CAIDA Privacy Practices


Please read below to see how we use – or process – your data and how we protect your privacy. We aim to be clear when we collect personal information and not do anything you would not reasonably expect.

Data we process:

  • Workshop registrations
  • Dataset requests
  • Surveys

How we use your identifiable data:

  • to deliver and administer workshop programming and enable your participation at events,
  • to process dataset requests,
  • to provide you with technical support,
  • to process and handle any complaints or inquiries made by you or legally on your behalf,
  • to assess or appraise our process for administering workshops,
  • when required or permitted by law, to disclose Form Data to authorities who can request this information by law that is binding on UC San Diego,
  • to improve website/application functionality, improve content, monitor website performance, and answer specific questions about the usage and performance of the website,
  • to compile statistics and conduct research for internal and statutory reporting purposes,
  • to solicit feedback about our website or a workshop, and
  • for use in IRB-approved research projects.

Others who process identifiable data:

  • GitHub
  • G Suite for Education
  • Zoom Video Communications

How we protect your data:

  • by storing information we collect on computer systems located in controlled facilities with limited access;
  • by protecting the transmission of your information over the Internet, through the use of encryption, such as the Secure Socket Layer (SSL) protocol;
  • by using a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosures; and
  • by limiting access to data to only authorized personnel.

Your rights:

  • Access your Form Data, as well as information relating to the recipients of Form Data, the purposes of processing Form Data, the duration for which the Form Data will be stored, and the source of Form Data that has not been provided by you;

  • Rectify or correct inaccurate or incomplete Form Data concerning you, taking into account the purposes of the processing, and the right to have incomplete Form Data completed;

  • Move your Form Data to another controller or processor. UC will facilitate the lawful transfer of your data to the extent possible;

  • Have your Form Data erased in certain circumstances;

  • Restrict the processing of your Form Data in certain circumstances;

  • Object to the processing of Form Data in certain circumstances;

  • Withdraw your consent to the processing of your Form Data. The withdrawal does not affect the lawfulness of processing based on your consent before its withdrawal.

  • Know whether your or your Form Data are being used for automated decision-making, including profiling. In those cases, UC will give you meaningful information about the logic involved, the significance and the envisaged consequences of such processing for your data, and the right to request human intervention; and

  • Lodge a complaint with a supervisory authority.

Our contacts:

For more detailed information, please read our full statement below.


Who we are and what we do

The Center for Applied Internet Data Analysis (“CAIDA”) conducts network research and builds research infrastructure to support large-scale data collection, curation, and data distribution to the scientific research community. CAIDA is based at the San Diego Supercomputer Center, located on the University of California San Diego (“UC San Diego”) campus in La Jolla, CA.

For purposes of the General Data Protection Regulation (“GDPR”), the data controller is the Regents of the University of California, with a location at 9500 Gilman Drive, La Jolla, California 92037.

What these Privacy Practices apply to

UC San Diego and CAIDA know you care about your privacy and confidentiality. These Practices are designed to reflect our compliance with the applicable requirements of applicable laws, including the EU General Data Protection Regulation (“GDPR”).

This document describes how we treat the information we collect when you use or access CAIDA websites, communicate with us, access our datasets, or use our services. UC San Diego works in a distributed information technology environment; therefore, policies and procedures for other programs/applications may vary. These Privacy Practices do not apply to the information practices or services offered by other organizations or individuals (“Third Parties”), including service providers, advertisers, sponsors and others linked to our website.

Key Terms

Form Data: Form Data are personal data that we gather online when you register for a workshop, make online requests, or request datasets. It can include any of the following: name, email address, job title, affiliated institution, phone number, IP address or device ID, and public SSH key.

Identifiable data: Any data that can be used to identify, contact, or locate an individual, either alone or combined with other easily accessible sources.

Anonymized data: Data that does not identify a specific individual; that is, data from which all identifiers, such as name, email address, date of birth, phone number, have been removed.

