Abstract Metadata
Publishing Environment

There's no data like metadata

Data Privacy Policy

The following applies to the databases available from https://data.cerl.org

In order to run this service and to ensure the best possible user experience for you, we need to store some data about you and how you do use this application, what you have searched for etc. We try to keep this to the absolute minimum possible and will delete any data that we don't need any longer as soon as possible.

The application stores data on your computer in the form of an http session cookie, in the database itself and in separate logfiles. We will explain here what data it stores, why and for how long.

The following applies to users without an account (which is only needed for editing) and who are not logged in. If you create a user account there are a few more chunks of data we need to store in addition to those described here.

1. Session Data

When you browse or search one of our databases, we keep data about

  • a) the current dataset you have selected in order to render the interface correctly
  • b) the interface language you have either selected manually or we have detected from your browser's settings in order to display the interface in that language
  • c) the last search you have performed in a certain dataset so that you can navigate back from a record's full display to the result set or switch between different datasets and always go back to your last result
  • d) your last 20 searches and browselists or record's full display you have been looking at in order to provide you with your personal search history so you can go back to previous searches easily.
  • e) the identifiers of the records you have bookmarked
  • f) a session identifier (session ID)

The data pertaining to your search history (d) and bookmarks (e) are stored on the server using the session id (f) to figure out to which user this data belongs, the other information (a - c and f) is stored in a session cookie on your computer. The session will expire after two hours and ten minutes after your last request to the server or at any time before that if you manually delete the session cookie using your browsers "delete cookies" function.

The search history is stored with an expiry date, which is 2 hours and 10 minutes after the last item had been added. A regular process checks all stored search histories every two hours and deletes those that have expired. The same applies to the bookmarks stored with your session id. (Bookmarks can also be deleted manually from the web interface at any time).

We don't store any personal information like IP addresses with the session data and the data on the server can only be identified as yours as long as the corresponding cookie with the session id exists on your computer.

2. Logfiles

We are logging the use of our databases on two levels. Firstly, there is the webserver's logfile that contains all requests sent by your browser to our server. It contains your IP address and the date and time when that request was made (and a few other chunks of information, see here: https://en.wikipedia.org/wiki/Common_Log_Format).

We start a new logfile every week. In order to be able to detect possible attempts to attack our technical infrastructure we will keep each logfile for another week and then will anonymise it (by changing the last three bytes of each IP-Address to 0) and keep it for statistical analyses at a later point in time. This means, your IP Address will be kept for a maximum of two weeks in our webserver's logfile.

Secondly, there is the logfile which the application keeps itself. Here we make an entry when

  • a search is performed
  • the SRU interface is used
  • an alphabetical browselist is used
  • a record is opened in full display
  • records are downloaded
  • the advanced search form (query builder) is used
  • a record is edited
  • a static resource is displayed
  • database statistics are displayed

This entry contains the date and time when the request was made and the dataset for which it was made. We collect this data to provide real-time statistics on how our databases are used. Our application does not store IP addresses or session ids so this information is completely anonymous and cannot be linked to any particular person or institution.

We will not share our logfiles with any third party unless we are legally obliged to do so.