1. Purpose of this privacy notice
Solent University, as a registered Data Controller, has an obligation to comply with the General Data Protection Regulation and other applicable data protection law. The University maintains a data protection registration with the Information Commissioner’s Office, the independent authority which oversees compliance with the Data Protection Laws. The University’s registration numbers are:
- Solent University Z5969541
- Solent University Limited Z6147551
This privacy notice covers personal data for school and colleges staff who work with Solent University. It explains what data Solent University collects, why we collect it, where we collect it from and, where applicable, who we will share it with. It also advises you of your rights about the personal data we hold.
2. What personal data do we collect about you?
We collect your name, role at institution, address, phone number, email address, website address and description of your institution. We do not, for this purpose collect any special categories of data relating, for example, to disability or ethnic background.
3. Why do we collect the data and what is our legal reason for doing so?
Why do we collect your data?
3.1 We collect basic personal data to keep in touch with you and to provide services that you have requested or are in your interest We will contact you to promote services that may benefit your school or college, your students, parents and family members of your students and other key stakeholders with an interest or relevance for further study (such as information about Open Days, Undergraduate Visit Days, UK College Partnership Agreements, workshops we can offer your students either at your school/college or on campus, CPD events you may be interested in).
Legal bases for processing your data
3.2 The legal bases identified for processing under this privacy notice are as follows:
i. Article 6(1)(e) of the GDPR: “Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
There are two main reasons for which our work with you is in the public interest:
- For target Access and widening participation activity.
For example we contact you at schools and colleges and store your details so that we can work with your students to increase the participation of underrepresented groups at university. The Office for Students requires each university to produce an Access and Participation Plan (APP). This evidences the initiatives we are putting in place to meet targets set out in the APP which links into the government’s targets to increase access of underrepresented groups at university.
- For general information and advice that we provide for you.
Here, it is in the public interest to collect your contact information as we are providing information and advice for you and your students about future opportunities. It is also represented in the government’s careers strategy policy which outlines how school and colleges should now be meeting the eight Gatsby Benchmarks, one of which is to engage with HE Providers: “All pupils should understand the full range of learning opportunities that are available to them. This includes both academic and vocational routes and learning in schools, colleges, universities and in the workplace. By the age of 16, every pupil should have had a meaningful encounter* with providers of the full range of learning opportunities, including sixth forms, colleges, universities and apprenticeship providers. This should include the opportunity to meet both staff and pupils. By the age of 18, all pupils who are considering applying for university should have had at least two visits to universities to meet staff and pupils”. More information on this can be found here.
ii. Article 6(1)(f) of the GDPR: “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.”
For example, you have asked us to attend an event or organise a workshop or activity for you or your students or have asked to attend a conference or CPD activity here at Solent.
4. When do we collect your personal data?
4.1 We collect data through our electronic systems and store it in our Customer Relationship Management (CRM) system and other relevant University systems.
4.2 We will receive the data directly from you either through your enquiries to us (e.g. when you contact us to ask for information or a specific service).
4.3 We also collect data through our website. Solent University's website does not capture nor store personal data except where you voluntarily choose to provide your personal details (for example through one of our forms). Any personal data collected through this website, on forms for example, will only be used for the purpose stated on the relevant page. Where you provide Solent University with your personal details via the Internet, we will not pass the data to any other organisations or individuals without your written consent. Our web server automatically collects standard information, including your IP address, browser type, operating system and access times.
4.4 For information on cookies and how we use them, please visit our cookies page. This website uses Google Analytics, a web analytics service provided by Google, Inc. ('Google'). Google Analytics uses 'cookies', which are text files placed on your computer, to help the website analyse how users use the site. The data generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
4.5 Google will use this data for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.
4.7 This privacy notice only governs Solent University’s websites at the following domains (including sub-domains): solent.ac.uk; warsashacademicy.co.uk and warsashsuperyachtacademy.com.’
5. Who do we share your personal data with?
Our systems are secure and open to access only by authorised staff. We do not share your data with third parties although we do store data with third parties (for example Gecko, and Dotmailer) when using software to capture personal data or to send mailings.
6. Do we transfer your data outside the European Economic Area (EEA)?
Some personal data may be stored at destinations outside the EEA. Where this occurs, the University will ensure that relevant security measures are in place to protect your personal data. This will be done by placing contractual obligations on those receiving your personal data or by ensuring that the recipients have subscribed to relevant international frameworks that aim to ensure adequate protection.
7. How long do we keep your personal data?
We will keep your contact details on our university customer relationship management system for four years. We will review this system every four years to ascertain whether it is relevant to retain the information. You will have the opportunity to opt-out from communications with Solent University at any stage and an unsubscribe option will be available in our email communications.
8. Telling us about changes in your personal data
Please advise us promptly about changes to the data we hold about you so that we can maintain accurate records. You can tell us about changes by using the departmental contact information given in section 10 of this privacy notice.
9. Your rights in relation to the personal data we hold
Under the General Data Protection Regulation you have the following rights. Further data about these rights can be found on the Information Commissioner’s Office website.
- The right to be informed at an appropriate time about the collection and use of the personal data we hold about you.
- The right of access to, your personal data and other supplementary data,
- The right to require correction of the personal data we hold about you if it is incorrect.
- The right, in certain circumstances, to require erasure of your personal data.
- The right, in certain circumstances, to restrict processing or your personal data.
- The right, in certain circumstances, to receive from the University the personal data you have provided to us in a reasonable format, specified by you. You may also request that we pass that personal data to another data controller.
- The right to object to certain processing of your personal data by us.
- Rights in relation to automated decision making and profiling.
These rights are not absolute and we may be entitled to refuse requests when there are valid exceptions; we shall explain the reasons to you in such cases.
You can find out more about your rights under Data Protection Law from the Information Commissioner’s Office website.
You are welcome to contact us if you have any concerns about how we process your personal data.
UK Student Recruitment Team
Phone: 023 8201 3482
University Information Rights Team Contacts
The University’s Data Protection Officer is Mr Paul Colbran. Please use the following contact details for any concerns you wish to raise about the personal data we collect and process.
Tel: 023 8201 3229 / 023 8201 3978
Information Rights Office
Policy, Information and Governance
East Park Terrace, Southampton, SO14 0YN.
11. Requesting access to your personal data
To request access to the personal information that we hold about you please email firstname.lastname@example.org.
We will always aim to respond clearly to any concerns you have regarding the processing of your data and to requests to exercise the rights stated above. However if you remain concerned or believe that Solent University has failed to comply with the data protection legislation then you have the right to complain to the data protection regulator, the Information Commissioner. Contact details follow:
The Information Commissioner’s Office
Cheshire, SK9 5AF
Tel: 0303 123 1113
13. Changes to the privacy notice
We regularly review this notice and will update it if there are changes in how we manage or use your data. This page will always contain the latest version of this notice.
Updated: 11 September 2018
Back to top