STUDENT PRIVACY NOTICE
Queen’s University Belfast (“we”, “us” and “our”) is committed to protecting your personal data. The notice is addressed to all students (part time, full time, distance and on campus), (“you” and “your”). This Privacy Notice tells you why we need to collect personal information about you, what we will do with it, and how we will look after it. It also tells you about your legal rights in relation to your Personal Data. If you have any questions about this privacy notice, please contact us. Contact details are provided below.
HOW YOUR PERSONAL DATA IS COLLECTED
2. Information you provide: When providing services related to your degree course and student experience we will ask for information about you, such as your name, address, DOB, bank details, etc. This is known as your “Personal Data”. We may also ask you for some special categories of information (for example criminal convictions, health, and religion). This is known as your “Sensitive Personal Data”.
3. Data from other sources: We also collect information about you from other sources and this also forms part of Personal or Sensitive Data. This includes information from:
- Local public authorities, such as councils or local education authorities,
- SLC, UCAS, DFID, the Police, NHS Trusts, UKVI, private landlords, prescribed regulatory statutory bodies (PRSB’s), other higher education providers, placement providers and organisations, for activities such as scholarship programmes, internships, accreditation, student payments and the Future-Ready Award.
- Individuals who have provided academic or personal references.
HOW WE USE YOUR PERSONAL DATA
4. We use your Personal Data and Sensitive Personal Data in the following ways:
- To process your application
- Administer any requests or communications
- Provide access to applications systems
- To carry out legal duties and statutory responsibilities
- Monitor and evaluate application experience
- Survey applicants on their final choice for study (in QUB or elsewhere)
LEGAL BASIS FOR COLLECTING AND USING YOUR PERSONAL DATA
5. We will only use your Personal Data if we have valid reasons for doing so. These reasons are known as our “legal basis for processing”. In certain circumstances we may ask for your consent to process your information. At other times we may be required to process your information to enable us to fulfil our part of the contract we have with you. There are circumstances where we have a legitimate interest to process your personal data, for example to provide you with a service which you have requested. The legal bases for processing your Personal Data are:
- Contractual Basis
- Legitimate Interests of the data controller
- Legal obligation, where we are required to process it under law.
When processing your ‘sensitive data’, we will do so in line with Article 9 of the GDPR and will use the appropriate exemption for each instance of sharing and/or processing, which are:
- Processing is necessary for carrying out obligations to employment, social security and social protection law;
- Processing is necessary for archiving purposes in the public interest, scientific or historical research or statistical purposes.
WHO WE SHARE YOUR DATA WITH
6. In line with our Data Protection Policy and Procedures we can share your information, including Personal Data and Sensitive Personal Data, with the following parties for the purposes set out above:
UCAS, schools and colleges, Prescribed Regulatory Statutory Bodies (PRSB's), accreditting and professional bodies, IT or software companies who help manage and maintain applicaiton systems, scholorship or funders and survey and consultancy services used to evaluate your application experience and reasons for your final choice of institution.
DATA PROCESSING OUTSIDE EUROPE
7. We use third party software providers, such as Mail Chimp, for the provision of some services that we offer. Some of these services are based in the United States of America. These services will only be used, outside of the EEA, when there is an Adequacy Decision in place and/or appropriate safeguards to protect any personal or sensitive data.
HOW LONG YOUR INFORMATION WILL BE KEPT
8. We will keep your Personal Data and Sensitive Personal Data for up to ? years from the date you apply to the University. We will only keep your information if we need it for one of the reasons described above. We place great importance on the security of the Personal Data that we hold, including the use of physical, technological and organisational measures to ensure your information is protected from unauthorised access and against unlawful processing, accidental loss, alteration, disclosure, destruction and damage.
9. The Data Protection Act 2018 provides you with a number of legal rights in relation to your Personal Data, including the right:
- to request access to your Personal Data;
- to request correction of your Personal Data that is wrong or incomplete;
- to request erasure or the restriction of processing of your Personal Data;
- to request the transfer of your Personal Data in a structured; commonly used machine-readable format;
- not to be subject to automated decision making; and
- to withdraw your consent
10. If you wish to exercise any of the rights set out above, or require further information about any of the rights, please contact us.
11. Where we need to collect your Personal Data, whether for the purposes of providing a service you have requested or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to provide the service or perform the contract. We may, therefore, have to cancel the contract or the service we provide to you but we will notify you if this is the case at the time.
12. There may also be times where we cannot stop using your Personal Data when you ask us to, but we will tell you about this if you make a request.
13. If you have any questions or comments about this privacy notice, the University’s Data Protection Officer can be contacted at:
Data Protection Officer
Queen’s University Belfast
14. You have the right to complain about how we treat your Personal Data and Sensitive Personal Data to the Information Commissioner’s Office (ICO). The ICO can be contacted at:
Information Commissioner's Office
CHANGES TO THIS NOTICE
15. We may update this Privacy Notice from time to time. We will notify you of the changes where we are required by law to do so.