GDPR: Data Protection Policy - Google Analytics
The Data Controller is Homerton College, Cambridge. Questions on this Statement should be addressed to the College’s Data Protection Officer, Homerton College, Cambridge, CB2 8PH. 01223 747180 -email@example.com
The scope of this policy covers Homerton website users
What data is processed, and why?
In relation to google analytics:
- No personally identifiable data is sent to google analytics from the Homerton website
- We do not use Google’s user ID feature
- We do not use Google’s ad-word accounts
- We anonymize visitors IP addresses by removing the last octet of their IP address prior to storage on Google servers.
- The Google Analytics data is only used to help provide and maintain the Analytics service to enable Homerton to determine site traffic, page popularity, country source.
Where does the data come from?
Collected when browsing the Homerton website via cookies.
Sharing with Third Parties
Homerton College is the data controller. Google Analytics is the data processor.
We do not allow sharing of data for Google products and services, Benchmarking, technical support, account specialists or sales experts.
Retention of data
User and event data retention period associated with cookies will be retained for 14 months from the last use/site access. https://support.google.com/analytics/answer/7667196
Rights of the Data Subject
Those whose personal data is recorded by these means – the data subjects – have the right: to ask for access to, rectification or erasure of their personal information; to restrict processing (pending correction or deletion); to object to communications; and to ask for the transfer of their personal information electronically to a third party (data portability).
Some of these rights are not automatic, and we reserve the right to discuss with the data subject why we might not comply with a request from them to exercise such rights.
If data subjects have questions or concerns about their personal information, or how it used, they are invited to speak to the Data Protection Officer.