How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures.
In common with most web sites, this site automatically logs certain information about every request made of it (see below for more details). This information is used for system administration, for bug tracking, and for producing usage statistics. The logged information may be kept for up to two years.
We may collect and process the following data about you:
- Information that you provide by filling in forms provided on this website for a specific purpose. By supplying this information you are consenting to the University holding and using it for the purposes for which it was provided.
- If you contact us, we may keep a record of that correspondence.
Forms such as the Enquiries Form and Website Comment form collect data from users of the site. In this instance the user volunteers their personal information and the information is held in accordance with our Data Protection Policy.
The following data is automatically collected for each request:
- The name or network address of the computer making the request. Note that under some (but not all) circumstances it may be possible to infer from this the identity of the person making the request. Note also that the data recorded may be that of a web proxy rather than that of the originating client
- The username, when known, during authenticated (logged in) access to the site
- The date and time of connection
- The HTTP request, which contains the identification of the document requested
- The status code of the request (success or failure, etc.)
- The number of data bytes sent in response
- The contents of the HTTP Referrer header supplied by the browser
- The content of the HTTP User-Agent header supplied by the browser
Logging of additional data may be enabled temporarily from time to time for specific purposes.
In addition, the computers on which the web site is hosted keep records of attempts (authorised and unauthorised) to use them for purposes other than access to the web server. This data typically includes:
- the date and time of the attempt,
- the service to which access was attempted,
- the name or network address of the computer making the connection,
- and may include details of what was done or was attempted to be done.
Disclosure and uses of personal information
We use information held about you in the following ways:
- to ensure that content from our website is presented in the most effective manner for you and for your computer or device by gathering aggregate information about our users using it to analyse the effectiveness and popularity of this website
- to allow you to participate in interactive features of our service, when you choose to do so
We may disclose your personal information to third parties in the following circumstances:
- if we have obtained your consent to do so
- when we are required or authorised by law, court order, regulatory or governmental authority to disclose your personal data
- if required to protect the rights, property or safety of Trinity College, its members or others
Relevant subsets of this data may be passed to computer security teams as part of investigations of computer misuse involving this site or other computing equipment in the University.
In addition, this site uses Google Analytics to help us analyse site usage and to improve it. To support this, selected information about your interaction with the site is sent to Google for them to analyse on our behalf. For more information about Google Analytics see http://www.google.com/analytics/.
Links to other websites
Access to personal data
For the purpose of the UK Data Protection Act 1998, the ‘Data Controller’ for the processing of data collected by this site is Trinity College, and the point of contact for subject access requests is the College Data Protection Officer (Junior Bursar, Trinity College, Trinity Street, Cambridge CB2 1TQ, tel. 01223 338400, E-mail: firstname.lastname@example.org).
The College is also Data Controller in respect of any personal data served as content by this site.
Your acceptance of these terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Reporting security incidents
Reports of break-ins, attempted break-ins, probes for vulnerabilities and other security incidents involving the University of Cambridge systems should be made to CamCERT.
The information that you need to send depends on whether