Preamble

With its online platform - openWHO - the World Health Organization offers you the possibility to take part in free online courses on healthcare-related topics. As a registered user you have access to the course content (videos, quizzes, reading material) and, after a successfully completed final exam, you receive a certificate. Moreover, for the duration of the course the discussion forum and the collab spaces are available for your questions and interaction with other learners.

When conducting online courses, the collection and storage of personal data is unavoidable. The protection of your data and the lawful collection, processing, and use of it is therefore a matter of particular concern to us. We would thus like to inform you here which data will be collected when you visit our website and register for one or more of our courses. We would further like to inform you about the purpose of collecting this data and in what scope it will be used.

On every website of our web offering you can print out and/or save this privacy policy, which is to be found in the page footer under "Data Protection".

Basic Principles

You can find the most important points and principles of this privacy statement here:

  • Responsible for the processing of your data on openWHO (and the openWHO apps) is WHO’s Department for Infectious Hazards Management, in Geneva, Switzerland ("WHO").
  • openWHO handles your personal data with care and under the priciple of data economy: for the participation in our courses, you only need to provide your name and e-mail address and choose a password. Any other data you can provide in your profile (e.g. age, gender, professional situation, etc.) helps us to improve our offerings, but are voluntary.
  • openWHO processes your personal data when creating the performance records, you can achieve in the courses. Your name and e-mail address will be printed on those records. Your name will also appear in the discussion forums, when you decide to take part there. Please note: if you do not set a differing display name in your profile, your real name will be used in the forum. Furthermore, we use your e-mail address for course-related communication as well as for the announcement of new courses or changes to the platform.
  • openWHO analyzes anonymized datasets in the context of research that aims to improve your learning experience as well as our offerings.
  • All data on openWHO are stored on the servers of the Hasso-Plattner-Institute in Potsdam, Germany. The WHO does not transfer any data to countries outside the EEA or to third parties.
  • openWHO will gladly help you in exercising your rights concerning the protection of your personal data. Please direct your requests to outbreak.training@who.int.

The following sections give you all the details concerning our privacy statement.

A. General Information

Data Controller. The data controller in case of openWHO (https://openwho.org and respective openWHO mobile applications) is the WHO’s Department for Infectious Hazards Management, in Geneva, Switzerland ("WHO"). For questions or queries regarding this privacy policy, please contact us at outbreak.training@who.int.

Collection and storage of personal data. WHO will only store your name, email address and the respective profile data that you provide voluntarily, i.e. gender, date of birth, employer or university, city, country, career status, expertise, highest degree, IT background and position (your “Personal Data") for as long as you have an active user account on the openWHO platform plus, where applicable, any additional periods under applicable laws during which WHO has to retain your Personal Data.

Why is the provision of Personal Data required? WHO requires your Personal Data to enable you to attend openWHO courses that are of interest for you. Any provision of this information is entirely voluntarily for you. However, without provisioning email address and name, it will unfortunately not be possible for WHO to make the relevant openWHO courses available to you.

Your name and email address will also appear on personal course documents, such as “Confirmations of Participation", “Records of Achievement" and "Certificates". Your email address will be used for course related communications and the announcement of new courses and changes to the openWHO platform.

Transmission of Personal Data to a non-EEA country. openWHO does not transfer any of your Personal Data to countries outside the European Economic Area.

Recipients of Personal Data. WHO will forward your Personal Data to Hasso-Plattner-Institute for Digital Engineering gGmbH, Prof.-Dr.-Helmert-Str. 2-3, 14482 Potsdam, Germany (“HPI”). HPI will use this Personal Data for the provisioning and operation of the openWHO platform on behalf of WHO.

Rights to access/rectification/erasure/restriction of processing/portability. You can request from WHO at any time information about which Personal Data WHO processes about you and the correction or deletion of such Personal Data. You can also always change or delete your Personal Data by yourself on the openWHO platform. Please note, however, that WHO can or will delete your Personal Data only if there is no statutory obligation or prevailing right of WHO to retain it. Kindly note further that if you request that WHO deletes all of your Personal Data, you will not be able to continue to use openWHO.

You may further request from WHO a copy of the Personal Data that you have provided to WHO. In this case, please contact the email address below and specify the information or processing activities to which your request relates. WHO will carefully consider your request and discuss with you how it can best fulfil it.

