Metadata Privacy Policy

Astun are committed to keeping your personal data private and secure

About the Metadata Catalogue

Astun Technology operate a number of Metadata Catalogues on behalf of our customers for whom we act as a data processor.

What personal information do we collect?

The following personal data is collected.

  • A unique identifier for your computer (known as the “IP address“), which identifies where your web browsing session originates from via your broadband provider or organisation’s computer network.  This is used for the purposes of collecting statistics about the popularity of different search terms within the catalogue, and for routine support and maintenance of the web service.  Search statistics are visible to our customers but cannot be used to identify individuals.   Astun Technology do not use Google Analytics for any generic visitor statistics although our customers may do so. 
  • A couple of small files  (“cookies”) which are saved locally to the computer you are browsing the catalogue from.  A “session cookie” is used to hold information about your browsing session to ensure that your access to the catalogue is secure and that you have the correct level of permission – for example, to determine whether you are able to query the catalogue, or contribute to it.  This cookie expires when you close your browser.  There is also a “localisation cookie” which persists between visits to the catalogue, and remembers certain settings between browsing sessions (for example whether you accepted the cookie notice).
  • For contributors to the catalogue only,  we also collect an email address, tied to a specific username.  This is used as your unique identifier for the purposes of logging in, for password recovery, and for notification messages if enabled.  Contributors may optionally complete other profile information such as address and telephone number.

What do we do with this personal information?

Personal information is collected solely for the purposes of running the catalogue, including the creation of backups, which are retained for 5 days.  We take all due care and attention to protect the confidentiality of your information, including thorough security testing, scheduled deletion of log files, controlled access to servers etc.  We do not make your data available to any third parties for marketing purposes, or for any other reason except if required by law.   

Access to your personal information

You are entitled to view, amend, or delete the personal information that we hold.  Please email your subject access request to the data protection officer for the organisation responsible for the catalogue, upon whose instruction we will act within 30 days.

This policy was last updated on 21 May 2018