Cookies Policy & Privacy Policy

The BrightnESS² website is hosted on the servers of the European Spallation Source (ESS). ESS takes the privacy rights of individuals very seriously. The Cookies Policy and Privacy Policy explain how, why, and when we collect your personal data, as well as your personal data rights.

Cookies Policy

  1. Introduction The European Spallation Source ERIC (“ESS”, “us”, “we”, “our”) uses cookies on https://europeanspallationsource.se (the “Website”). By using the website, you consent to the use of cookies. Our Cookies Policy explains what cookies are, how we use cookies, your choices regarding cookies, and further information about cookies.
  2. What are cookies? Cookies are small pieces of text sent by your web browser to a website you visit. A cookie file is stored in your web browser and allows the website or a third-party to recognise you and make your next visit easier and the website more useful to you. We use “essential”, “session”, and “first-party” cookies:
    • Essential cookies are used to authenticate users and prevent fraudulent use of user accounts. These expire at logout or after a maximum of 24 days.
    • Session cookies do not collect information from your computer and are not retained after the browser is closed.
    • First-party cookies remember you when you return to a previously visited site, are created by the website, and are saved on the device from which you have accessed the website.
  3. Third-party affiliates. In addition to our own cookies, we also allow third-party affiliates, including Google Analytics and Hotjar, to use first-party cookies in order to report usage statistics and to distinguish one website visitor from another.
    We use Google Analytics to measure how users interact with our website content. As you navigate between web pages, Google Analytics provides us with JavaScript tags (libraries) to record information about the page you have seen (for example, the URL of the page). The Google Analytics JavaScript libraries use HTTP Cookies to “remember” what a user has done on previous pages on/interactions with the website. These first-party cookies are used to distinguish users, determine which domain to measure, throttle the request rate, remember traffic source information, determine the start and end of a session, and remember the value of visitor-level custom variables. For further details, please see Google Analytics Cookie Usage on Websites by clicking on this link, and Google’s privacy policy by clicking on this link.
    We also use Hotjar to ensure a user-friendly website and to better understand our users’ needs. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and do not like, etc.) and this enables us to build and maintain our service with anonymous user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour when navigating our website. This includes data collected about our users’ devices (in particular, a device’s IP address [captured and stored only in anonymised form], device screen size, device type [unique device identifiers], browser information, geographic location [country only], and preferred language used to display our website). Hotjar stores this information in a pseudonymised user profile. Neither Hotjar nor ESS will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.
  4. How long are cookies stored? You may delete cookies at any time via your device’s web browser. Automatic expiration periods are as follows:
    • Google Analytics cookies expire after two years and 24 hours.
    • Hotjar cookies expire after 365 days.
  5. What are your choices regarding cookies? If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.
    To opt-out of Google Analytics, please visit this opt-out link.
    To opt-out of Hotjar, please visit this opt-out link.
    Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.
  6. Where can you find more information about cookies? You can learn more about cookies and the following third-party websites:
    AllAboutCookies: http://www.allaboutcookies.org/
    Network Advertising Initiative: http://www.networkadvertising.org/

Privacy Policy

  1. Introduction. The European Spallation Source ERIC (ESS) takes the privacy rights of individuals very seriously. ESS complies with personal data laws (GDPR) by keeping your personal data up-to-date, protecting your information from loss, misuse, unauthorised access, and disclosure by ensuring appropriate technical measures are in place.
    This Policy explains how, why, and when we collect your personal data, as well as your personal data rights.
  2. What personal data do we use? The European Spallation Source website (https://europeanspallationsource.se) automatically logs your IP address, including location data,and cookies, each time you visit.
    For more information about cookies, please see our Cookies Policy.
  3. How do we use and protect your personal data? We use personal data in order to gain insight into how you use the ESS website. We also obtain and log personal data for system security reasons. Any unauthorised attempts to log into the website are recorded and the log of unauthorised activity is used to improve system security. All connections to the website are encrypted.
    The website is hosted on the ESS premises (Lund, Sweden) and is subject to the same backup regime as for many of the other systems.
  4. Why are we allowed to use your personal data? ESS has a legitimate business reason for collecting and using your personal data in order to ensure system security measures are effective.
  5. Will personal data be sent to countries outside the EEA? The essential and session cookies will be processed in Sweden. However, should you consent to the use of cookies on the website, including the cookies used for user-preferences, then your personal data will be sent to countries outside the EEA.
    The cookies used by Google Analytics will be sent to the U.S., a country outside the European Economic Area (EEA). However, Google complies with the EU-US Privacy Shield Network and has an active Privacy Shield certification.
    The cookies used by Hotjar are stored in the European Union, and are therefore not sent to countries outside the EEA.
  6. How long is your personal data stored? We use different types of cookies. Some cookies are stored temporarily and other cookies are stored for a maximum of two years.
    For more information about our use of cookies, including how to opt-out, please see our Cookies Policy.
  7. What rights do you have? Unless subject to an exemption, you have the following rights associated with your personal data:
    (a) The right to request a copy of your personal data held by ESS.
    (b) The right to request ESS transmit your personal data to another data controller/entity.
    (c) The right to request ESS correct any personal data if it is found to be inaccurate or out-of-date.
    (d) The right to request your personal data be erased when it is no longer necessary for ESS to retain such data.
    (e) The right to request a restriction on further processing when there is a dispute over the accuracy of personal data stored.
    (f) The right to lodge a complaint with the Swedish Data Protection Authority (Sw: Datainspektionen).
  8. How do you exercise your rights? You may submit questions or exercise your rights by e-mail to privacy [at] esss.se.
  9. Where else can you exercise your rights? If you believe there has been a violation of your personal data protection rights, you may in the first instance contact privacy [at] esss.se to discuss a solution. If you remain dissatisfied, then you have the right to communicate directly with the Swedish Data Protection Authority (Sw: Datainspektionen) at:
    Datainspektionen
    Box 8114
    104 20 Stockholm
    Telefon: 08-657 61 00
    E-post: mdatainspektionen [at] datainspektionen.se
    Fax: 08-652 86 52