HOW WE USE YOUR INFORMATION
This privacy notice tells you what to expect when University of Essex Students’ Union (referred to as the SU herein) collects personal information. It applies to information we collect about:
- Our members, officers and volunteers
- Users of our websites
- People who use our services
- People who give us feedback, make suggestions, complete questionnaires, polls or make complaints
- Suppliers and agents
- Donors and supporters
- Job applicants and our current and former employees
The SU processes personal data for the following reasons:
- Administration of Membership Records (including processing for not for profit organisations)
- Advertising, Marketing and Public Relations
- Accounts and records
- Consultancy and Advisory Services
- Employment Administration
- Crime Prevention and Prosecution of Offenders
Use of data is compliant with the Data Protection Act 1998 and specifically with the 8 data principles that are set out within it:
- Personal data shall be processed fairly and lawfully
- Personal data shall be obtained only for one or more specified and lawful purposes (as above), and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and, where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
We will also use your information as part of the work we do to analyse trends in student achievement and the student experience in order to help us improve the services and support that we provide to you. In order to get a full picture of the student experience we will share some data around, memberships and other extra-curricula activities with the administration and selected academic research teams within the University of Essex. We will not use this information to make decisions about you as an individual.
TYPES OF INFORMATION WE COLLECT
PERSONAL INFORMATION PROVIDED BY YOU
If you are a student at the University of Essex your details, including your email address, will be automatically held by the Students’ Union in its membership database, unless you have opted out of Union membership.
The details held are the details you gave The University of Essex on registration. If you wish to alter your registration details you can do so by contacting the University of Essex Registry.
The SU cannot be held responsible for any inaccurate personal details.
We gather both Personal Information and Anonymous Information from you when you visit the Site.
"Personal Information" means any information that may be used to identify an individual, including, but not limited to: a first and last name; e-mail address; a home, postal or other physical address (when using services designed to deliver or send items to you) or other contact information necessary to provide a service that you requested.
"Anonymous Information" means information that is not associated with or linked to your Personal Information; Anonymous Information does not permit the identification of individual persons. We collect Personal Information and Anonymous Information, as described below.
We Collect Personal Information from you at the following points:
- If you are a non student and register to the site for purchases of tickets, we will record your contact information, username and password. We can collect additional information submitted through registration or via updating your information.
- If you are a student, you will use your University log in and thus your password is not stored on our website or by the SU in any form.
- If you make any purchases through the site, we will record your billing address, however we do not record your payment card details. This information is collected through Sage Pay, our online payment provider. No card payment details are stored through the site.
- If you email us directly via an email hyperlink or contact form to provide us with feedback or to ask us a question regarding the site, we will record any information contained in such email for a period of up to one year to analyse trends and ensure improvements to the site.
PERSONAL INFORMATION COLLECTED AUTOMATICALLY
As you navigate the site, certain information will be collected automatically. This data helps us to improve the content of the site and to customise the content or layout of the site for you. We also use this information to form a greater understanding of our website visitors.
A cookie is an element of data that a website sends to your computer's hard drive while you are viewing a website. The SU uses session cookies (which expire once you close your web browser) to improve your experience using the website by saving the selection you made for your campus. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. You can also set your browser to turn off cookies. If you do so, however, some areas of the site may not function properly.
MORE DETAIL ON HOW WE USE PERSONAL INFORMATION
We collect Personal Information from you in order to fulfil your requests. For example, we may use your Personal Information to process an online purchase or interact with a service or feature to the site. We may also use your Personal Information to send you information that you requested, or to confirm registrations, purchases, or to respond to your feedback.
We may use your email address to notify you of products or services that may interest you, such as events or discussions, in addition we may notify you of recent updates to our site, or to provide you with latest news on The SU.
We may email you for research purposes relating to your membership of the SU, or university life in general. This information is only gathered for reasons associated with improving our services to members, the universities provision to our members and for academic research purposes. Emails may be sent to you from The SU or from its societies, clubs or other groups affiliated to The SU.
You may opt-out from receiving promotional or marketing emails by notifying us at the address specified at the bottom of any unwanted email. If you unsubscribe from a The SU email, you may still receive emails from these affiliated groups and vice versa.
In some cases the opt-out facility is not available unless you have opted out of SU membership completely – to do so you need to write to the Registrar of the University of Essex. These instances include transactional or relationship messages, such as emails that are necessary to provide you with confirmation of a completed transaction (such as a purchase, request, or change in your user profile), emails providing notification of changes of terms of service, emails containing important information about the use of the site.
We may create Anonymous Information records from Personal Information by excluding information (such as your name) that makes the information personally identifiable to you. We use this Anonymous Information to perform statistical analyses of users' aggregate behaviour so that we may enhance the content of our services and improve site navigation.
