Products & Statistics
Statistics
Information
Latest
- Finances of HE 2010/11
  Now available to purchase
- Planning Plus 2012
  Now available to purchase
Close menu
Data Collection
Data collection streams
Submit data to HESA
Support with data collection
- Institutional liaison
- Support centre
Generic coding frames
- JACS version 3.0
- Cost centres
Archives
- Circulars library
- Coding manual library
Close menu
Training & Support
Training
Support Centre
Close menu
About HESA
About Us
Compliance
Website
Other HESA sites
- Landscape
- Benchmarking
Close menu

C11041 Campus Information System return date is 1 June 2012. View details
HE Business and Community Interaction Survey Publication 2010/11 to be released 24 May. Pre-order your copy now.
C12025 Staff collection coding manual version 1.3 is now live
C12061 KIS record coding manual v1.3 available at C12061
C11051 Student xml validation kit rules now available. Download kit
Did you know you can follow HESA on twitter? @UkHESA

HESA website privacy policy

General

We want to protect the privacy of visitors to our website and of individuals who give us their personal details. Please read the following policy; it will help you to understand how we use personal data. We may change our privacy policy at any time without giving you notice, so please check it each time you visit this website.

Whenever you give us personal data, you are consenting to its collection and use in accordance with this privacy policy.

What personal data do we collect?

We log your Internet Protocol (IP) address in order to receive and send information from and to you over the internet.

When you register for any of our seminars or other services, make an enquiry, report a problem or order products or services from us, you may be asked to provide some personal data such as your name, home, business or billing address, telephone number, e-mail address, and credit or debit card number.

Please DO NOT send us any personal data about anyone else without first obtaining their express permission - for example, if you are registering colleagues for one of our seminars, please check with them first.

Cookies

The HESA website uses cookies, none of which contain any personal data whatsoever.

A cookie is a small piece of data or message that is sent from a web server to your browser and may be stored on your hard drive. A cookie can't read data off your hard disk or read cookie files created by other sites. Cookies do not damage your system.

You can set your browser so as to refuse any cookie or to alert you to when a cookie is being sent. If you refuse cookies, some websites may not function.

Some websites use cookies in ethically questionable ways in order to track your movements across the web, so that they can find out things about you and use it to sell you things. HESA does NOT engage in this behaviour and never will.

The HESA website uses the following cookies:

'isHESAUser' - this is a simple cookie which stores whether or not the computer being used to access the HESA website is in HESA's office. If it is, we know that it is a member of staff, and the website will attempt to display links to staff-only content (ie, links to edit the page being looked at, links to sections of the site which contain draft articles, etc). It contains either 'y' or 'n', and nothing else. Even if the value of this cookie were manually changed to 'y', no HESA-only content would be displayed outside the office - it is used simply to stop browsers outside the office from trying to access and display this content. This would make pages slower to load and waste your time.

'PHPSESSID' - this is a simple cookie which contains a unique identifier used by the website to identify the computer (not the person) accessing the website. It is just a random series of letters and characters: for example, as I write this, it's value for me is 'qvo820de9qlgk68bh8d2jh488n0915fl'. We don't match this up to any personal data anywhere, and as the name suggests it is a session cookie and does not persist from one visit to the HESA website to the next (session identiers are deleted after an hour or so). What it *is* used for are things like values you type into a data request form: if you were to enter an invalid value into a form then we'd have to show you the form again so you could correct it. The web server remembers - temporarily - what you entered, and stores it against your PHPSESSID. It knows it was you that entered it because the PHPSESSID cookie on your browser contains the same string of letters and numbers. The net effect of all this is that you don't have to fill in everything on the form again until you get it right first time.

'18422ae10f92dce0a7b434ff353895f8' - or similar. This is basically the same as the PHPSESSID as above, but for extra security the identifier is also hashed. This cookie is used by the content management system software we use - called Joomla - for similar purposes as 'PHPSESSID'. It is primarily used by the HESA-only area of the site and is of limited relevance to the public areas of the site.

'numberOfItemsInCart' and 'valueOfItemsInCart' - these two cookies only come into play if you click a 'purchase' link next to one of the publications on our site in order to buy it. They contain exactly what they say they do - the number of items in your shopping basket and the total value of the items in your shopping cart. They are used so that we can display these two figures to you wherever you browse on the HESA website without having to reload all the content on the page: this makes the website faster.

'__utm?' - (where '?' can be a, b, c or z). These are cookies used by Google Analytics. We use Google's analytics service in order to get information on how many people are visiting our site, what pages are being visited most, what operating systems and browsers are being used to look at our site, what size screen most of our users have and other bits of information which are really useful to web developers as it allows us to design websites which are best suited to the majority of people looking at them. Google analytics doesn't collect any personal information - about the most identifiable datum collected is the Internet Protocol address of the computer being used to look at the site, which, if we were willing to accept a really quite high level of inaccuracy, would possibly tell us what country you were in. (It is worth noting that if your computer didn't tell us your IP address, there would be no way of sending you the pages you want to look at anyway).

How do we use your personal data?

We use your personal data to provide goods and services to you or your organisation, to let you know about other goods and services in which you may be interested, to inform you about changes and improvements to our website, and for direct marketing purposes (but we do give you the option to opt out of this).

We may also use your personal data to monitor the use of our website, to record traffic flows and to carry out research about our visitors’ and customers’ demographics, interests and behaviour. We do this to understand our visitors, customers and potential customers better.

When you give us personal data, those data may be sent electronically to servers anywhere in the world and may be used, stored and processed anywhere in the world, including countries outside the European Economic Area. (Bear in mind that many countries outside the EEA do not adequately protect your rights as a data subject.)

Whenever and wherever we collect, process or use personal data, we take stringent steps to ensure that it is treated securely and in accordance with our privacy policy.

To whom might we disclose your personal data?

We may pass your personal data to anyone who needs those data in order to fulfil your requests for our goods and services (ie, we use the Royal Mail to deliver our products: in doing so, it is unavoidable that we give them your address), or to validate any payment details you give to us (we use a company called Realex payments, based in Ireland, to do this). Some of these people may be located outside the European Economic Area (EEA).

Except as set out above, or when we are obliged to do so by law, we do not pass ANY data on to third party companies for marketing or any other purposes. You will never receive third party marketing emails or spam as a result of any dealings with HESA.

Direct Marketing

HESA operates an opt-out system for direct marketing. On any electronic form you use to contact HESA, we will give you the option to opt-out of receiving any marketing information from us.

You may at any time contact HESA to request that we do not send you any marketing information, although we are committed to NOT sending out too many marketing emails, and only when we feel that the customer would have a genuine interest in the information provided. We do not, and never will, engage in spamming.

Links

Our website contains links to other websites. We are not responsible for the privacy practices or content of other sites. We encourage our visitors to be aware when they leave our website, and to read the privacy policy of other sites that collect or use personal data. This privacy policy applies only to personal data collected by HESA.

Security

Unfortunately, no data transmission over the internet or any other network can be guaranteed as 100% secure, but we take appropriate steps to try to protect the security of your personal data.

Further information

Individuals have certain rights of access to their personal data. More information on this can be found on the data protection page .

You can also find further legally-mandated information about HESA on the overview page and the governance page .

This policy applies only to this website, found at http://www.hesa.ac.uk. This policy does not cover any other website operated by HESA or HESA Services Ltd.

This privacy policy is based upon that of JANET , the UK's Education and Research Network.

Statistics

Information

Latest

Data collection streams

Submit data to HESA

Support with data collection

Generic coding frames

Archives

Training

Support Centre

About Us

Compliance

Website

Other HESA sites