Open Humans: Records of Personal Data Processing Activities

Per Article 30 of the European Union General Data Protection Act, this report documents Open Humans personal data processing activities in writing. Because our platform enables users to create new personal data inputs and outputs, we maintain a semi-automated report based on the current active "activities" (or projects) within Open Humans.

Name & contact details

Data controller is the Open Humans Foundation, which manages the Open Humans platform:

Data protection officer is designated to be:

European Union representative is designated to be:

Purposes of personal data processing

Member-managed personal data sharing with third parties

Members can explicitly opt-in to share selected personal data with arbitrary third party activities that operate on the site. These activities include the following potential uses members may wish to have:

• data analysis and exploration tools
• data cleaning tools
• data donations to research and citizen science projects

Contact and notification

Emails are collected from users to enable contact regarding events specific to their account, messages sent to them by other members or activities, and substantive changes to the site, as well as newsletters for users that opt-in to receiving these.

Personalization

Users are invited to create and share the following public data to personalize their accounts within the community: username, name, profile picture, and "about me" text. Naming guidelines do not require individuals to divulge their real name.

Logging

The Open Humans site collects logs of web usage, which may contain personal data (e.g. IP address).

Categories of data subjects and personal data

Data subject categories

Members

Our primary data subjects consist of 103993 member accounts created on the site. Users are required to be 16 years of age or older. Account data may come from children only through an account managed by that child's legal guardian.

Site visitors

Individuals that visit the site and are not logged in may have personal data (IP address) collected within our logging.

Personal Data Categories

Account data

Primarily this is email address, which is private personal data. Users may also publicly share a name, username, profile picture, and "about me" information. These may be identifying but are not required to be.

Logging data

Primarily this contains IP addresses. This is collected by servers to enable us to audit usage and debug site issues.

Activity data

Activities deposit data at the explicit opt-in behest of a member to their account. This data is typically personal data of diverse categories, and is known to include genetic data, location data, and other identifiable data.

The following activity data sources are documented for Open Humans:

• 23andMe Upload: Raw 23andMe genotyping data
• American Gut Project: A table describing the organism / sample counts and taxonomy.
• AncestryDNA Upload: Raw AncestryDNA genotyping data
• AndroidAPS Uploader: Glucose Values, Boluses, Carbs, TBRs, Settings, Device Information, App Version...
• Covid Open Survey: Individual survey responses & anonymized aggregate data
• Data Selfies: All the data
• Data sharing and ethical oversight: Members can opt in to receive their own answers and/or all answers as an aggregate from the project once the study is over.
• FamilyTreeDNA integration: FamilyTreeDNA raw genotyping data
• File Uploader: Data files uploaded by a member
• Fitbit Connection: Data from Fitbit devices, including steps, heart rate, and heart rate, if available.
• Fitbit Intraday: Intraday Fitbit Records (Heart Rate & Activities)
• Gencove: Sequencing bam files
• Genetics of Personality Type: This project will return a person's personality type (i.e., INTJ, ESFJ) as determined using three personality questionnaires.
• Genome/Exome Upload: VCF files
• Google Fit: Steps, distance, calories, activity minutes from Google Fit
• Google Location History Upload: Google Location History archives
• Google search history analyzer: Google take-out archive of search data
• GoViral: survey data and possibly kit results
• GoViral (2014-2016): Sickness reports contain survey data from GoViral. Viral profiling data contains raw viral test results.
• Harvard Personal Genome Project: Full genome sequencing data and survey data, if your participant account has these data.
• Imputer: Imputer will return a file with imputed genotypes from a user's existing genotype file.
• Jawbone Connection: Steps, sleep, and heartrate data, if available.
• lineage: Remapped SNPs, merged and discrepant SNPs (if applicable)
• Mobility data of researchers: Example of the dataset collected: travel cityA → cityB of a scientist (metadata: ORCID of a scientist who travels).
• Moves connection: Moves GPS tracking
• mPower study: Survey data and task data (tapping, voice, memory)
• Nightscout Data Commons: Data from any associated project research survey such as demographics.
• Nightscout Data Transfer: Data from Nightscout: profile.json, entries.json, treatments.json, and devicestatus.json
• nobism: csv file with all timepoints and relations general information from the Profile page
• nobism Ubiqum Cluster headache Project: We want to create regular reports based on your own data and that of all that shared. These will be stored back into your OpenHumans account
• Nokia Health (Withings) Connection: Personal and environmental tracking data: body weight, temp, fat/water/muscle %; blood pressure; heart rate; air temp/quality; sleep; steps
• OH Data Port for Apple Health: Heart rate data from Apple HealthKit
• OpenAPS Data Commons: Data from any associated project research surveys (such as an engagement score or other QOL data gathered)
• Open Humans Healthkit Integration: HealthKit data from your iPhone or iPad (visible in the Health app)
• openSNP: Will upload a link to the openSNP user page for two-way connection
• Oura Connect: Oura sleep and activity data
• Overland connection: Overland GPS records
• Personal Data Notebooks: Personal Data Notebooks
• QCycle: Body Temperature, Oura Ring Data
• Quantified Flu: Self-reported incidents of illness, wearable data from Fitbit/Oura
• RescueTime connection: RescueTime productivity data (computer usage including window titles & web site visits)
• Runkeeper connection: Activity data from your Runkeeper account
• Spotify integration: Spotify recent played songs
• Transbiome: Description of added data here
• Twitter Archive Analyzer: Zipped Twitter archives
• uBiome Upload: Raw uBiome sequencing data
• Wild Life of Our Homes: Bacterial and fungal data from surfaces in participant homes

