Ferry Acceptable Use Policy
Last updated: 25 May, 2026
This Acceptable Use Policy (AUP) sets the rules for using Ferry (the Platform). Ferry is run by Utrecht University, through its Faculty of Social and Behavioural Sciences (Department of Methodology and Statistics) (the Operator). By using Ferry, you agree to these rules.
This AUP works alongside Ferry's Privacy Policy, the rules of any login service you use (such as SURFconext or SURF SRAM), and your own institution's rules on research ethics and data. It does not replace them.
1. Who these rules cover
These rules cover everyone who uses Ferry, including:
- Researchers who have accounts and run studies.
- Collaborators whom Researchers invite to help.
- Site administrators who look after Ferry's catalogue.
Respondents (people who donate data) are not bound by this AUP. Their relationship is with the Researcher running the study, through that study's consent flow.
2. What Ferry is for
Ferry is for academic data donation research. In these studies, people choose to share data that online services hold about them. They share it for research, with clear consent, under the ethics oversight of a recognised academic institution.
2.1 What you may do
You may use Ferry to:
- Build, set up, and run data donation studies for academic research.
- Work with other Researchers on these studies.
- Send donated data to storage you are allowed to use.
2.2 What you may not do
You may not use Ferry:
- For commercial data collection that is not academic research.
- To run studies without ethics approval, where your institution requires it.
- To collect data from children, unless the law and your institution allow it.
- To get around a Respondent's consent, such as by setting up extractors that collect data the Respondent was not shown.
- To collect data from services in ways that break those services' terms and put the Operator at legal risk.
- To support anything that breaks Dutch or other applicable law.
3. Protecting Respondents
Ferry is built to keep a clear line between what a Respondent reviews and agrees to, and what leaves their device. As a Researcher or Collaborator, you agree:
- You will not try to cross that line. Do not write or pick extractors, scripts, or settings meant to grab data beyond what the Respondent reviews in the browser tool.
- You will describe your data collection honestly in your consent text. It must match what the study really collects.
- You will not try to capture device details, IP addresses, or other Respondent-side data that Ferry is built to leave out.
Ferry's status and error messages are limited to a small, fixed set of safe values. They cannot carry a Respondent's DDP data, file names, or device details. Do not try to use them as a data source.
If you try to get around these protections, we will suspend your access right away while we review.
4. Storage
You are responsible for the storage you set up for each study.
4.1 Permission
Set up only storage you are allowed to write to. Using a key or link you do not have permission to use breaks this AUP, and may break the law.
4.2 Institution approval
Make sure your institution approves the storage you pick for the kind of data your study collects. Different kinds of data (anonymous, personal, sensitive, or special category) usually need different kinds of storage. If you are not sure, ask your institution's research data support before you set up storage.
4.3 Keeping keys safe
When Ferry needs a key or link to write to storage, prefer:
- Upload links (public upload links, signed links, short-lived tokens) over long-term account passwords.
- Limited keys (write-only, locked to one folder) over broad keys.
- Keys made just for the study over keys shared with other work.
Do not give Ferry someone else's key, or a key that reaches data unrelated to the study.
5. Researcher duties
5.1 Follow your institution's rules
Make sure your use of Ferry follows your institution's rules on:
- Research ethics review.
- Data handling and storage levels.
- Proper use of your institution login (SURFconext or SURF SRAM).
- Proper use of institution storage.
5.2 Follow the law
Make sure your study follows the law. This includes the GDPR, the Dutch GDPR act (UAVG), the Dutch Telecommunications Act (where it covers cookies and similar tools), and the rules of the service Respondents get their DDPs from.
5.3 You are the data controller
For donated data, you (or your institution) are the data controller. Because donated data goes straight from the Respondent's browser to your storage and never reaches Ferry, the Operator is not a processor of it either. You are responsible for:
- Honouring Respondents' rights, such as the right to see or delete data donated to your study.
- Keeping a record of how you handle data for your study.
- Doing a data protection impact assessment when one is needed.
6. Working with collaborators
When you invite a collaborator to your study:
- They can edit task content and publish new versions. They cannot make a version live, change the storage, or remove other collaborators. Those powers stay with the study owner.
- You stay responsible for what your collaborators do on your study. Pick people you trust.
7. Fair use of shared resources
Ferry is shared infrastructure. You agree not to:
- Send far more automated requests than normal study use needs.
- Set up studies meant to overload or crash Ferry.
- Use Ferry for things other than data donation research, such as a general file host, a CDN, or a data pipeline.
- Probe, scan, or test Ferry's security without written permission from the Operator's security contact first.
If you expect to run at a much larger scale than usual, such as many tens of thousands of Respondents in a short time, tell the Operator ahead of time so we can plan for it.
8. Site administrators
Site administrators look after Ferry's catalogue of supported services and the checks tied to each service version. They agree:
- To keep service versions fixed once a live study has used them. Changing a used version later would break running studies.
- Not to reach, or try to reach, Researcher study data or Respondent donation data, which Ferry keeps on the other side of a clear line.
- To use admin access only for the upkeep it was meant for.
9. Reporting problems
If you notice a break of this AUP, by you or someone else, please report it to security@ferry-platform.eu. We look into reports quickly, and respond in a fair way.
10. Enforcement
If someone breaks this AUP, the Operator may:
- Contact the user to ask for changes.
- Pause a study or feature.
- Pause an account while we review.
- End access for good in serious or repeated cases.
- Tell the user's institution when the break suggests broken institution rules or law.
- Tell the authorities when the law requires it.
Where we can, we give notice and a chance to fix things first. But we may act right away when security, ongoing harm, or legal risk is involved.
11. Changes to this AUP
The Operator may update this AUP now and then. The "last updated" date shows the latest change. We will tell Researchers about big changes by email, at the address on their account, with reasonable notice before they take effect.