The personal information we process

We obtain personal information about you in the following ways:

  • Information you provide:

    1. Workshop registrations:
      When you register for a workshop or request access to a dataset, we collect Form Data during the registration process.
    2. Dataset requests:
      When you request access to a dataset, we collect Form Data from you. As part of the request, we also collect your mailing address and relationship to CAIDA.
    3. Surveys:
      We may periodically send special interest surveys to gather additional information about your participation. You are not required to participate in surveys and may continue to participate in our programs and use our services even if you do not complete surveys.
  • Information we collect automatically:

    1. Web browser cookies, logs, and device data:
      As is true of most other websites and platforms, we collect information about your device and browser whenever you interact with the CAIDA website. Our website may use “cookies” to enhance your experience. Your web browser places cookies on your hard drive for record-keeping purposes and sometimes to track information about you. Information may include the browser name, the type of computer, the region or location where your computer or device is accessing the internet, and technical information about your means of connection to our website, such as the operating system and the Internet service providers utilized and other similar information. Our traffic tools log information about your browser, your IP address, window size, the pages you visit, the duration of your visit, and the documents or forms you use or download. In addition to log and cookie data, we also collect information about the device you’re using to access CAIDA services, including what type of device it is, what operating system you are using, device settings, unique device identifiers and crash data. Whether we collect some or all of this information often depends on what type of device you are using and its settings. For example, different types of information are available depending on whether you are using a Mac or a PC, or an iPhone or Android phone. To learn more about what information your device makes available to us, please also check the policies of your device manufacturer or software provider.

    2. Essential cookies:
      These cookies are essential for enabling user movement around our website and providing access to features such as authentication to secure areas of the website or restricted services.

    3. Analytics cookies:
      We use Google Analytics cookies and AWStats cookies to collect information about how visitors use our website. These cookies collect information in the aggregate to give us insight into how our website is being used. We anonymize IP addresses in Google Analytics, and the anonymized data is transmitted to and stored by Google on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. AWstats cookies transfer information to our web server in the United States. Your information will not be transferred to any other organization without your consent, other than for the express purpose of delivering the information product or service requested and complying with internal sponsor requirements and scientific research transparency objectives.

    4. Zoom info:
      Zoom collects device, location, and other information when you use the platform. Please review the Zoom Privacy Policy to understand what information Zoom collects automatically.

Why and how we use your personal information

We will only use your personal information as described below or as required or permitted by law.

We will use your data primarily for the purpose of verifying your eligibility to register for a workshop or download a restricted dataset. Your personally identifiable data are accessible only by the staff at CAIDA, their university-approved partners or vendors, and the IT personnel that maintain the data and websites.

We will use your data for the following purposes:

  1. To deliver and administer workshop programming and enable your participation at events. This is generally required under the agreement we have with you;

  2. To process dataset requests. This is generally required under the agreement we have with you;

  3. To provide you with technical support. This is generally required to process a transaction requested by you;

  4. To process and handle any complaints or inquiries made by you or legally on your behalf. We do this because it is in our legitimate interest as part of the services CAIDA offers to you;

  5. To assess or appraise our process for administering workshops. It is in our legitimate interest to understand and improve our processes;

  6. When required or permitted by law, to disclose Form Data to authorities who can request this information by law that is binding on UC San Diego;

  7. To improve website/application functionality, improve content, monitor website performance, and answer specific questions about the usage and performance of the website;

  8. To compile statistics and conduct research for internal and statutory reporting purposes. It is in our legitimate interest to understand, improve, and report on our programs;

  9. To solicit feedback about our website or a workshop. It is in our legitimate interest to continuously improve our website;

  10. For use in IRB-approved research projects. It is in our legitimate interest to conduct scholarly research and disseminate the results of our research.

When used for purposes (6) through (10), Form Data may be combined with data provided by other UC San Diego departments, analyzed in aggregated format, and reported both to groups and individuals within UC San Diego and to outside groups for research, educational, and publication purposes. No identifiable information from you will be contained in the reports.

We also use more sensitive information about you, with your explicit consent, where the processing is necessary to meet a legal or regulatory obligation, the processing is in connection with UC establishing, exercising or defending legal claims, or is otherwise expressly permitted by GDPR. This sensitive information includes information about your racial or ethnic origin, and your gender.

As part of our quality control process, your data will be checked for accuracy and corrected when necessary.

Information We Share with Third Parties

CAIDA shares your Form Data with our approved third-party vendors who provide services on our behalf, as well as funding sponsors, our research collaborators in Europe, third party vendors who provide services on our behalf, third party web analysis services that help gather and analyze this information, and US government agencies responsible for administering the Program.

We use UC San Diego approved third-party vendors and IT services for videoconferencing, document storage, and processing of Form Data for the purposes identified above. We use the following approved third parties for our workshops and code repositories:, GitHub, G Suite for Education, and Zoom Video Communications. Please review their privacy policies for additional information.