Categories of data recipients

Activities

Activities operated in the site are potential recipients of personal data. Data is only accessible by an activity if a member explicitly opts in, joining the activity and authorizing Open Humans share one or more categories of personal data in their account.

Activities are required to follow the site terms of use, which include activity guidelines that mandate secure practices and transparent communication with members, including the presence of identifiable data and potential risks. Activities undergo a community review process prior to being made broadly available to members.

The following activity data recipients are documented for Open Humans:

• Circles: Led by Cliff Tabin and Abigail Wark (Harvard Medical School)
  Receiving:
  • 23andMe Upload
  • AncestryDNA Upload
  • Data Selfies
  • Genome/Exome Upload
  • Harvard Personal Genome Project
• Cross-Genome Error Check: Led by James Turner (self)
  Receiving:
  • 23andMe Upload
  • AncestryDNA Upload
  • Harvard Personal Genome Project
• Dash Genomics: Led by Dash Genomics (Dash Genomics)
  Receiving:
  • 23andMe Upload
  • AncestryDNA Upload
• Genetics of Personality Type: Led by Dr. Denise Cook (Ronin Institute)
  Receiving:
  • 23andMe Upload
  • AncestryDNA Upload
  • Data Selfies
  • FamilyTreeDNA integration
  • Genome/Exome Upload
  • Imputer
• Genevieve Genome Report: Led by Mad Ball
  Receiving:
  • 23andMe Upload
  • Genome/Exome Upload
  • Harvard Personal Genome Project
  • Imputer
• Imputer: Led by Kevin Arvai (github.com/arvkevi)
  Receiving:
  • 23andMe Upload
  • AncestryDNA Upload
  • FamilyTreeDNA integration
  • Gencove
  • Genome/Exome Upload
  • Harvard Personal Genome Project
  • openSNP
• Juno's Personal Data Exploratory: Led by Bastian Greshake Tzovaras (Open Humans Foundation)
  Receiving:
  • Personal Data Notebooks
• Keeping Pace: Led by Dr. Rumi Chunara (New York University)
  Receiving:
  • Fitbit Connection
  • Jawbone Connection
  • Moves connection
  • Open Humans Healthkit Integration
  • Runkeeper connection
• lineage: Led by Open Humans (Open Humans Foundation)
  Receiving:
  • 23andMe Upload
  • AncestryDNA Upload
  • FamilyTreeDNA integration
• Mobility data of researchers: Led by L Tupikina, V Estrada-Galinanes, M Santolini, B Greshake Tzovaras (CRI)
  Receiving:
  • Google Location History Upload
• Nightscout Data Commons: Led by The Nightscout Data Commons Committee (The Nightscout Foundation)
  Receiving:
  • AndroidAPS Uploader
  • Nightscout Data Transfer
• nobism reports for Advocating: Led by Rogier Koning (nobism)
  Receiving:
  • nobism Ubiqum Cluster headache Project
• nobism Ubiqum Cluster headache Project: Led by Rogier Koning, Sara Marín, Daniel Castejón (Ubiqum Code Academy)
  Receiving:
  • Data Selfies
  • nobism
  • nobism Ubiqum Cluster headache Project
• OPEN: Led by Shane O'Donnell (University College Dublin)
  Receiving:
  • AndroidAPS Uploader
  • Data Selfies
  • Nightscout Data Transfer
• OpenAPS Data Commons: Led by Dana Lewis (OpenAPS)
  Receiving:
  • AndroidAPS Uploader
  • Data Selfies
  • Nightscout Data Transfer
• Open Pokemon GO GO GO!: Led by Madeleine Ball, Hyatt Moore, and Ernesto Ramirez
  Receiving:
  • Fitbit Connection
  • Open Humans Healthkit Integration
