GDPR aims to protect all EU citizens from breaches of their privacy and data. Here's a quick explainer of what we’ll delete when an Ex Ordo user exercises their right to be forgotten under GDPR.

As an important part of making our conference management software GDPR compliant, we're supporting users' right to request their personal data and their right to be deleted.

Personal data vs research data

If an Ex Ordo user asks us to delete their data, we'll delete their personal data within 30 days, but we won't delete their research data. This is because we have no jurisdiction over the research data stored on Ex Ordo it. That lies with the conference organiser.

If an Ex Ordo user wants their research data deleted, they must contact the organiser of the conference it's attached to. We'll happily delete this data once the request is approved by the conference organiser.

Below is a breakdown of personal data versus research data.

Personal data includes:

  • Name
  • Email address
  • Billing address
  • Organisation
  • Biography
  • Dietary and access requirements
  • Responses to author and delegate questions

Research data includes:

  • Submission title
  • Abstract
  • Topics and themes
  • Paper
  • Reviews (scores and comments)

What happens when someone's already published?

If an Ex Ordo user asks us to delete their data but they're the author of an accepted submission, we’ll delete all of their personal data, but we won’t automatically delete the following:

  • Name
  • Organisation
  • Biography

This is because research that has been published is considered to be in the public domain, and so the record that a particular person published a particular work is not considered private personal data under GDPR. But again, if any Ex Ordo user wants this “public” data to be deleted, they can contact the conference organiser. We'll happily delete this data once the request is approved by the organiser.

If you've got any questions, drop us a line at support@exordo.com and we'll do our best to answer them.