Education and Youth Justice: Website Privacy Policy

General

This policy explains what information we gather when you visit the Education and Youth Justice web site, and explains how that information is used.

It is important for you to appreciate that the Education and Youth Justice web site provides links to other independent sites. This policy applies only to direct accesses to this web site - URLs starting http://www.edyj.org.uk/. You will need to consult the appropriate information on other sites for information on their policies.

Any changes to this privacy policy will be posted on this page. It was last updated on 28 September 2010.

Data Collected

In common with most web sites, this site automatically logs certain information about every request made of it (see below for more details). This information is used for system administration, for bug tracking, and for producing usage statistics. The logged information may be kept indefinitely.

Relevant subsets of this data may be passed to computer security teams as part of investigations of computer misuse involving this site. Data may be passed to the administrators of other computer systems to enable investigation of problems accessing this site or of system misconfigurations. Logged information is not passed to any third party except if required by law.

[You should appreciate that a log is a record of what a server sees, not necessarily what was initially sent. If a request is sent via a proxy the log file will show the proxy's address. If someone has forged your address the log file will show your address]

Logged Data

The following data is automatically logged for each request:

  • The name or network address of the computer making the request. Note that under some (but not all) circumstances it may be possible to infer from this the identity of the person making the request. Note also that the data recorded may be that of a web proxy rather than that of the originating client
  • The date and time of connection
  • The HTTP request, which contains the identification of the document requested
  • The status code of the request (success or failure etc.)
  • The number of data bytes sent in response
  • The contents of the HTTP Referrer header supplied by the browser
  • The content of the HTTP User-Agent header supplied by the browser

Access to Personal Data

For the purpose of the UK Data Protection Act 1998, the 'Data Controller' for the processing of data collected by this site is the EDYJ Data Protection Officer, and the point of contact for subject access requests is cml29@cam.ac.uk.