Privacy & Cookies Policy
On 25 May 2018, the most significant piece of European data protection legislation to be introduced in 20 years will come into force (including in the UK regardless of its decision to leave the EU). The EU General Data Protection Regulation (GDPR) replaces the 1995 EU Data Protection Directive . The GDPR strengthens the rights that individuals have regarding personal data relating to them and means there is one set of data protection rules for all organisations operating in the EU, wherever they are based.
At the Square Kilometre Array Organisation, we believe that the GDPR is an important step towards strengthening data protection laws across the European Union and enabling individual privacy rights.We place great value on upholding the principles as higher standards are essential for building and maintaining trust. This is why SKA is committed to being GDPR‑compliant across our online platforms when enforcement begins on May 25, 2018.
How is SKA preparing for GDPR?
To ensure our systems/platforms comply with the EU data protection rules, we are reviewing all our systems and will be making some changes.
- All users of our platforms must register for themselves, if they are not already registered
Anyone who is to be added to our online platforms and/or mailing lists must register for themselves. This doesn’t affect anyone who is already registered – just people who are not already in the system. If you wish to sign up to the SKAO Mailing list, you can do so here.
- Keep you better informed who we share data with
Across all our platforms, we will be making it clearer why we ask you for personal information. We are also updating our terms and conditions and privacy notice to better explain what we do with the personal data we collect, and how long we hold your personal data for.
- Privacy by design & Data Minimisation and retention
We will be conducting a privacy impact assessment to ensure appropriate security and may cease collecting some information we no longer need. Where information is collected for explicit and legitimate purposes we will make sure this is relevant and limited to what is necessary. The forwarding or other conveyance of a user’s personal data to third parties occurs only as part of contractual data processing
- Data Protection and third party websites
This website may contain hyperlinks to and from other third party websites, please note that we assume no responsibility or guarantee for third party content or data provisions.
- Individuals Rights
Under the Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you.
You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/
We use a third party service, WordPress.com, to publish updates of the project, and our minisites. These sites are hosted at WordPress.com, which is run by Automattic Inc. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. WordPress requires visitors that want to post a comment to enter a name and email address. For more information about how WordPress processes data, please see Automattic’s privacy notice.
We use a third party provider, MailChimp, to deliver our newsletters. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see Mailchimp’s privacy notice.
We reserve the right to change these data protection provisions, at any time, effective for the future.
- Data Protection Officer
The SKAO DPO is: Mr. Ian Hastings (firstname.lastname@example.org)
A cookie is a small text file that is downloaded onto ‘terminal equipment’ (eg a computer or smartphone) when the user accesses a website. It allows the website to recognise that user’s device and store some information about the user’s preferences or past actions.
If you’d prefer not to have this data recorded, you can easily stop this by following instructions here (instructions differ depending on the web browser you’re using): http://files.investis.com/info/disabling-cookies.html
Below is an explanation of the cookies we do use:
Globally and in the European Union member states, Google sets the following cookies:
A persistent cookie – remains on a computer for up to two years or the cookie cache is cleared. It tracks visitors. Metrics associated with the Google __utma cookie include: first visit (unique visit), last visit (returning visit). This also includes Days and Visits to purchase calculations which afford ecommerce websites with data intelligence around purchasing sales funnels.
This cookie expires after 10 minutes of creation, and is used to throttle request rates, to limit data collection on high traffic sites.
__UTMB COOKIE & __UTMC COOKIE
These cookies work in tandem to calculate visit length. Google __utmb cookie demarks the exact arrival time, then Google __utmc registers the precise exit time of the user.
Because __utmb counts entrance visits, it is a session cookie, and expires at the end of the session, e.g. when the user leaves the page. A timestamp of 30 minutes must pass before Google cookie __utmc expires. Given__utmc cannot tell if a browser or website session ends. Therefore, if no new page view is recorded in 30 minutes the cookie is expired.
This is a standard ‘grace period’ in web analytics. Ominture and WebTrends among many others follow the same procedure.
Cookie __utmz monitors the HTTP Referrer and notes where a visitor arrived from, with the referrer siloed into type (Search engine (organic or cpc), direct, social and unaccounted). From the HTTP Referrer the __utmz Cookie also registers, what keyword generated the visit plus geolocation data.
This cookie lasts six months. In tracking terms this Cookie is perhaps the most important as it will tell you about your traffic and help with conversion information such as what source / medium / keyword to attribute for a Goal Conversion.
Google __utmv Cookie lasts for up to two years from the creation time. It is a persistent cookie. It is used for segmentation, data experimentation and the __utmv works hand in hand with the __utmz cookie to improve cookie targeting capabilities.
At SKA we will continue to make additional required operational changes resulting from the new legislation, and will keep our users, partners and regulatory authorities informed throughout this process. We have an internal team who continue to monitor GDPR, and who will continue to inform our strategy, requirements and best practises for GDPR.