Privacy Policy

The Austrian Centre for Digital Humanities (ACDH) at the Österreichische Akademie der Wissenschaften (ÖAW) operates ARCHE. This document informs about ACDH policies regarding the collection, use and disclosure of personal information received from users of ARCHE.

ACDH takes the protection of personal information seriously  and uses it only for providing and improving ARCHE’s services. By using the services, the user agrees to the collection and use of information in accordance with this policy and the General Data Protection Regulation.

Generally the use of ARCHE is possible without indication of personal Information. Collection of personal information is required e.g. for registering as a user or depositing resources, which is voluntary. The information is not shared with third parties without explicit consent from the user.

Name of the Service

ARCHE - A Resource Centre for HumanitiEs

Description of the Service

ARCHE offers deposition and stable hosting of digital research data for the Austrian humanities community. The service is designed to cover a wide range of humanities research data, including (annotated) digital texts, lexical resources, tabular data, databases, images, collections containing GIS, 3D or CAD data, multimedia files (sound and/or video), websites and social media data, etc. as well as software (applications, source code, etc.).

Personal Data Processed

In case you login to the service via Federated Login (Shibboleth), following personal data is processed:

  • Data requested as required from user’s home organisation:
    • SAML persistent identifier (attribute: eduPersonTargetedID) - unique ID to identify the user
  • Data requested (optional) from user’s home organisation:
    • alternative identifier (attribute: eduPersonPrincipalName)
    • user’s name (attributes: displayName, sn, givenName)
    • user’s email (attribute: mail)
    • user’s affiliation within the home institution (attribute: eduPersonScopedAffiliation)
  • Data is gathered from the user:
    • in case the home organisation does not provide some of the requested attributes, the user might  be requested to provide the missing information in order to use certain functionality, or otherwise this functionality may not be available to the user.
    • in case user makes use of personalization functionality (e.g. store personalized workspace settings)
    • in case the user is contributor to the resources (work in a collaborative environment) all the changes are tracked
  • General network traffic data (like IP address or referrer) is logged and is used in anonymized usage statistics.

Purpose of the Processing of Personal Data

The unique user identifier is needed to recognize the user over sessions, to be able to associate user-related information (customisation, authorisation settings, user-generated content). The identification of the user as well as the affiliation information serves as a means to determine the authorization to access protected resources (which may be granted to certain groups, like members of an institute or partners in a project).

Attributes concerning user's name are used in communication with the user (via e-mail and on the website) and for marking user's contribution. If the requested attributes are obtained, they are used by default, the user still has the possibility to change the display name.

The user's affiliation can be used for managing access to resources (authorisation), e.g. if access to a resource is granted to members of an institute. If no information about affiliation is available, user-based authorisation is used.

Providing an email address allows the user to be notified of news, or activity on the platform, especially changes by other members of a team working on common resource collection. This is not a critical functionality, thus the email attribute is optional. ACDH may use the user’s personal information to contact the user with newsletters and other information regarding the services of ARCHE

General network traffic data is logged to generate anonymised statistics about the use of our resources, for which Piwik (see respective section) is used.

Cookies

Cookies are files with small amount of harmless data, which may include an anonymous unique identifier. Cookies are sent to the user’s browser from a web site and stored on the user’s hard drive.

Like many sites, ACDH uses cookies. Cookies that collect information do this solely for the purpose of improving ARCHE’s services and enhance user experience. The user can instruct his browser to refuse all cookies or to indicate when a cookie is being sent. However, if the user does not accept cookies, he may not be able to use some portions of ARCHE’s services.

ARCHE uses both session and persistent cookies to enable certain functions of ARCHE’s service, to provide analytics and to store user preferences. Cookies are not used for advertising purposes.

Piwik

Like most website operators, ARCHE collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. For this purpose an own instance of Piwik is used.

ARCHE’s purpose in collecting non-personally identifying information is to better understand how ARCHE’s visitors use its website and services. ARCHE may release non-personally-identifying information in the aggregate, e.g. by publishing a report on trends in the usage of its website, to reveal how many downloads a particular resource got or to say which resources are most popular.

ARCHE also collects potentially personally-identifying information like Internet Protocol (IP) addresses. ARCHE does not use such information to identify its visitors, however, and does not disclose such information, other than under the same circumstances that it uses and discloses personally-identifying information, as described above.

OPT-OUT OPTION TO COME

Third Parties to whom Personal Data is Disclosed

No personal data will be disclosed to third parties.

Security

The security of personal information is important to ACDH, but no method of transmission over the Internet, or method of electronic storage, is 100% secure. While ACDH strives to use commercially acceptable means to protect personal information, it cannot guarantee its absolute security.

How to Access, Rectify and Delete the Personal Data

If you need to access, rectify and/or delete any personal data we store about you or which you provided to us please contact us. Contact details can be found in Data Controller and Contact Person.

Changes to this Privacy Policy

This Privacy Policy is effective as of September 2017 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

ACDH reserves the right to update or change its Privacy Policy at any time and the user should check this Privacy Policy periodically. The user’s continued use of the Service after any modifications are posted to the Privacy Policy on this page will constitute the user’s acknowledgment of the modifications and consent to abide and be bound by the modified Privacy Policy.

If ACDH makes any material changes to this Privacy Policy, it will notify the user either through the e-mail address provided, or by placing a prominent notice on ARCHE’s website.

Data Protection Code of Conduct

User’s personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect user privacy.

Data Controller and Contact Person

ARCHE
Austrian Centre for Digital Humanities
Austrian Academy of Sciences (ÖAW)
Sonnenfelsgasse 19
1010, Wien
Austria
E-mail: acdh@oeaw.ac.at

Jurisdiction

The provisions of Austrian law apply to this agreement. Place of jurisdiction is Vienna.