• Pokemon Go: A Socio-Technical Exploratory Study: Led by Eric Hekler and Alexander Biel (Arizona State University)
  Receiving:
  • Open Humans Healthkit Integration
• QCycle: Led by Azure Grant (University of California, Berkeley; Quantified Self)
  Receiving:
  • Oura Connect
  • QCycle
• Quantified Flu: Led by Mad Ball & Bastian Greshake Tzovaras (Open Humans Foundation)
  Receiving:
  • Fitbit Connection
  • Fitbit Intraday
  • OH Data Port for Apple Health
  • Oura Connect
• Resilience Project Study: Led by Jason Bobe (Icahn School of Medicine at Mount Sinai)
  Receiving:
  • 23andMe Upload
  • AncestryDNA Upload
  • FamilyTreeDNA integration
  • Genome/Exome Upload
  • Harvard Personal Genome Project
• TeQfor1: Led by Silvia Woll & TeQfor1 community members (TeQfor1 community & Karlsruhe Institute of Technology)
  Receiving:
  • AndroidAPS Uploader
  • Nightscout Data Transfer
• The Preference Project: Led by Christian Zuend (Department of Economics, University of Zurich)
  Receiving:
  • 23andMe Upload
  • American Gut Project
  • AncestryDNA Upload
  • Data Selfies
  • Genome/Exome Upload
  • GoViral (2014-2016)
  • Harvard Personal Genome Project
  • uBiome Upload
  • Wild Life of Our Homes
• The Quantified Heart: Led by Valeria Pannunzio (Delft University of Technology)
  Receiving:
  • Data Selfies
  • Fitbit Connection
  • Fitbit Intraday
  • Open Humans Healthkit Integration
  • Oura Connect
  • Personal Data Notebooks
  • RescueTime connection

Time limits for erasure

Account data and activity data should be permanently deleted after 60 days, and are immediately removed from processing activities when requested by a member. Logging data should be permanently deleted after 120 days.

Security measures

Pseudonymization and encryption

Activity data shared with data recipient activities is done via randomly assigned activity-specific identifiers. Data itself may or may not contain non-anonymous content. Activities are required by activity guidelines to make members aware of identifiable features in data they offer to add to a member's account.

All interactions with the website and API are enforced to use SSL encryption. Data in the database and file storage is encrypted at rest.

Ensuring ongoing integrity and security of processing systems and operations

The site and other infrastructure are operated with major cloud services providers that provide up-to-date secure platforms for operating technical infrastructure. These service providers are: Heroku, Amazon Web Services, Google Cloud Services, and Digital Ocean.

The site software uses the Python/Django framework and is regularly updated to new releases, and is openly available for third party inspection as an open source project.

Data preservation

Backups are automatically performed for account data on a daily basis, and are retained for a minimum of one month. Backups of activity data occurs automatically on a continuous basis and are retained for 60 days.

Security review

Activities are made broadly available on the site only after they pass a community review process. This provides an open forum for regular review of security measures in the platform and activity operations. Open Humans also maintains a public community chatroom and open source repositories, encouraging discussion and feedback on potential improvements.