Background and definition of terms

SEMA3 is a research platform for collecting ecological momentary assessment (aka ‘experience sampling’) data via iOS and Android smartphone applications (‘Smartphone Apps’). Researchers design a survey and sampling schedule and invite participants via a Web Frontend application (‘Research Web App’), which synchronises with the smartphone apps. Data collected via the smartphone apps are securely transferred to a central server hosted by the University of Melbourne and managed by the Melbourne eResearch Group (‘MeG’). The research web app runs on a private availability zone of the NeCTAR Research Cloud at the University of Melbourne, managed by MeG.

Privacy Policy

The collection of personal information by the University of Melbourne (University) is governed by the Privacy and Data Protection Act 2014 (Vic) and Health Records Act 2000 (Vic) (together, Privacy Laws). The University is also considered to be a data controller for the purposes of the EU General Data Protection Regulation 2016/679 (GDPR) in relation to the collection of personal information from individuals located in the European Union (EU), while conducting certain activities. The University is committed to protecting your privacy and processing your personal information fairly and lawfully in compliance with the Privacy Laws and the GDPR, as applicable.

Storage and security

We are committed to ensuring that the personal information we collect is secure. Data collected via the SEMA3 application is held on a secure server and is not contained in any email sent or received.

Raw data collected are stored on local University of Melbourne servers and are only accessible by admins of the study and members of the MeG development team. Researchers access the research web app (which provides access to data collected in studies created by the researcher) via a secure username and password.

The SEMA3 platform utilises a Google Firebase backend and uses Firebase Cloud Functions as the main API to communicate between the Research Web App, Smartphone Apps and Server. All communication is encrypted using industry standard (HTTPS) data security protocols. Firebase and Cloud Firestore automatically encrypt all data before it is written to disk, leveraging server-side encryption technologies. Participant users’ personal information (e.g., email, phone number, name) is not recorded in the SEMA3 database. Participants are identified only with a unique 9-digit numeric identifier (Eg: 78657615), which is linked to their hashed (encrypted) emails to enable one-way mapping for the purpose of verifying whether a Participant user has an existing SEMA3 user account when being invited into a new study.

As raw data stored on local servers are only identifiable via a 9-digit participant identifier, the organisation or individual administering a SEMA3 survey is responsible for keeping records of Participant identifiers, if required. SEMA3 and the University of Melbourne are not able to re-identify collected data.

Links to other websites

Links to other websites may be embedded in surveys created with SEMA3. We do not have any control over such websites and we are not responsible for the protection and privacy of personal information provided whilst visiting any external websites. External websites are not governed by this Privacy Policy.

Deletion of data

SEMA3 does not allow Researchers to delete data directly. If a Researcher or Participant wishes to permanently delete data from the platform, they should contact us via email ( Please be aware that data deletion is permanent and cannot be reversed.

Licence to use SEMA3

We grant you a non-exclusive, royalty-free, revocable, worldwide, non-transferable licence to use our application in accordance with these Terms. All other uses are prohibited without our prior written consent.


We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended policy on our website. We recommend you check our website regularly to ensure you are aware of our current policies.