Like every organisation that runs a web site, we’ve been considering how to comply with the new Cookie Law that came into effect at the end of May. And like many others we’ve developed a Privacy Policy and a Cookie Policy to clarify how we use personal data and cookies on JISC CETIS sites.
The privacy policy sets out the ways in which we collect personal data and what our intention is in collecting that data. Actually, since we don’t maintain a user database, the only times we collect personal data, are when users log into our wiki, or register for an event. However, we are increasingly using external services like Eventbrite to manage event registration, which means asking people to submit their name and email address to Eventbrite.
Our Cookie policy is based on the ICC guidance and essentially asks users for their implied consent to our use of cookies. The policy outlines the four categories of cookies and gives details of those we use on the JISC CETIS site. Like many other JISC services we now use Google Analytics to monitor how users are using our site. This helps us justify our work, but also understand what readers find useful and would like to see more of. The anonymous data we’ve collected through Google Analytics has enabled us to analyse the impact of some of our communications tools. For example, by using Google Analytics we now know that our newsletter is still widely read, and brings over 80 visitors to the site within two days of circulation.
Our current Learning Analytics project Analytics Reconnoitre is exploring many of the issues around collecting and analysing user data.
There is quite a lot of information available on complying with the new legislation. We found the following particularly useful:
JISC podcast:Cookie Law next steps
JISC’s Privacy and Cookie policies
We’d appreciate any feedback on our new policies and how you feel about cookies and using your data for web analytics. (And thanks to colleagues David Sherlock and Sharon Perry for writing the policies!).