Business

Business, organisations and other external stakeholders:

We collect and process personal data as part of our business engagement activity. This relates to collaborative research and enterprise activity, the recruitment of our students and graduates, hiring university conference spaces and accommodation, news and events, community engagement, and supporting or studying with us.

The University is committed to being transparent about how it collects and uses that data meeting its data protection obligations and is the Data Controller in this scenario.

What information does the University collect?

The University collects a range of information about you. It is likely that you will give us information when you make an enquiry to the University, share a business card or if you book to attend an event.

This includes:

• Your name, email address, a contact telephone number and on occasion, your business address
• Details of your engagement with the University, and details of other organisations that you may have represented whilst engaging with the University.
• We do not process ‘special categories’ data under the heading of business.

Why do we collect your data?

We use your data so that we can deliver the services you have accessed / enquired about – this could include:

• To invite you to an event or conference on a topic you have expressed an interest in
• To send you communications about the work of the University as it relates to the topic you have expressed an interest in

Who has access to the data?

Your information will be shared internally to enable us to best deliver the services you have enquired about. Where consent is needed we will obtain this.

How does the University protect data?

The University takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed and is not accessed except by our employees in the proper performance of their duties.

Where is your data held?

Your data is held on our CRM system and our email system.

How long we will keep your data?

We will retain your data for two years from the last point of activity with us, after which point it will be deleted.

There is no statutory or contractual requirement to provide your personal data to us, we are processing it under legitimate interest as you have indicated that you are interested to receive information on one of our business services.

Data Protection Officer

The Data Protection Officer is responsible for advising the University on compliance with Data Protection legislation and monitoring its performance against it.

Our Data Protection Officer (DPO) is James Eaglesfield who can be contacted at (01332) 591762 and our Deputy DPO is Helen Rishworth who can be contacted at (01332) 591954. Alternatively you can email gdpr@derby.ac.uk.

 

Further information on how we handle your information can be found here on our website https://www.derby.ac.uk/its/datagov/privnotice

 

 

Changes to this notice

We keep our privacy notices under regular review.  This privacy notice was last updated in Nov 2018.