.png)
Cerberus: the wearable watchdog
Privacy and Data Protection
At the heart of our project is a commitment to the privacy and security of all participants who generously contribute their data. We understand the trust placed in us when sharing personal health-related information, and we take this responsibility seriously.
Our project involves collecting data from wearable sensor devices like smartwatches or fitness trackers. This includes health-related metrics such as physical activity levels, sleep patterns, and heart rates. All participants voluntarily consent to share this data, which can range from the past 24 months of use to an ongoing basis. To ensure privacy, all data is anonymized by removing personal identifying information before analysis.
We operate under four main use-cases: Studies that we design and that are based in our University (University College Dublin - UCD), collaborative studies (where we work with other researchers), external access to collected data (where researchers outside of our group apply to access the data we have already collected), and external use of our databank and API. In each scenario, UCD acts in various capacities as a data controller and processor, always prioritizing data protection and ethical research practices.
For detailed insights into the data types collected, including wearable device data, demographic information, and various health metrics, please refer to our Data Protection Impact Assessment (DPIA) using the link below. The DPIA outlines our approach to collecting, processing, storing, and protecting your data. It also details our commitment to data minimisation and the legal basis for processing personal data under GDPR Article 6.
Your rights regarding your data, including access, rectification, and erasure, are paramount. We've implemented robust technical security measures to safeguard your data, such as pseudonymisation, encryption in transit and at rest, and strict access controls. Our mobile app, central to data collection, adheres to the highest security standards, ensuring the safe transmission and storage of your data on secure, GDPR-compliant cloud servers within the EEA.
For more detailed information on how we collect, use, and protect your data, and to understand your rights as a participant, please click the button below to access our full DPIA document.
Your privacy is our top priority, and we are committed to maintaining the trust and confidence of all participants involved in this project.