QUBIS LTD PRIVACY NOTICE

Queen’s University Belfast (“we”, “us” and “our”) is committed to protecting your personal data. The notice is addressed to persons and organisations who are users of our business services, (“you” and “your”). This Privacy Notice tells you why we need to collect personal information about you, what we will do with it, and how we will look after it. It also tells you about your legal rights in relation to your Personal Data. If you have any questions about this privacy notice, please contact us. Contact details are provided below.

WHO WE ARE

1. We are Queen’s University Belfast, a university with a reputation for excellence in education and research and a member of the Russell Group. Founded in 1845 as Queen's College Belfast, we became an independent university in 1908. QUBIS LTD was established in 1984 by Queens University Belfast to commercialise the University’s research and development activities through the formation of spin-out businesses.

HOW YOUR PERSONAL DATA IS COLLECTED

2. Information you provide: When providing research commercialisation and intellectual property consultancy we will ask for information about you, such as your name, email address, contact details, etc. this is known as your “Personal Data”.

3. Data from other sources: We also collect information about you from other sources and this also forms part of “Personal Data”. This includes information from:

• As you interact with our website we may automatically collect information about which pages you visit on our site and where you are from. This information may be collected by using cookies or other similar technologies. For more information on how we use cookies and similar technologies please visit our cookie policy available at http://www.qub.ac.uk/Legal/.

HOW WE USE YOUR PERSONAL DATA

4. We use your Personal Data and Sensitive Personal Data in the following ways:

• To process communications between QUBIS and service users
• To administer the provision of services offered by QUBIS
• To conduct survey and feedback on services offered
• For marketing and website analytics.

LEGAL BASIS FOR COLLECTING AND USING YOUR PERSONAL DATA

5. We will only use your Personal Data if we have valid reasons for doing so. These reasons are known as our “legal basis for processing”. In certain circumstances we may ask for your consent to process your information. At other times we may be required to process your information to enable us to fulfil our part of the contract we have with you. There are circumstances where we have a legitimate interest to process your personal data, for example to provide you with a service which you have requested. The legal basis for processing your Personal Data is,

• (f) Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

WHO WE SHARE YOUR DATA WITH

6. In line with our Data Protection Policy and Procedures we can share your information, including Personal Data and Sensitive Personal Data, with the following parties for the purposes set out above:

• MailChimp – For processing communications.

DATA PROCESSING OUTSIDE EUROPE

7. We will not transfer your Personal Data and Sensitive Personal Data outside of the European Economic Area.

HOW LONG YOUR INFORMATION WILL BE KEPT

8. We will keep your Personal Data and Sensitive Personal Data for up to 5 years from end of service. We will only keep your information if we need it for one of the reasons described above. We place great importance on the security of the Personal Data that we hold, including the use of physical, technological and organisational measures to ensure your information is protected from unauthorised access and against unlawful processing, accidental loss, alteration, disclosure, destruction and damage.

YOUR RIGHTS

9. The Data Protection Act 2018 provides you with a number of legal rights in relation to your Personal Data, including the right:

• to request access to your Personal Data;
• to request correction of your Personal Data that is wrong or incomplete;
• to request erasure or the restriction of processing of your Personal Data;
• to request the transfer of your Personal Data in a structured; commonly used machine-readable format;
• not to be subject to automated decision making; and
• to withdraw your consent.

10. If you wish to exercise any of the rights set out above, or require further information about any of the rights, please contact us.

11. Where we need to collect your Personal Data, whether for the purposes of providing a service you have requested or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to provide the service or perform the contract. We may, therefore, have to cancel the contract or the service we provide to you but we will notify you if this is the case at the time.

12. There may also be times where we cannot stop using your Personal Data when you ask us to, but we will tell you about this if you make a request.

CONTACTING US

13. If you have any questions or comments about this privacy notice, the University’s Data Protection Officer can be contacted at:

Data Protection Officer

Registrar’s Office
Lanyon South
Queen’s University Belfast
University Road
BT7 1NN
info.compliance@qub.ac.uk

COMPLAINTS

14. You have the right to complain about how we treat your Personal Data and Sensitive Personal Data to the Information Commissioner’s Office (ICO). The ICO can be contacted at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

CHANGES TO THIS NOTICE

15. We may update this Privacy Notice from time to time. We will notify you of the changes where we are required by law to do so.