ORCID is committed to providing users with meaningful choices about privacy and the ability to control how their information is used. A core ORCID principle is that the user controls the settings for visibility & sharing of their own ORCID Record data. To that end, ORCID allows users the right to control how their information is published on and shared via the ORCID Registry through various opt-in features.
ORCID collects information from users in four ways:
For a complete statement of the Privacy Policy see the link below.
Author and researcher privacy is a fundamental principle of ORCID: "Researchers control the defined privacy settings of their own ORCID record data." ORCID provides three settings: Everyone, Trusted Parties or Private
Everyone 
Information marked as "everyone" can be viewed by anyone who comes to the ORCID.org website or consumed by anyone using the ORCID public API. Data marked as public will also be included in the public data file posted annually by ORCID.
Trusted Parties 
Information marked as "Limited" can be seen by any Trusted Parties that you have authorized to connect to your ORCID Record. These connections require explicit action on your part. You will be asked if you would like to make a specific connection, and once you have confirmed, the Trusted Party will be able to see information that you have marked as limited-access.
Private 
Information marked as "Private" can only be seen by you. It is also used by ORCID algorithms to help distinguish your identity from another person who may have a similar name, be in a similar field, or may be confused with you for other reasons. This information is not shared with others.