We may also need to share your Form Data as required to respond to lawful requests and legal process; to protect our rights and property and those of our agents and others, including to enforce our agreements and policies; and in an emergency, to protect UC and the safety of our students, faculty and staff or any third party.

UC San Diego and CAIDA will never sell or license your information for marketing or commercial purposes. We will not share your information for other purposes, except with your prior consent, as required or permitted by law, or to investigate a violation of law or policy.

If your Personal Data is shared with a third party, UC will require that the third party use appropriate measures to protect the confidentiality and security of your data.

How We Protect Personal Information

We maintain technical, physical, and administrative safeguards to protect the security, integrity, and privacy of personal data, including the following practices:

a) storing information we collect on computer systems located in controlled facilities with limited access;

b) protecting the transmission of your information over the Internet, through the use of encryption, such as the Secure Socket Layer (SSL) protocol;

c) using a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosures; and

d) limiting access to data to only authorized personnel.

We endeavor to protect the privacy of the personal information we hold in our records, but we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of your personal information.

The CAIDA website contains links to additional programs and websites associated with UC San Diego. When following a link to another website, you should read that website’s privacy policy or consent form and make sure that you agree with it and can accept it.

International Transfer of Your Data

For visitors from the European Union/European Economic Area: In order to fulfill the intended processing purposes described above, your Form Data will be transferred internationally, including outside of the European Economic Area (EEA) and the United Kingdom, specifically to the United States, which does not protect Personal Data in the same way that it is protected in the EEA or the UK. UC will undertake appropriate measures to ensure adequate protection of Program Data, including utilizing appropriate physical, administrative, and technical safeguards to protect Program Data, as well as executing standard contractual clauses approved by the European Commission or a supervisory authority under GDPR, or obtaining your consent, where appropriate.

How Long We Keep Your Identifiable Data

Information about how long different types of information are retained by UC San Diego is published at: https://www.ucop.edu/information-technology-services/services/system-wide-it-services/uc-records-retention-schedule.html

Knowing Your Choices and Rights

You may choose not to visit or use the CAIDA website or use our online services. If you choose not to use the CAIDA third party service providers, you will not be able to use some of our online services.

You may choose to set your web browser to refuse cookies, or to alert you when cookies are being sent. If you choose to reject cookies, some parts of the website may not function properly. The parts of the website that will not function properly are: services that require authentication or login, functions that keep user preferences.

You have a right to:

  • Access your Form Data, as well as information relating to the recipients of Form Data, the purposes of processing Form Data, the duration for which the Form Data will be stored, and the source of Form Data that has not been provided by you;

  • Rectify or correct inaccurate or incomplete Form Data concerning you, taking into account the purposes of the processing, and the right to have incomplete Form Data completed;

  • Move your Form Data to another controller or processor. UC will facilitate the lawful transfer of your data to the extent possible;

  • Have your Form Data erased in certain circumstances;

  • Restrict the processing of your Form Data in certain circumstances;

  • Object to the processing of Form Data in certain circumstances;

  • Withdraw your consent to the processing of your Form Data. The withdrawal does not affect the lawfulness of processing based on your consent before its withdrawal.

  • Know whether your or your Form Data are being used for automated decision-making, including profiling. In those cases, UC will give you meaningful information about the logic involved, the significance and the envisaged consequences of such processing for your data, and the right to request human intervention; and

  • Lodge a complaint with a supervisory authority.

UC may be obligated to retain Form Data as required by U.S. federal or state law.

If you wish to exercise your rights, you can contact the UC San Diego Campus Privacy Officer identified below.

You may exercise your rights and submit any questions or concerns using the procedure under “Contacting Us.” Please do not include any personally identifiable or other sensitive information in an email or voicemail message.

Changes to this Privacy Policy

This Privacy Policy will be updated periodically to reflect any material changes in our programs and practices. These changes will be evident by inserting a new “Effective Date” (see below) and are effective when they are posted to our website at: https://www.caida.org/about/legal/privacy/ ; Treatment of information we collect now is subject to the version of the Privacy Policy in effect at the time such information is collected.

Contacting Us

If you have any general questions about how your personal information is used by CAIDA or wish to exercise any of your rights, please contact CAIDA by e-mail at info@caida.org, or contact the UC San Diego Privacy Officer at UCSDPrivacy@ucsd.edu

Effective Date

This policy is effective as of 1/28/2022.

Published
Last Modified