The information on this page refers solely to your privacy in relation to the use of this website and the data we collect on it.

What information do we collect?

When you visit our website, you may provide us with personal information such as your name, address, email address or telephone number.

Here are some examples of when you can provide us with personal information on this website:

• when contacting us with an enquiry either via webform or email link
• when signing up to a newsletter
• when giving feedback, filling out a form

Anonymous information is automatically collected for every visitor to this site. We collect anonymous information about how you have used our website and the technology you have used to access it.

What do we do with your personal information?

The personal information we receive from you is used only in the context in which it was submitted.

For example, if you apply for a course, we will use your details to process your application. If you send us your telephone number via an enquiry form we may use your telephone number to call you in response to your enquiry.

In providing personal information you consent to the transfer of such personal information, and the collection and processing of such information in other countries or territories. Any such transfer and processing by us will be in accordance with this privacy statement.

Any information you provide to us will only be used by Royal Marsden School staff and on occasion, our agents and services providers. It will not be disclosed in any other way unless we are obliged to do so by law. 

What do we do with anonymous information?

The anonymous information we collect is used to help us improve our website and the information on it.

It helps us to understand how our website is being used and how we can make it better. 

Here are some examples of the anonymous information we collect:

• Pages viewed
• Feedback rating 
• Feedback text (This would be treated as personal information if you chose to include any personal details within your feedback).
• IP address (Not stored and only used to determine city / country)
• Browser type
• Browser language
• Operating system
• Viewport of the screen

We do not make any association between the anonymous information we collect and a visitor's identity.

How do we keep your data secure?

We are subject to UK law and the Data Protection Act 1998. We will ensure your information is safe and managed correctly. Personally identifiable information is stored on our severs and is not publicly accessible. 

In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Personally identifiable information is only accessed by The Royal Marsden School staff on a need to know basis. 

Any information you send to us over the internet is encrypted using secure socket layer technology (SSL). 

You may request details of personal information which we hold about you under the Data Protection Act 1998.

While we take the necessary steps to make your information safe, please keep in mind that no method of transmission of data over the internet is 100% secure.

Do we place cookies on your device?

Like most websites, we use cookies (small data files that are sent to your device when you visit the site) to gather and store information about your visit to our website.

We use some cookies to help make the website work and we use other cookies to help us make the site better. Some cookies are set by our own servers, others are set by third parties. 

The cookies we use on this site cannot be used to identify you individually.  

Our cookie policy

To make full use of our website you need to accept cookies. Without cookies you can still visit our website but some features won't work.

If you would like to limit or block the usage of cookies you can do so in your browser settings. 

You can learn more about cookies and how to manage them yourself at www.aboutcookies.org.

What cookies do we place?

In addition to the cookies set by our website, a visit to this site will also set cookies from other services that we have decided to use in order to help improve our site.  These services are described below.

Google Analytics

We use this service to track and monitor website usage.  We have chosen to enable features of this service known as 'advertiser features'. These features benefit us by allowing us to see more information about how this website is used. By enabling these features we enable Google Analytics to collect data about site traffic via Google advertising cookies and anonymous identifiers.

If you would rather that your visits to this website are not recorded then please consider looking at Google Analytics' currently available opt-outs.

Google Analytics sets these cookies on your device:

• _ga is used to distinguish users. This cookie does not contain any personal information. It expires after two years.
   
• __Utma keeps track of the number of times a visitor has been to the site, when their first visit was, and when their last visit occurred. This a persistent cookie and does not expire.
   
• __Utmc  takes a timestamp of the exact moment in time when a visitor leaves a site. It expires after 30 minutes.
   
•  __Utmz  keeps track of the page a visitor came from to get to the site. It expires after six months.
   
• _dc_gtm_UA-32175898-1 is used to add the Google Analytics code from Google Tag Manager. It expires after 10 minutes.

Vimeo

Some pages on our website include videos. These videos are embedded from Vimeo. Vimeo sets cookies when you visit our pages with video embeds. The Royal Marsden cannot control which cookies Vimeo sets. 

In light of this we are reviewing our use of Vimeo for video content on our website. Please consult Vimeo's cookie policy and cookie list for further information. 

CloudFlare

We use this service to deliver a significantly improved site performance, making the site faster and more reliable for you to use. This service also offers us protection from DDoS (distributed denial of service) attacks.

CloudFlare sets these cookies on your device:

• __Cfduid  is used to override any security restrictions based on the IP address the visitor is coming from. For example, if the visitor is using the wifi in a coffee shop where there are infected machines also using the wifi network, but the visitor's machine is known trusted, then the cookie can override the security setting. It does not correspond to any user id in the web application, nor does the cookie store any personally identifiable information. This cookie expires after 5 years.

You can read CloudFlare's privacy and security policy for further information.

Hotjar

We use this service to help us better understand how you are using our website and how we can make it better through a range of tools such as heatmaps, feedback polls and surveys.

Hotjar sets these cookies on your device:

• _hjUserId is set as soon as a user loads a page which contains the Hotjar code. The cookie contains a universally unique identifier (UUID) which allows Hotjar to track the same visitor across multiple pages and sessions. It expires after 365 days.
   
• _hjClosedSurveyInvites is set once a visitor interacts with a survey invitation modal popup. It is used to ensure that the same invite does not re-appear if it has already been shown. It expires after 365 days.
   
• _hjDonePolls is set once a visitor completes a poll. It is used to ensure that the same poll does not re-appear if it has already been filled in. It expires after 365 days.
   
•  _hjMinimizedPolls is set once a visitor minimizes a Feedback Poll widget. It is used to ensure that the widget stays minimizes when the visitor navigates through your site. It expires after 365 days.
   
•  _hjDoneTestersWidgets is set once a visitor submits their information in the Recruit User Testers widget. It is used to ensure that the same form does not re-appear if it has already been filled in. It expires after 365 days.
   
•  _hjMinimizedTestersWidgets is set once a visitor minimizes a Recruit User Testers widget. It is used to ensure that the widget stays minimizes when the visitor navigates through your site. It expires after 365 days.
   
•  _hjDoneSurveys is set once a visitor completes a survey. It is used to only load the survey content if the visitor hasn't completed the survey yet. It expires after 365 days.
   
• _hjIncludedInSample is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels. It is a session cookie and expires when the visitor closes their browser.
   
• optimizelyEndUserId Contains the end user's unique identifier. It is a combination of a timestamp and random number. No personal information is stored. It expires after 10 years.
   
• optimizelySegments Stores the user's audience and dimension information (e.g., browser, campaign, mobile, source type, custom dimensions). It expires after 10 years.
   
• optimizelyBuckets Stores the experiments and variations of the site that a user has been bucketed into. This ensures the user consistently sees the same variation, even over multiple sessions. It expires after 10 years.

You can read Hotjar's cookie information for further information.

Changes to this statement

As we add functionality and make improvements to our website, it is possible that there will be new ways in which we can capture personal information, as well as setting additional or different cookies. 

Given this, we reserve the right to make changes to this statement without notice and at our sole discretion.

We recommend you check this page regularly to make sure you are familiar with these changes. 

This document was last modified on Monday 16 November 2015.