Whether you are a student or a member of staff your privacy is important to us. Our privacy notice(s) aim to advise you on the way we look after your data at various stages, including your rights to access this data.
There are five stages to the student journey:
There are four stages to the staff data journey:
Each privacy notice should explain why we are asking you for particular data, how we will use that and how long we will keep it for. Our privacy notices will also advise you how to access your data, make changes and keep informed.
We are currently developing the Privacy Notices for all stages of staff and student journeys.
Who we are
The University of Derby uses your personal data to provide you with University services, to undertake it's responsibilities and to monitor its own performance. Our Data Protection Officer can be contacted at: Data Governance, IT Services, University of Derby, Kedleston Road, Derby, DE22 1GB or email firstname.lastname@example.org.
Why we process your data
As a data controller the University of Derby can process your personal data under the Data Protection Act 1998 and subsequent enactments.
We process your data for the following purposes:
- Provision of University services. This includes welfare services, such as support from the Student Union. Your data is used without your consent if the law requires it for statutory services.
- All financial transactions to and from us, including payments, grants and benefits. You could lose out financially if you do not provide us with your data.
- Where you have agreed for the purpose of consulting, informing and gauging your opinion about our products and services. This is consent-based. There are no consequences to you if you do not provide your data.
- To ensure we meet our statutory obligations, including those related to diversity and equal opportunity. Your data is used as the law requires it for statutory services.
How we collect your data
We collect data to operate effectively and provide you the best experience at this University. You may provide some of this data directly to us, such as when you apply for a University place or begin as a member of staff.
We also obtain data from third parties, for example UCAS (Universities and Colleges Admissions Service). UCAS collect your personal information to manage and support your application to higher education, which they then share with prospective universities.
Who we share your data with
The University may share your data with the following organisations:
- Other public authorities and public partnerships (e.g. councils, schools, NHS providers, Police, Government Departments etc) if the law requires us to do so.
- Voluntary and non-commercial sector organisations that help us deliver services.
- Businesses that we contract with to help us deliver services.
How long we keep your data for
The University stores data about you in line with its retention and disposal schedule which can be found here.
You have the following rights:
- To ask for a copy of the data we hold on you
- To ask us to delete data on you that we no longer need
- To ask us to correct data about you that is wrong
- To ask us to stop processing your data temporarily if you think it is wrong until we work out what is correct
- To ask us to let you take a copy of your data in a portable format to another organisation
You can put in a request for any of these here.
If you only gave us your data with consent, you have the right to withdraw that consent at any time. Please get in touch with us.
How we keep your data secure in other countries
Where the University transfers your data to any organisation in a third country or international organisation (e.g. using Cloud storage) appropriate or suitable safeguards will be written into the contract. You can ask for a copy of the contracts here.
Profiling and automated decisions
The University does not currently undertake any profiling activities or take automated decisions about you.
How to complain
Contact email@example.com or call +44 (0)1332 592151.
Last updated: January 2018