We decided to use Google Accounts for security and because we do not want to store any personal details about any user. The only piece of information we keep is the user email for basic project user management.
Whether you want to use your personal email or another email just for Epicollect5 is up to you.
Project managers retain ownership of the data. We will never share or access your data, unless granted permission by you, in order to provide you with technical assistance.
Technically speaking, each user owns all of the content added to Epicollect5; therefore, they could copyright it. However, by uploading data to Epicollect5 a user gives explicit access to that material to whoever has got access to that project.
Epicollect5 is part of the Big Data Institute at Oxford University (https://www.bdi.ox.ac.uk) and hosted on the world-class cloud hosting provider, Digital Ocean: https://www.digitalocean.com, in their UK data center.
You can read about Digital Ocean data security here:
Digital Ocean services fully comply with GDPR:
Epicollect5 embraces industry-standard best practices to protect against un-authorized access of your data.
Data are sent over HTTPS and its TLS certificate uses SHA-256 with RSA encryption as a signature algorithm.
Epicollect5 mobile app data stored on the device is not encrypted by default but if that extra level of security is needed, any recent Android and iOS device can be encrypted system wide. Read how to do it.
Daily backups of the server are run in case of a system fault.
If you have any questions regarding our security and backup procedures please contact us.