All data is stored on servers located at the University of Bristol, United Kingdom.
Access to sensitive data via BOS is strictly limited to BOS’s support and technical teams. This access is only permitted when it is at the request of the client concerned or necessary for the investigation of operational issues (or when required by law).
The BOS servers and backups are accessible only by members of the BOS technical team and other authorised members of IT Services within the University of Bristol (such as systems administrators or those responsible for maintaining the backup service).
New users choose their own passwords and will need to enter a username and password each time they log in. BOS issues a cookie to store session information when registered users log in. The session cookie does not include user information and is not retained once the browser is closed.
No cookies are used when survey respondents complete surveys.
All new staff at the University of Bristol, including casual staff, are given a contract of employment containing a confidentiality clause and are made aware of their responsibilities toward restricted university data and personal data as part of their induction process. All University of Bristol IT staff are provided with data security training.
All survey responses are collected over encrypted SSL (TLS) connections. SSL is the standard technology for establishing an encrypted link between a web server and a browser. It ensures that sensitive information can be transmitted securely. All communications within onlinesurveys.ac.uk are also sent over SSL encrypted connections.
BOS user passwords are encrypted using PBKDF2 with a SHA256 hash and a random salt.
BOS’s data stores are backed up daily.
University of Bristol has a data retention policy that means that backups are only held for three months. Backups are stored securely in a separate location from the data centres, but still on the University of Bristol’s campus. After three months the tapes are either recycled or destroyed. BOS enables users to export survey response data in a number of popular formats (see FAQ for details) so that it can be backed up or used with other software.
Users must not share accounts – by this we mean that each person who has access to a BOS account must use a unique username and password. You must not allow other people to use your username and password and multiple users must not log in using a single set of shared credentials (such as a ‘group account’).
Users’ passwords should be sufficiently complicated, stored securely (if stored at all) and not be the same as used on any other system.
You should ensure that you have appropriate levels of security on your own systems should you choose to export sensitive data.
You and/or your institution are the Data Controller for any information collected using surveys run through BOS. If you are not sure of the implications of being a Data Controller please consult the data protection officer (or equivalent) at your institution.