What information do we collect about you?
All personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject.
We collect data from staff in line with their Employment Contracts to meet compliance. When you attend our facilities or sign-up for the following:
- Accident or Near Miss Reporting
- Conferences and events
- Eye Care Vouchers
- Feedback on our services
- Fleet Access
- Halls of Residence – room inventory, damage deposits and logging maintenance jobs
- Hollies Accommodation
- Leases and Licences
- Parking permits
- Post and Parcels
- Unicard – Access Control and Upay
We may collect the following information that you provide in order that we can identify you when you attend the University, administer or reply to your requests:
- Your name, gender, contact details such as address, telephone number and email, emergency contact details, room numbers and any other relevant information we need in order to contact you or identify you
- Your photograph for Unicards
- Individual or group photographs for marketing and promotional purposes
- Your student number
- Your staff number
- Drivers License details and health conditions which could affect your ability to drive
- Your personal or business bank details for setting up payments for products and services that you receive from us
- Technical and usage data
- Your views on our services to help us improve and we let you know about any important changes
- Information and feedback to evaluate the success of events
- A record of our interactions with you
- Any other information you have provided us with
The information listed above is only available to us, if you have chosen to share it with us. We will update the data that we hold on you where you provide updated details or change any details.
How do we use the information you provide to us?
Under the GDPR, we do have to meet one of the conditions set out in Article 6 for processing your data. We use the information we collect only in compliance with this privacy notice.
In most cases, the processing of your data that is necessary, is for statutory and contractual purposes. We may also need to process the sensitive data you provide to us to ensure your safety and wellbeing. Processing could be necessary to protect the vital interests of the data subject or others. In addition to this, we also need to process some of the data you provide to us to help us comply with legal obligations.
Who do we share your information with?
We do not share the information you provide to us outside of the European Economic Area (EEA) or with other parties unless there is a lawful basis to do so.
We may provide your information to GDPR compliant internal and external providers and stakeholders who render the services to us on your behalf:
- our contractors to carry out maintenance to your halls
- RIDDOR for work related accidents
- Specsavers for eye care vouchers
- IUMIS who provide the software system for Upay
- our corporate finance team when raising invoices and making payments
- our IT team for access to electronic services
- our HR Resourcelink systems to record employee and casual staff information
- Survey Monkey and Online surveys (formally BOS)
- Verisae (VX Maintain and VX Field) who provide the software for our Computer Aided Facilities Management (CAFM) system
- Midsec and Lenel software for Unicards and access control
- Solicitors to draw up and review Leases and Licences
- Auditors to ensure we meet building, financial and procedures compliance
- Provide IHASCO with staff information to facilitate Fire Awareness Training
How long do you keep my information?
We retain personal information that you provide us, as long as we consider it potentially useful in contacting you about the product and services we provide, or as needed to comply with legal obligations. Our current University Retention Policy states how long we will keep your data for.
Is my personal data secure?
We are committed to the security of the information we hold and in ensuring that only people who need to access the information, are able to do so. Your information is held securely on the password protected University servers or secure areas with access restricted to authorised personnel only. We will not sell on your personal data to third parties and we do not permit third parties to sell on the data that we have shared with them.
You have the right to access and be informed of what personal data the University holds about you and what it is used for. To submit a request please refer to the University’s (Subject Access Request Form). We may amend this privacy notice from time to time and any significant changes to this notice or to the way we treat your data will be communicated either via the Edge Hill Website or by contacting you directly through the most appropriate means. Should you request your data to be removed, we may continue to hold some information such as financial records in line with statutory requirements.
Should you wish to contact anyone regarding your personal data or if you have any concerns about the use or processing of your data, please contact – Data Protection Office, Edge Hill University, St Helens Road, Ormskirk, L39 4QP