Privacy Policy
Eduserv is committed to protecting the privacy of people who use our products and services or who visit our website. As part of our responsibility we let you know what information we collect, why we collect it and what we do to safeguard it.
As a condition of the use of our services, you consent to the terms of this privacy policy. We may update this policy from time to time. The latest version will be available on our website and we’ll publish a prominent notice whenever something changes.
Eduserv, a company limited by guarantee (registered in England and Wales, company number 3763109), and a charity (charity number 1079456), whose registered office is at Royal Mead, Railway Place, Bath BA1 1SR is the data controller for the purposes of the Data Protection Act 1998 for information collected through this website.
This privacy policy applies only to the use of your personal data by Eduserv. The use of personal data by your organisation or any service provider or supplier will be governed by their own privacy policies. Eduserv is not responsible for the privacy policies or practices of any third party websites linked to from Eduserv websites.
If your organisation operates an Athens-enabled local authentication service (such as Shibboleth or OpenAthens LA), Athens user accounts are not created, so no personal data is passed to Eduserv and your organisation will be the data controller of the personal data that is collected.
Information we collect
Essentially we collect two types of information:-
- personal data that we request during registration for one of our services, such as a person’s name, contact details (usually an email address), the organisation they belong to, their role in that organisation and other relevant information which helps us to deliver the services we offer.
- information about your computer and about your use of this website.
How we collect your information
Personal data relating to users, administrators or editors of Eduserv’s Access and Identity and Licence Negotiation services, is given to us by individual users or by people from their organisation who are authorised to do so.
Information about your computer and your use of this site is collected automatically using analytic tools, cookies and web logs. Cookies are small files containing strings of characters that uniquely identity your browser. You can disable cookies using your browser settings but please note that you will not be able to use some parts of our website or services, or those from other providers.
How we use your information
We need personal data in order to confirm a user’s entitlement to visit parts of the Access and Identity and Licence Negotiation sites, and user validation is central to the Athens service.
We may need to provide service providers and suppliers that your organisation subscribes to with access to some data about you so that they can confirm your entitlements and grant access to software and data.
We will contact customers with relevant information about our products and services.
We will also use your personal details if you have indicated that you wish to be sent communications about Eduserv news, events and services either when attending an event, or signing up to a newsletter. You can choose to unsubscribe at any time.
Information that is collected automatically about your computer and your use of the website is either essential to the security of the services we offer, or is aggregated in statistics that help us to enhance our services and overall website user experience
How we protect your information
Eduserv maintains appropriate technical and operational measures to safeguard your personal data. The servers containing your personal data are located in secure data centre locations where access is limited to authorised staff. All data transmissions to and from Eduserv (e.g. from the Athens database) are encrypted. Any password you submit to Eduserv is one-way encrypted before it is stored. Personal data is processed automatically by Eduserv's systems without human intervention as far as possible.
The personal data which Eduserv holds is never modified or disclosed to any third party other than as described in this policy. We never sell, rent or trade your personal data. Service Providers in the EU and USA are obliged to follow regulations similar to the Data Protection Act. If we engage Service Providers from elsewhere we receive equivalent undertakings so that your personal data remains protected.
We will remove your personal data from our live systems as soon as you or the administrator for your organisation instructs us to do so. Once removed from our Athens service, personal data is retained for up to twelve months but only as part of our backup procedures.
We continually monitor our systems and practices to verify that this policy is followed to ensure the security and confidentiality of the information that we collect. All our staff have been instructed in the importance of the Data Protection Act, information security and this privacy policy.
Access to your information
You have the right to ask us:
- to give you a description of the personal data that we hold for you
- to tell you why we are holding it
- to tell you who it could be disclosed to
- to let you have a copy of your personal data
- to require us to correct any mistakes
- to remove you from any of our mailing lists.
Please use the contact details below if you want to make use of these rights.
Athens users can view their personal data by logging on to MyAthens. Your Athens administrator is responsible for the maintenance of your Athens account, so if you require the information which Eduserv holds about you to be updated or amended, please contact your Athens administrator in the first instance.
Licence Negotiation Service Institution Area users can update their contact details and preferences within the secure Institution Area.
Contact us
If you would like to contact us about any aspect of our Privacy Policy, please email contact@eduserv.org.uk or write to us at the postal address above.
January 2010