skip to navigation skip to content

Self-Service Gateway

Privacy

This page describes the personal data and cookies processed and stored by the Self-Service Gateway. The Self-Service Gateway can be found at https://selfservice.uis.cam.ac.uk/

This policy does not apply to services provided through the Self-Service Gateway which have their own individual privacy policies.

Personal data

We store an audit trail indefinitely of the operations users perform on the Self-Service Gateway. This information is available to the University Information Services staff who administer and support the Self-Service Gateway.

This information includes, but is not limited to:

  • your CRSid and email address

We also collect anonymous statistics on user activity on the Self-Service Gateway, which we use to report on usage of the service, monitor its health and improve its operation. We retain these anonymous statistics indefinitely.

We store standard web server logs, which include details such as:

  • your internet address
  • timestamp of your transaction(s)
  • details of the pages and resources your web browser requests from us
  • the make and version of your web browser

We retain these web server logs for 14 days then delete them. We retain anonymous statistical data beyond that point for reporting purposes. We use this information to report on usage of the service, monitor its health and improve its operation.

We also store standard operating system logs for 7 days then delete them. These logs provide system diagnostic information and do not contain any personally-identifiable information.

We may retain relevant log files for longer if an investigation is under way for the purposes of assisting with the investigation.

Payment information

We store any purchase orders PDFs that you upload as a means of payment for services provided through the Self-Service Gateway.

We do not gather or store any payment card details.

When you submit your payment card details, you are submitting them directly to a third-party payment processor. The payment processor is compliant with the Payment Card Industry Data Security Standard (PCI DSS).

We retain information (metadata) indefinitely about financial transactions we have processed. This metadata does not contain any personally-identifiable information.

Disclosure of information

We may pass anonymous statistical data to third parties for processing and visualisation by their analytical software.

We may pass relevant subsets of the data we collect to computer security teams as part of investigations of computer misuse involving this site or other computing equipment in the University.

We may pass data to the administrators of other computer systems to enable investigation of problems accessing this service or of system misconfiguration.

Any data included in information passed to contractors and computer maintenance organisations working for the University will be covered by appropriate non-disclosure agreements.

We do not otherwise pass any data to any third party except if required by law.

We may extract and publish summary statistics from the data, but those that are will not include information from which individuals can be identified.

Cookies

The Self-Service Gateway may set one or more cookies in your web browser that are essential for the operation of the site. These are set during a browsing session and will be deleted by your browser when that session ends, or if you choose to manually clear the cookies stored in your browser. Cookies are used internally by the Self-Service Gateway for session management.

Further information

If you require further information or have any questions relating to these terms of service, please email ssgw@uis.cam.ac.uk.

The Self-Service Gateway is provided by University Information Services.

Need help?

Terms and conditions

Privacy & cookie policy