Fresco Terms and Conditions

Summary of the responsibilities of the Site Owner and all other delegated content creators for Fresco websites

Updated 10 September 2025

Collective Responsibility 

Site Owners and all users who have delegated content creation permissions, hereafter collectively referred to as “Users”, are responsible for ensuring that the Fresco Web CMS Platform service, hereafter referred to as "Fresco", is suitable for their needs and that they use it according to the help and guidelines available. All use of the Fresco service must be in compliance with the Terms of Usage (see below) and University IT rules and policies.

Users are responsible for the content displayed on their websites. 

Use of this service is subject to, and implies acceptance of, any applicable regulations including but not limited to the: 

• University Policy on Data Protection
• Data Protection Act 
• The Data (Use and Access) Act 
• Public Sector Bodies (Websites and Mobile Applications) (No.2) Accessibility Regulations 2018
• University Information Security Policy 
• University anti-virus computer protection 
• Regulations Relating to the use of Information Technology Facilities 
• Janet Acceptable Use Policy
• Software Licences and Data Set Licences (e.g. CHEST Agreements).

Users should report any defect, malfunction, or performance degradation of the service promptly (through the Service Desk) to enable remedial action to be taken. 

User log-in credentials are for individual, named Users and cannot be shared or used concurrently or by more than one User.

Terms of Usage and Service Specific Requirements 

Responsibilities of the Site Owner

Site Owners are solely responsible for their use of the Site and Services. Fresco allows for the posting of content to your public website(s). These public websites' content and privacy policies are not under our control, and IT Services are not responsible for the content of any public website hosted on Fresco or any links contained in these websites. 

Fresco is designated to hold Public information only; it is not managed as a repository suitable for storing Internal or Sensitive content. Fresco should only be used to store Public content. 

Fresco does not provide the granular permissions and security auditing tools used by Intranets. OxIntranet is the appropriate tool for hosting Intranet sites.

The status of a Fresco site does not affect the charging liability.

Any site, which is not on the University financial system, provisioned without a cost centre and exceeding the Micro-site tier, may be suspended.

You are responsible for compliance of your Users with these Terms and Conditions and for all activity occurring under your User accounts. You will: 

(i) maintain the accuracy and completeness of the registration, payment and other information you provide to us; 

(ii) keep your login credentials for Fresco confidential and notify the Web CMS Platform Team immediately of any unauthorised use of your credentials or account or any other known or suspected breach of security; 

(iii) ensure content editors are not granted access unless they install anti-virus software, keep it updated and schedule regular scans. Follow the guidance on InfoSec protect my computer. It's recommended an external party with VA card status is asked to complete a Third Party Security Assessment before being granted access to the platform; and

(iv) ensure content editors accept these Terms and Conditions before creating a user account for them, and keep a record capturing their consent until Fresco offers functionality to manage this.

You also agree to ensure that your Users exit from their accounts on Fresco at the end of each session. You are responsible for obtaining, maintaining, and supporting all internet access, computer hardware, and other equipment and services needed for access to Fresco. 

You agree not to engage in any of the following prohibited activities in connection with Fresco: 

(i) using Fresco for file storage or sharing purposes (other than incidentally to support your Website’s other functionality as permitted in the Documentation)

(ii) transmitting spam, chain letters, or other unsolicited email 

(iii) transmitting, storing or using invalid data, viruses, worms, or other software agents 

(iv) transmitting, storing or using data that is harmful, threatening, defamatory, sexually explicit, pornographic, obscene or that violates any applicable laws or regulations 

(v) harming or exploiting minors in any manner 

(vi) obtaining unauthorised access to any other customer’s account to Fresco 

(vii) impersonating another person, misrepresenting your affiliation with a person or entity, conducting fraud or hiding or attempting to hide your identity

(viii) using a reverse proxy server to access a Fresco website; or 

(ix) using a Fresco website wholly or mainly as a relay to redirect traffic to a separate host (in particular, but not limited to, hosts external to the University)

IT Services may, but is not obligated to, monitor Websites and data for compliance with these restrictions and (in addition to its other suspension and termination rights hereunder) may take-down Customer Data from your Websites that does not comply. 

The 'powered by Oxford Fresco' text and logo link to https://fresco.site.ox.ac.uk displayed at the bottom of Fresco websites are mandatory branding elements of the Fresco platform. They may not be removed, hidden, repositioned or otherwise altered in any way.

The .site address for your site is tied to the Fresco platform. The .site address cannot be taken elsewhere if you decide to move away from the Fresco platform.