• Sign up for email newsletter
• Five year rolling plan
• Site map
• Contact us
• Privacy statement
• Disclaimer

Privacy statement

The Quality Assurance Agency for Higher Education (QAA) respects your privacy. The information that you provide us with, or that is gathered automatically, helps us to monitor our services and provide you with the most relevant information.

• Websites
• Email
• Voicemail
• Testing and training
• Notification of changes to policy
• Summary of terms

This policy was last reviewed on 9 June 2010.

Websites

This policy applies to all of the websites developed by QAA, which include www.qaa.ac.uk, www.accesstohe.ac.uk, and www.enhancementthemes.ac.uk.

Links
Our websites contain links to other sites. QAA is not responsible for the privacy practices within any of these other sites. We encourage you to be aware of this when you leave our sites and to read the privacy statements on other websites you visit which collect personally identifiable information. This privacy statement applies solely to information collected on our websites.

Cookies
We use a type of cookie called a 'session variable' that stores information about particular choices you have made during your visit to the website – for example your preferred language choice if you have selected a Welsh language page. These cookies expire when you close your browser. We do not use cookies for collecting personal information from the site.

What information is collected?
No personal information about you is recorded unless you fill in a survey or complete a form. Any personal data that is collected is stored in compliance with the Data Protection Act 1998.

It is standard practice for web servers to collect data automatically about all requests for files (web pages, images, and so on). Data gathered by QAA web servers include:

• your IP address
• details about your web browser
• details about the files requested
• date and time of requests
• for each file requested, the referring page, if any, from which you may have followed a hyperlink
• search terms and search results
• the domain from which your request originated
• your username, if you have authenticated with the webserver (none of our public websites currently require you to enter a username and password).

What does QAA do with the information?
Analysis of web usage may be used for:

• systems and performance monitoring
• research
• marketing (for example analysis of demographic information and user behaviour).

Information gathered will not be used to contact users, except where consent has been explicitly given or where security incidents are under investigation.

Personal data will not be passed on to third parties and will remain confidential unless explicitly stated (for example, if a web form is gathering data to be passed on to an external partner). However, data may be passed to the police and other authorities where it is required in the investigation of illegal activities and security breaches.

Where data is passed to third parties, it is done so in compliance with the Data Protection Act 1998. For more information about QAA's Data Protection policy, please see: www.qaa.ac.uk/aboutus/policy/dataprotection.asp.

Email

QAA retains a copy of all emails sent in and out of our network for a set period of time. This data is held securely and will be released to third parties only when QAA believes the release is appropriate to comply with the law.

Voicemail

QAA retains copies of all voicemail recorded as an audio attachment within the email system. As with text-based email, these recordings may be copied/forwarded within the email system, and they are retained for a set period of time. Audio data is held securely and could be released to third parties if QAA believes this is appropriate to comply with the law.

Testing and training

Test data
To ensure that the systems are tested thoroughly, QAA uses recent copies of live data from existing systems. This ensures that the system can cope with comparable volumes of information, that a wide range of realistic scenarios is covered, and that the test will reflect all the possible combinations that occur in the real environment. Test systems are isolated from external networks to ensure that live systems are not compromised.

QAA's use of data for training purposes
Training may be undertaken using the live or test environment. In either case, the people accessing the data will be limited to those who would have access to it in the real environment, and have completed the appropriate non-disclosure and confidentiality agreements where necessary.

Notification of changes to policy

If we decide to change our privacy policy, we will post details of any changes on this page. This will help ensure that you are always aware of what information we collect, how we use it, and under what circumstances, if any, we share it with other parties.

If you have any concerns, questions or comments please contact our communications team: comms@qaa.ac.uk.

---

Summary of terms

Browser
Used to locate and display web pages via a software application.

Cookie
Message given to a web browser by a web server. The message is then stored by the browser in a text file called cookie.txt. Each time the browser requests a page from the server, this message is sent back. 
A cookie's main objective is to identify users and/or personalise their visit by customising web pages for them, for example by welcoming them by name next time they visit the same site or remembering previously selected choices. 

IP (Internet Protocol)
All networks connected to the internet use IP, the technical standard which allows data to be transmitted between two devices. TCP/IP (Transmission Control Protocol/Internet Protocol) is responsible for making sure messages get from one host to another and that the messages are understood.

IP address
If you are connected to the internet you have an IP address. It may look something like this: 195.185.99.9.

Web server
Delivers (serves up) web pages to your computer.

• Privacy statement | 
• Disclaimer