Privacy & Cookies Policies
- Introduction. The European Spallation Source ERIC (ESS) takes the privacy rights of individuals very seriously. ESS complies with personal data laws (GDPR) by keeping your personal data up-to-date, protecting your information from loss, misuse, unauthorised access, and disclosure by ensuring appropriate technical measures are in place.
This Policy explains how, why, and when we collect your personal data, as well as your personal data rights.
- What personal data do we use? The European Spallation Source website (https://europeanspallationsource.se) automatically logs your IP address, including location data,and cookies, each time you visit.
For more information about cookies, please see our Cookies Policy.
- How do we use and protect your personal data? We use personal data in order to gain insight into how you use the ESS website. We also obtain and log personal data for system security reasons. Any unauthorised attempts to log into the website are recorded and the log of unauthorised activity is used to improve system security. All connections to the website are encrypted.
The website is hosted on the ESS premises (Lund, Sweden) and is subject to the same backup regime as for many of the other systems.
- Why are we allowed to use your personal data? ESS has a legitimate business reason for collecting and using your personal data in order to ensure system security measures are effective.
The cookies used by Google Analytics will be sent to the U.S., a country outside the European Economic Area (EEA). However, Google complies with the EU-US Privacy Shield Network and has an active Privacy Shield certification.
The cookies used by Hotjar are stored in the European Union, and are therefore not sent to countries outside the EEA.
- How long is your personal data stored? We use different types of cookies. Some cookies are stored temporarily and other cookies are stored for a maximum of two years.
- What rights do you have? Unless subject to an exemption, you have the following rights associated with your personal data:
(a) The right to request a copy of your personal data held by ESS.
(b) The right to request ESS transmit your personal data to another data controller/entity.
(c) The right to request ESS correct any personal data if it is found to be inaccurate or out-of-date.
(d) The right to request your personal data be erased when it is no longer necessary for ESS to retain such data.
(e) The right to request a restriction on further processing when there is a dispute over the accuracy of personal data stored.
(f) The right to lodge a complaint with the Swedish Data Protection Authority (Sw: Datainspektionen).
- How do you exercise your rights? You may submit questions or exercise your rights by e-mail to email@example.com.
- Where else can you exercise your rights? If you believe there has been a violation of your personal data protection rights, you may in the first instance contact firstname.lastname@example.org to discuss a solution. If you remain dissatisfied, then you have the right to communicate directly with the Swedish Data Protection Authority (Sw: Datainspektionen) at:
104 20 Stockholm
Telefon: 08-657 61 00
Fax: 08-652 86 52
- What are cookies? Cookies are small pieces of text sent by your web browser to a website you visit. A cookie file is stored in your web browser and allows the website or a third-party to recognise you and make your next visit easier and the website more useful to you. We use “essential”, “session”, and “first-party” cookies:
• Essential cookies are used to authenticate users and prevent fraudulent use of user accounts. These expire at logout or after a maximum of 24 days.
• Session cookies do not collect information from your computer and are not retained after the browser is closed.
• First-party cookies remember you when you return to a previously visited site, are created by the website, and are saved on the device from which you have accessed the website.
- Third-party affiliates. In addition to our own cookies, we also allow third-party affiliates, including Google Analytics and Hotjar, to use first-party cookies in order to report usage statistics and to distinguish one website visitor from another.
- How long are cookies stored? You may delete cookies at any time via your device’s web browser. Automatic expiration periods are as follows:
• Google Analytics cookies expire after two years and 24 hours.
• Hotjar cookies expire after 365 days.
To opt-out of Google Analytics, please visit this opt-out link.
To opt-out of Hotjar, please visit this opt-out link.
Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.
- Where can you find more information about cookies? You can learn more about cookies and the following third-party websites:
All About Cookies: http://www.allaboutcookies.org/
Network Advertising Initiative: http://www.networkadvertising.org/