This privacy notice explains how the website of the Master in Cybersecurity at the University of Minho (mcs.di.uminho.pt) handles personal data. It is drafted in accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation, GDPR) and Portuguese Law n.º 41/2004 of 18 August (transposing the e-Privacy Directive).

Data Controller

The data controller for this website is the University of Minho, acting through the Department of Informatics of the School of Engineering. The contact point for matters relating to the Master in Cybersecurity is the programme’s email, dc-mcs@di.uminho.pt. For institutional matters, including the exercise of the data-subject rights described below, please consult the University’s central Data Protection Officer.

What Data We Process

This website does not require registration and does not host any user accounts. Two categories of data may be processed in connection with a visit.

Server logs. Like any web server, the host serving this site records limited technical metadata about each request — typically the request timestamp, the requested URL, the HTTP response status, the requesting IP address, and the user-agent string. These records are kept by the University’s hosting infrastructure for the period necessary for security monitoring and operational diagnostics, and are not used to identify individual visitors for any other purpose.

Audience measurement (Google Analytics). When the visitor explicitly accepts cookies through the banner displayed on first visit, the website loads Google Analytics 4 (measurement identifier G-0D21XWTJ07) provided by Google LLC. Google Analytics records aggregated information about how the site is used: pages visited, approximate location (derived from a truncated IP address), device and browser characteristics, and a randomly generated client identifier stored as a cookie on the visitor’s device. The IP address is anonymised at collection (anonymize_ip is enabled). No analytics cookie is set, and no data is sent to Google, if the visitor declines or simply ignores the banner.

The website does not currently embed advertising trackers, social-media widgets that read cookies, or third-party fingerprinting scripts.

The processing carried out by Google Analytics is based on the visitor’s prior, explicit consent under Article 6(1)(a) GDPR and Article 5 of Lei n.º 41/2004. The processing carried out in server logs is based on the legitimate interest of the controller in operating and securing the service, under Article 6(1)(f) GDPR.

Retention

Server logs are kept for the duration set by the University’s hosting policy (typically a few months). Aggregated Google Analytics data is retained according to the configuration of the GA property; the default retention for event-level data in this property is fourteen months, after which only aggregated reports remain.

Recipients

Google Analytics data is processed by Google LLC under the terms of its data processing agreement with the University of Minho. Google may transfer data to servers located outside the European Economic Area; these transfers are governed by the European Commission’s adequacy decision and the Standard Contractual Clauses, where applicable.

Your Rights

As a data subject, you have the right to access your personal data, to request its rectification or erasure, to object to its processing, to obtain its restriction, and to data portability, in accordance with Articles 15 to 22 GDPR. To exercise any of these rights, please contact the University of Minho’s Data Protection Officer at the link above.

You may also withdraw your consent to the use of analytics cookies at any time. To do so, click here; the page will reload and the cookie banner will reappear, allowing you to make a new choice. You may additionally lodge a complaint with the Comissão Nacional de Protecção de Dados (CNPD)www.cnpd.pt.

Changes

This notice may be updated to reflect changes in the website’s data-processing arrangements or in applicable law. The version in force is always the one published at this address.