When someone visits Essexstudent.com, we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website.
DISCLOSURE OF PERSONAL INFORMATION
Your Personal Information will not be sold, traded, or rented to individuals or other entities. However, we may need to share your Personal Information with third parties to charge your credit card or deliver specific services to you such as support services. These third parties are required not to use your Personal Information other than to provide the services requested by The SU.
We may disclose your Personal Information if we believe in good faith that such disclosure is necessary to:
- comply with any relevant legal obligations or
- protect and defend the rights or property of The SU or users of the site.
HOW YOU CAN EDIT YOUR PERSONAL PROFILE
We realise that your Personal Information, including your name, address and email address, is subject to change. To the extent that you do provide us with Personal Information, we wish to maintain its accuracy.
In some cases, we provide a means to create an account or a profile of information. For example, to change your Personal Information, log in as usual and select the profile icon at the top right hand side of each page.
DATA SHARING AGREEMENT WITH UNIVERSITY OF ESSEX
We have a data sharing agreement with the University of Essex.
This agreement permits the transfer of all or part of your personal information from the University to the Students’ Union for the purposes of allowing the SU to provide you with support services, participate in democratic processes, join societies, buy tickets and communicate with you about Annual Reports and Accounts as well as SU activities and campaigns, elicit your feedback and respond to feedback.
Occasionally the SU will share pertinent data with the University. This would be for improving your educational experience, the experience of future students or for academic research purposes.
You can tell the University that you do not wish the Students’ Union to have this data by opting out at enrolment. You can view the university policy on data sharing with the SU here: http://www.essex.ac.uk/records_management/policies/gen_SU.aspx
HIGHER EDUCATION ACHIEVEMENT REPORT
The agreement also allows the Students’ Union to disclose information relating to extra-curricular activity to the University of Essex in order to generate your Higher Education Achievement Report.
If you do not wish the University to include information on your extra-curricular activity on your HEAR you will have the opportunity to tell the University. The University willonly include your extra-curricular information on your HEAR with your consent.
SECURITY OF YOUR PERSONAL INFORMATION
We safeguard the Personal Information you send to us with certain physical, electronic, and managerial procedures.
While we strive to protect your Personal Information, we cannot ensure the security of the information you send to us, and so we urge you to take every precaution to protect your Personal Information when you are on the internet.
We suggest that you change your passwords often, use passwords that include a combination of letters and numbers, and use a secure browser. Products and services are available which can help give you privacy protection while navigating the internet. While we do not anticipate breaches in security, if one occurs, we will use all reasonable efforts to correct the problems that led to the breach.
The Web site contains links to other web sites. We are not responsible for the content, accuracy or opinions express in such web sites, and such web sites are not investigated, monitored or checked for accuracy or completeness by us.
Inclusion of any linked web site on or through the Web site or the Service does not imply approval or endorsement of the linked web site by us. If you decide to leave the Web site and access these third-party sites, you do so at your own risk.
JOB APPLICANTS, CURRENT AND FORMER ESSEX SU (AND SUBSIDIARY COMPANY) EMPLOYEES
When individuals apply to work at Essex SU (or subsidiary companies), we will only use the information they supply to us to process their application and to monitor recruitment statistics.
Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Criminal Records Bureau we will not do so without informing them beforehand unless the disclosure is required by law.
Personal information about unsuccessful candidates will be held for 12 months after the recruitment exercise has been completed, it will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.
Once a person has taken up employment with The SU, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with The SU has ended, we will retain the file for 5 years and then destroy it. Some basic information on employment within the SU may be shared with members of the university for research purposes, but not beyond start and end dates, job title, and average hours work.
ACCESS TO PERSONAL INFORMATION
The SU tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:
· give you a description of it;
· tell you why we are holding it;
· tell you who it could be disclosed to; and
· let you have a copy of the information in an intelligible form.
To make a request to The SU for any personal information we may hold you need to put the request in writing addressing it to the following address; firstname.lastname@example.org. In some cases, where the compilation of data is considered by The SU to be complex or time consuming we will make an administrative charge of £10. We will give you the information within 40 days as required by law, we will aim to achieve this before 40 days.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone, subject to verification of identity.
ABOUT THIS NOTICE
This privacy notice was drafted with clarity in mind. It does not provide exhaustive detail of all aspects of The SU’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below
University of Essex Students’ Union
University of Essex
Call: 01206 863211
You can view The SU's entry on the Data Protection Register on the https://ico.org.uk/esdwebpages/search
For further guidance on matters relating to Data Protection and Privacy, please refer to Information Commissioner’s Office: https://ico.org.uk/