Last updated: 18th September 2012
General
This policy explains what information we gather when you visit the Surgery website. This document explains what data is collected, and how that information is used. It is important for you to appreciate that the central web site provides extensive links to other independent sites, both within the University and elsewhere. This policy applies only to direct accesses to the Surgery website – URLs in the surgery.medschl.cam.ac.uk domain. You will need to consult the appropriate information on other sites for information on their policies. Any changes to this privacy policy will be posted on this page.
Data collected
In common with most web sites, this site automatically logs certain information about every request made of it (see below for more details). This information is used for system administration, for bug tracking, and for producing usage statistics. The logged information may be kept indefinitely. Relevant subsets of this data may be passed to computer security teams as part of investigations of computer misuse involving this site or other computing equipment in the University. Data may be passed to the administrators of other computer systems to enable investigation of problems accessing this site or of system misconfigurations. Data may incidentally be included in information passed to contractors and computer maintenance organisations working for the University, in which case it will be covered by appropriate non-disclosure agreements. Otherwise the logged information is not passed to any third party except if required by law. Summary statistics are extracted from this data and some of these may be made publicly available, but those that are do not include information from which individuals could be identified. [You should appreciate that a log is a record of what a server sees, not necessarily what was initially sent. If a request is sent via a proxy the log file will show the proxy’s address. If someone has forged your address the log file will show your address] A number of fill-in forms are provided on this site. The pages containing these forms include information on how data submited on them will be processed and used. This site may use web “cookies” as part of user authentication (login) and to store information needed by other facilities. This site runs Google analytics, which uses cookies for tracking visitors to the site. This is to gain more complete data on site use and will support ongoing web page development.
Logged data
The following data is automatically logged for each request:
- The name or network address of the computer making the request. Note that under some (but not all) circumstances it may be possible to infer from this the identity of the person making the request. Note also that the data recorded may be that of a web proxy rather than that of the originating client
- The username, when known during authenticated (logged in) access to the site
- The date and time of connection
- The HTTP request, which contains the identification of the document requested
- The status code of the request (success or failure etc.)
- The number of data bytes sent in response
- The contents of the HTTP Referrer header supplied by the browser
- The content of the HTTP User-Agent header supplied by the browser
Logging of additional data may be enabled temporarily from time to time for specific purposes. In addition, the computers on which the web site is hosted keep records of attempts (authorised and unauthorised) to use them for purposes other than access to the web server. This data typically includes the date and time of the attempt, the service to which access was attempted, the name or network address of the computer making the connection, and may include details of what was done or was attempted to be done.
Cookies
Our websites uses four cookies. A cookie is a small file of letters and numbers that we put on your computer if you agree. These cookies allow us to distinguish you from other users of the website which helps us to provide you with a good experience when you browse our website and also allows us to improve our site. The cookies we use are ‘analytical’ cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the site when they’re using it. This helps us to improve the way our website works, for example by making sure users are finding what they need easily. Read more about the individual analytical cookies we use and how to recognise them.
| Cookie | Name | Purpose | More Information |
| GoogleAnalytics | __utma__utmb__utmc __utmz | These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.Analytics data is configured not to share data with Google. | Click here for an overview of privacy at Google. |
Access to personal data
For the purpose of the UK Data Protection Act 1998, the ‘Data Controller’ for the processing of data collected by this site is the University of Cambridge, and the point of contact for subject access requests is the University Data Protection Officer (The Old Schools, Trinity Lane, Cambridge CB2 1TN, tel. 01223 332320, fax 01223 332332 E-mail:data.protection@admin.cam.ac.uk). The University is also Data Controller in respect of any personal data served as content by this site, except that University Society pages (URLs starting http://www.cam.ac.uk/societies/) are the responsibility of the societies themselves.
