This policy describes what information is gathered when external users visit the DPMMS web site, and how that information is used.
Related documents include:
- Guidelines for DPMMS users - follow this link for a description of the conditions of use governing DPMMS computer users.
In common with most web sites, this site automatically logs certain information about every request made of it (see below for more details). This information is used for system administration, for bug tracking, and for producing usage statistics. The logged information may be kept indefinitely.
Relevant subsets of this data may be passed to computer security teams as part of investigations of computer misuse involving this site or other computing equipment in the University. Data may be passed to the administrators of other computer systems to enable investigation of problems accessing this site or of system misconfigurations. Some individuals' personal pages are made available via this site; data on access to an individual's personal page may be passed on to the same individual.
Otherwise the logged information is not passed to any third party except if required by law. Summary statistics are extracted from this data and some of these may be made publicly available, but those that are do not include information from which individuals could be identified.
- Links to the main university "Talks.Cam" web service. We don't use google analytics but talks.cam do. Sorry.
- Pages which require a login use the Raven authentication process. We use the Ucam-WebAuth Server but not the Shibboleth Server, thus we set a single cookie to track the user's authentication state. This is a 'session' cookie which browsers should delete when the user quits. This is called 'Ucam-WebAuth-Session' (over http) or 'Ucam-WebAuth-Session-S' (over https) with path '/' and a scope of the host it is set from.
- The webmail service https://mail.dpmms.cam.ac.uk uses a single session-cookie to maintain the authenticated connection between your browser and the server.
- Personal web pages - those with addresses starting
are not under the direct control of the webmaster and may use other cookies.
We are aware that some user pages use, or have used, the following technologies
and that these technologies are capable of setting cookies:
- Instructions for our photocopier/printer/scanners (which are available to internal users only) retain the cookie code from the photocopier vendor. Our licence does not allow us to modify these instructions without the permission of the vendor. We do not use this cookie data in any way, nor do we make it available to the photocopier vendor or any other party.
The following standard data is automatically logged for each request:
- The name or network address of the computer making the request. Note that under some (but not all) circumstances it may be possible to infer from this the identity of the person making the request. Note also that the data recorded may be that of a web proxy rather than that of the originating client.
- The username, when known during authenticated (logged in) access to the site
- The date and time of connection
- The HTTP request, which contains the identification of the document requested
- The status code of the request (success or failure etc.)
- The number of data bytes sent in response
- The contents of the HTTP Referrer header supplied by the browser
- The content of the HTTP User-Agent header supplied by the browser
Access to personal data
All enquiries about personal data in respect of this site should be addressed to the University Data Protection Officer (10 Peas Hill, Cambridge CB2 3PN; tel. 01223 339888; fax 01223 331200; E-mail email@example.com).