Furthermore, you can request from WHO that WHO restricts your Personal Data from any further processing in any of the following events: (i) you state that the Personal Data WHO has about you is incorrect, (but only for as long as WHO requires to check the accuracy of the relevant Personal Data), (ii) there is no legal basis for WHO processing your Personal Data and you demand that WHO restricts your Personal Data from further processing, (iii) WHO no longer requires your Personal Data but you claim that you require WHO to retain such data in order to claim or exercise legal rights or to defend against third party claims or (iv) in case you object to the processing of your Personal Data by WHO (based on WHO’s legitimate interest as further set out in Section B. below) for as long as it is required to review as to whether WHO has a prevailing interest or legal obligation in processing your Personal Data.

Please direct any such request to outbreak.training@who.int.

Right to lodge a complaint with a supervisory authority. If you take the view that WHO is not processing your Personal Data in accordance with the requirements set out herein or applicable EEA data protection laws, you can at any time lodge a complaint with the data protection authority of the EEA country where you live or with the data protection authority of Germany.

Consents of children. This website and app is not directed to users of an age of below 16 years. If you are younger than 16, you may not register with and use this website and app.

B. Data Processing based on a Statutory Permission

Processing based on a legitimate interest of WHO. Each of the use cases below constitutes a legitimate interest of WHO to process or use your Personal Data. If you do not agree with this approach, you may object against WHO’s processing or use of your Personal Data as set out below.

Surveys. WHO may invite you to participate in questionnaires and surveys. These questionnaires and surveys will be generally designed in a way that they can be answered without any Personal Data. If you nonetheless enter Personal Data in a questionnaire or survey, WHO may use such Personal Data to improve the openWHO services.

Evaluation of Anonymized Data Sets. WHO may anonymize Personal Data provided under this Privacy Statement to create and process anonymized and aggregated data sets, which will then be used to improve the openWHO offerings.

Logging. In every visit to our website, the user data from your Internet browser is automatically submitted and stored in protocol files - the so-called server log files. The stored data sets contain the following information:

  • Date and time of the server request
  • Name of the requested page
  • Referrer URL (the website from where you arrived at our website)
  • Type and version of your browser
  • The IP address of the accessing computers
  • HTTP Error Code and Error Message (in case of erronous requests)

These data are solely used for bug tracking purposes, i.e. to find and fix errors in our platform software. Logging data is retained for a maximum duration of 4 weeks.

You can at any time object against WHO’s use of your Personal Data for these purposes by sending an email to outbreak.training@who.int. In this case, WHO will carefully review any such objection and cease further use of the relevant information, unless WHO can claim compelling legitimate grounds for the use of the information, which override your interest in objecting or if WHO requires the information for the establishment, exercise or defense of legal claims.

The purposes of the processing of personal data including the legal basis.

Creating a minimal user profile. WHO requires your name and email address in order to enable you to participate in openWHO courses and to register for the openWHO website and respective mobile applications. Your name, email address and date of birth (optionally, if you provide it in your profile) will also appear on personal course documents, such as “Confirmations of Participation", “Records of Achievement" and "Certificate". Your email address will be used for course related communications and the announcement of new courses and changes to the openWHO platform.

Parts of the openWHO web offerings and respective mobile applications bring you in touch with other openWHO users, e.g. to discuss with other learners in the discussion forum or the Collab Spaces of openWHO courses. If you decide to participate in these activities, other users will have access to parts of your minimal profile data, i.e. your full name (unless you choose to set a differing display name in your user profile) and your profile picture, if you have uploaded one.

Web Analysis. To continually improve our offer we use the open source web analytic software "Matomo" (formerly known as "Piwik").

With Matomo we can receive in real time reports about, e.g., the number of visitors, the search machines and the search words used that lead users to our offer. This helps us to constantly optimize our offer and design it accordingly.

In contrast to the web analysis tools of external providers, using Matomo offers you the advantage that the analysis is carried out by the Data Controller itself (see Section A.) instead of by an external service provider. This means that none of your Personal Data used for Web Analysis (in particular your IP address) will be transmitted to third parties.

