Privacy & Cookies Policy

We’re committed to protecting the privacy of people who use our products and services, or who visit our website. As part of our responsibility we let you know what information we collect, why we collect it and what we do to safeguard it.

Information we collect

Essentially we collect two types of information:-

  • Personal data that we request during registration for one of our services or attendance at an event, such as a person’s name, contact details (usually an email address), the organisation they belong to, their role in that organisation and other relevant information which helps us to deliver the services we offer.
  • Anonymous information about your computer and about your use of this website.

How we collect your information

We may collect personal information from you when you:

  • Sign up to an event or newsletter.
  • Purchase any of our services.
  • Become a user, administrator or editor of our Identity & Access and Licence Negotiation services.

So whenever we collect information about you personally, this is only done with your knowledge and consent and you have the right to ask us to stop using this information.

We collect anonymous information from visitors to our website using analytic tools, cookies and web logs.

Cookies are small files containing strings of characters that uniquely identity your browser. You can disable cookies using your browser settings but you will not be able to use some parts of our website or services, or those from other providers.

Find out more about the Cookies we set and how to control their use.

How we use your information

Personal data

We may contact you with information about our products and services that we think you may be interested in.

We will also use your personal details if you have indicated that you wish to be sent communications about Eduserv news, events and services either when attending an event, or signing up to a newsletter. You can choose to unsubscribe at any time.

We need personal data in order to confirm a user’s entitlement to parts of our Identity & Access Management services.

We may need to provide service providers and suppliers that your organisation subscribes to with access to some data about you so that they can confirm your entitlements and grant access to software and data.

Anonymous information

We want to provide you with the best possible service. Anonymous information about the way people use our website can be aggregated into statistics that show us how our websites are used and help us improve user experience of the services we provide.

Anonymous data may also be essential to the security of the services we offer or a necessary part of a service – for example, for certain Identity & Access Management customers.

How we protect your information

Eduserv maintains appropriate technical and operational measures to safeguard your personal data. The servers containing your personal data are located in secure data centre locations where access is limited to authorised staff. All data transmissions to and from Eduserv (e.g. from the Athens database) are encrypted. Any password you submit to Eduserv is one-way encrypted before it is stored. Personal data is processed automatically by Eduserv's systems without human intervention as far as possible.

The personal data which Eduserv holds is never modified or disclosed to any third party other than as described in this policy. We never sell, rent or trade your personal data. Service Providers in the EU and USA are obliged to follow regulations similar to the Data Protection Act. If we engage Service Providers from elsewhere we receive equivalent undertakings so that your personal data remains protected.

We will remove your personal data from our live systems as soon as you or the administrator for your organisation instructs us to do so. Once removed from our Athens service, personal data is retained for up to twelve months but only as part of our backup procedures.

We continually monitor our systems and practices to verify that this policy is followed to ensure the security and confidentiality of the information that we collect. All our staff have been instructed in the importance of the Data Protection Act, information security and this privacy policy.

Access to your information

You have the right to ask us:

  • to give you a description of the personal data that we hold for you
  • to tell you why we are holding it
  • to tell you who it could be disclosed to
  • to let you have a copy of your personal data
  • to require us to correct any mistakes
  • to remove you from any of our mailing lists.

Please use the contact details below if you want to make use of these rights.

MyAthens users can view their personal data by logging on to MyAthens. Your Athens administrator is responsible for the maintenance of your Athens account, so if you require the information which Eduserv holds about you to be updated or amended, please contact your Athens administrator in the first instance.

If your organisation operates an Athens-enabled local authentication service (such as Shibboleth or OpenAthens LA), Athens user accounts are not created, so no personal data is passed to Eduserv and your organisation will be the data controller of the personal data that is collected.

More information about this policy

Eduserv, a company limited by guarantee (registered in England and Wales, company number 3763109), and a charity (charity number 1079456), whose registered office is at Royal Mead, Railway Place, Bath BA1 1SR is the data controller for the purposes of the Data Protection Act 1998 for information collected through this website.

As a condition of the use of our services, you consent to the terms of this privacy policy. We may update this policy from time to time. The latest version will be available on our website and we’ll publish a prominent notice whenever something changes.

This privacy policy applies only to the use of your personal data by Eduserv. The use of personal data by your organisation or any service provider or supplier will be governed by their own privacy policies. Eduserv is not responsible for the privacy policies or practices of any third party websites linked to from Eduserv websites.

Contact us

If you would like to contact us about any aspect of our Privacy Policy, please email contact@eduserv.org.uk or write to us at the postal address above.

May 2012

Last reviewed date: 25 February 2013