We’re committed to protecting the privacy of people who use our products and services, or who visit our website. As part of our responsibility we let you know what information we collect, why we collect it and what we do to safeguard it.
Information we collect
Essentially we collect two types of information:-
- Personal data that we request during registration for one of our services or attendance at an event, such as a person’s name, contact details (usually an email address), the organisation they belong to, their role in that organisation and other relevant information which helps us to deliver the services we offer.
- Anonymous information about your computer and about your use of this website.
How we collect your information
We may collect personal information from you when you:
- Sign up to an event or newsletter.
- Purchase any of our services.
- Become a user, administrator or editor of our Identity & Access and Licence Negotiation services.
So whenever we collect information about you personally, this is only done with your knowledge and consent and you have the right to ask us to stop using this information.
We collect anonymous information from visitors to our website using analytic tools, cookies and web logs.
Cookies are small files containing strings of characters that uniquely identity your browser. You can disable cookies using your browser settings but you will not be able to use some parts of our website or services, or those from other providers.
Find out more about the Cookies we set and how to control their use.
How we use your information
We may contact you with information about our products and services that we think you may be interested in.
We will also use your personal details if you have indicated that you wish to be sent communications about Eduserv news, events and services either when attending an event, or signing up to a newsletter. You can choose to unsubscribe at any time.
We need personal data in order to confirm a user’s entitlement to parts of our Identity & Access Management services.
We may need to provide service providers and suppliers that your organisation subscribes to with access to some data about you so that they can confirm your entitlements and grant access to software and data.
We want to provide you with the best possible service. Anonymous information about the way people use our website can be aggregated into statistics that show us how our websites are used and help us improve user experience of the services we provide.
Anonymous data may also be essential to the security of the services we offer or a necessary part of a service – for example, for certain Identity & Access Management customers.
How we protect your information
Eduserv maintains appropriate technical and operational measures to safeguard your personal data. The servers containing your personal data are located in secure data centre locations where access is limited to authorised staff. All data transmissions to and from Eduserv (e.g. from the OpenAthens database) are encrypted. Any password you submit to Eduserv is one-way encrypted before it is stored. Personal data is processed automatically by Eduserv's systems without human intervention as far as possible.
The personal data which Eduserv holds is never modified or disclosed to any third party other than as described in this policy. We never sell, rent or trade your personal data. Service Providers in the EU and USA are obliged to follow regulations similar to the Data Protection Act. If we engage Service Providers from elsewhere we receive equivalent undertakings so that your personal data remains protected.
We will remove your personal data from our live systems as soon as you or the administrator for your organisation instructs us to do so. Once removed from our OpenAthens service, personal data is retained for up to twelve months but only as part of our backup procedures.
Access to your information
You have the right to ask us:
- to give you a description of the personal data that we hold for you
- to tell you why we are holding it
- to tell you who it could be disclosed to
- to let you have a copy of your personal data
- to require us to correct any mistakes
- to remove you from any of our mailing lists.
Please use the contact details below if you want to make use of these rights.
If your organisation operates any OpenAthens service, the organisation that issued your OpenAthens account is the data controller for your personal data - even if that information is passed to Eduserv as part of the service. So if you wish to find out about the information that is held about you, or amend it, you should contact your organisation’s OpenAthens administrator in the first instance.
MyAthens users can also view their personal data by logging on to their own MyAthens account.
If your organisation operates an OpenAthens-enabled local authentication service (such as Shibboleth or OpenAthens LA), user accounts are not created, so no personal data is passed to Eduserv.
More information about this policy
Eduserv, a company limited by guarantee (registered in England and Wales, company number 3763109), and a charity (charity number 1079456), whose registered office is at Royal Mead, Railway Place, Bath BA1 1SR is the data controller for the purposes of the Data Protection Act 1998 for information collected through this website.