

14. It is the responsibility of the authorised user to ensure that all users handling data obtained via the API do so in keeping with the terms and conditions of use in this document (including sections Personal data, Security).

15. Where external contractors are used, it is the responsibility of the authorised user to ensure that contractors handle data in keeping with all terms and conditions of use in this document (including sections Personal data, Security).

16. SE data must only be shared or published in accordance with the specific system or user defined privacy settings for that data. These settings are contained in the data returned by the API and apply from January 2022 when new privacy settings will be fully enabled. Further details are available from the Symplectic API forum SharePoint site.

17. Where SE data is displayed on a website, is the responsibility of the relevant department to ensure that a first line support mechanism exists to diagnose and triage any user queries, prior to the referral of any relevant cases to the SE Helpdesk.

18. The User shall immediately notify the Symplectic Elements Helpdesk if they become aware of any unauthorised use of Symplectic Elements or its data or if any of the data is lost or destroyed or becomes damaged, corrupted or unusable (whether due
to the User’s use of the system or otherwise).