Dear colleagues


Here's another GDPR-related email, because I'm sure you'll agree you don't receive enough of them already.


Jiscmail have now reviewed and updated their service policies, which are available at:


The main changes in these service policies are 2 new sections: Section 5: Mailing List Privacy Notice and Section: 12: Data Protection Schedule, as well as re-numbering sections as appropriate, and there are some updates to: Section 4: Role of List Owners, Section 7: Mailing List Archives, Section 9: Limitations, Section 10: Data Protection. The new sections and updates which affect you as users of the list are described below.


New section: Section 5: Mailing List Privacy Notice (available here)


Provides the default privacy notice for mailing lists, it explains how information (provided by subscribers, when joining a mailing list or using a mailing list) is used, is stored and (in some cases) shared, and how it can be removed. This reads:


By using MUSEUMS-DOCUMENTATION-NETWORK your personal data (email address, name) may be used by the list owner to manage your membership, support you in using this mailing list, to identify problems or to make the mailing list better.


If you post messages to this mailing list, be aware that any personal data you share within your email (email address, name and signature information) may be visible to others.

To check who else may view your message and personal data, check the mailing list archive privacy setting, which is displayed at


Your email address will continue to be subscribed to the mailing list until you ask the list owner, or JiscMail helpline to remove your details. Any email messages you post to the mailing list will remain in the mailing list web-accessible archives, until you ask the list owner, or JiscMail helpline to remove these details.


Update: Section: 7 Mailing List Archives (here)


We have described the different types of mailing list archive settings which may be applied to a mailing list, and explained that "The archive privacy setting is displayed on a list homepage,"



Update: Section 9: Limitations (here)


We have repeated limitations of the service, these existed in other sections of the policy, but we felt it was important to bring them together here too:

"JiscMail does not control or bear any liability for the content of messages you or others post to lists, it acts as a conduit for messages and we are not liable for the conduct of any other JiscMail user. JiscMail neither moderates nor edits messages before they are posted to the list.


JiscMail cannot assume any responsibility for the content of any messages sent to lists other than those from JiscMail themselves and we do not review, screen or edit the content."


We have added a sub-section called "Service Performance" to describe how we alert list owners of downtime (planned/unplanned).


Update: Section 10: Data Protection (here)


The Data protection section has been updated to reference new legislation, and the following statement:

"The Data Protection Schedule sets out JiscMail's obligations to each list owner (the data Controller) with regard to any Personal Data it processes on behalf of the list owner. In the event of any conflict between the Data Protection Schedule and any other provision of these service policies, the relevant provision of the Data Protection Policy shall take precedence."


The final bullet point, about helpline enquiries, has been updated to refer to Jisc's privacy notice


Best wishes