Want to use Zotero

gazla
I work for an NHS trust in the UK and our Publications manager is keen to start using Zotero. But our local IT department want specific questions answered before allowing the product to be used on our network. Most are around privacy that despite mailing a number of times i am yet to have a response.

Can you detail the entirety of the personal information you collect (both through registration and any other electronic communication)? (Is it just a username and password, or are other details required)

What interactions and data capture are there at syncing? (Detail please, including what protocols are used between client and web for syncing of data, the security of them, are there any “local environment” details captured during the process)

Where is the data you collect stored? Could it potentially come under the remit of the Patriot Act?

Do you have any dependency on IP address?

Are you aware of anyone else in the NHS using the product?

Hoping to get an answer.
  • adamsmith
    I don't work for Zotero, but most of this is public knowledge. Note, also, that Zotero is, apart from sync/groups, fully functional without a user account or any other interaction with the Zotero server/website at all.
    Can you detail the entirety of the personal information you collect (both through registration and any other electronic communication)
    You can sign up with just username and password, no other information is required (though can be supplied optionally).
    What interactions and data capture are there at syncing?
    I'm not quite sure I understand this question, but the entire sync runs over standard https. No local environment details are captured during sync. https is generally considered secure.

    By default, some information about errors is collected and sent to Zotero anonymously. That option can be turned off in the preferences. Basic Local environment information (OS, Zotero/Firefox version/installed add-ons and plugins) is included in error reports, which are only sent when a user chooses to do so.
    Where is the data you collect stored? Could it potentially come under the remit of the Patriot Act?
    on Amazon AWS servers in the US, so in theory, yes.
    Do you have any dependency on IP address?
    not sure what you mean here, but I assume the answer is no. Zotero doesn't have any features that are enabled within a certain IP range.
  • zuphilip
    https://www.zotero.org/support/terms/privacy

This is an old discussion that has not been active in a long time. Before commenting here, you should strongly consider starting a new discussion instead. If you think the content of this discussion is still relevant, you can link to it from your new discussion.

Sign In or Register to comment.