Matomo also uses cookies that are stored on your computer and enable an analysis of your use of the website (also see Section D). These cookies have a lifespan of 1 week. The information generated by the cookie about your use of this Internet offer is saved on our server. We would also like to note that on this website Matomo uses the "anonymize IP" function. This ensures an anonymous capture of your IP address (so-called IP masking) by us. Your IP address is only stored in abbreviated form, thus does not allow any conclusions to be drawn about your identity.

You can obtain further information about Matomo, for example, at the following address: https://matomo.org/what-is-matomo/

Withdrawal of consent in to the processing of Personal Data. You may withdraw your consent for WHO to process your Personal Data as stated herein at any time. Once you assert this right, WHO will not process your Personal Data any longer unless legally required to do so. However, any withdrawal has no effect on past processing by WHO up to the point in time of your withdrawal. Please direct any such request to outbreak.training@who.int.

D. Information on Cookies and JavaScript

Cookies. Our website uses "cookies". Cookies are small files that are stored on your data carrier and store specific settings and data for exchange with our system via your browser. Cookies help us, for example, to realise fundamental features of the platform, e.g. keeping you logged in, as well as to design our offers to be as comfortable, efficient and interesting as possible for you. A basic distinction is made between different types of cookies: so-called session cookies, which can be deleted as soon as you close your browser, and temporary cookies, which are saved for a longer period of time on your data carrier. This storage helps us design our website and our offer in a way that suits you. It also eases your use. For example, certain entries you make are saved in such a way that you do not have to continually repeat them.

For the most part, the cookies we use are so-called session cookies, with which you can be identified during the duration of your visit. After the session has ended the session cookies expire automatically.

Moreover, we use temporary cookies to store user preferences in your browser (for example: caption language or volume in the video player). If you give us consent for Web Analysis (see Section C), we store temporary cookies as part of the web analysis tool "Matomo". These have a lifespan of 1 week.

There is no personal data saved on the cookies we implement. The cookies are thus not assignable to you or to any other person.

If you wish to dissent from the storage of cookies, you can deactivate cookie storage in your browser, limit its use to certain websites, or set your browser in such a way that you will be informed as soon as a cookie is sent. You can also delete cookies at any time from your PC's hard drive. However, please note that you will be unable to use our offer if you completely reject the storage of session cookies.

JavaScript. In addition, we also use JavaScript enable basic functionality and enhance user experience of our website. JavaScript does not store any personal information. If you disable JavaScript via your browser setting, you can only make very limited use of our offerings.

The JavaScript files for openWHO are partly delivered via the Microsoft Azure Edge Content Delivery Network. By doing so, the CDN provider - the Microsoft Corporation - can get access your IP address (see section E for details).

E. External Resources

Links to other websites. Our website contains links to the websites of other, unrelated providers. After clicking on such a link, we no longer have any influence on the processing of any data that is transferred to the third party (such as the IP address or the URL on which the link is located), since the behavior of third parties is beyond our control. Therefore, we cannot accept any responsibility for the processing of any such data by third parties.

The social media buttons used are purely links, and thus not the so-called "like" and "share" buttons used by social media services. They do not transfer customer data or IP addresses.

Vimeo. Our webite includes content from the video portal Vimeo.com. The site operator is Vimeo LLC, 555 West 18th Street, New York, NY 10011, USA. When you visit one of our sites with a video player, a connection will be established to the Vimeo servers.

Vimeo will then be informed which of our pages you have visited ("Referer URL"). Vimeo will also have access to your IP address.

For more information about Vimeos handling of user data, please see the Vimeo data privacy statement at: https://vimeo.com/privacy.

Microsoft Azure Edge. Our website loads parts of the so-called "static resources", i.e. files which don't change often and are usually quite large (e.g. JavaScript, Cascading Style Sheets or images) from a Content Delivery Network (CDN). CDN providers run servers in different parts of the world and mirror our static resources on each of these servers. When your browser loads such a static resource, you will always be connected to the closest (and thus fastest) CDN server. When downloading, the CDN provider is informed which of our pages you have visited ("Referer URL") and also has access to your IP address.

The CDN for openWHO is Microsoft Azure Edge, operated by the Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA. The responsible data protection officer for the EEA can be contacted via: Microsoft Ireland Operations Limited, Attn: Data Protection Officer, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

This page was last changed at June 06 2018 15:10.

Helpdesk

Your request has been sent to our support team, and will be answered as soon as possible.

Thank You!

Oops something went wrong.

Back