Privacy notice for businesses, organisations and other external stakeholders
As part of part of our business engagement activity the University of Brighton collects and processes personal data relating to collaborative research and enterprise activity, the recruitment of our students and graduates, hiring university conference spaces and accommodation, news and events, community engagement, and supporting or studying with us.
The university is committed to being transparent about how it collects and uses
that data and to meeting its data protection obligations.
The Data Controller is the University of Brighton, Mithras House, Lewes Road.
If you would like information about how the university uses your personal data please contact firstname.lastname@example.org, 01273 642010.
Data Protection Officer
The Data Protection Officer is responsible for advising the university on compliance with data protection legislation and monitoring its performance against it.
If you have any concerns regarding the way in which the university is processing your personal data, please contact Rachel Page, Head of Data Compliance and Records Management, email@example.com, 01273 642010.
What information does the university collect?
The University collects a range of information about you. It is likely that you will give us information when you make an enquiry to the university, share a business card or if you book to attend an event.
- your name, email address, a contact telephone number and on occasion, your business address;
- details of your engagement with the University, and details of other organisations that you may have represented while engaging with the university.
We do not process “special categories” data.
Where personal information is collected on our website (for instance through a web form), please read our separate website privacy notice.
Why do we collect your data?
We use your data so that we can deliver the services you have accessed – this could include:
- To invite you to an event or conference on a topic you have expressed interested in
- To send you communications about the work of the university as it relates to the topic you have expressed an interest in
How your data is held
Your data is held on our CRM system and our email system, it may also be held on our Content Management System if you have provided your information via a web form on the university’s website.
All data relating to your enquiry is held within the EEA and will not be transferred outside of the EEA.
Who has access to data?
Your information will be shared internally to enable us to best deliver the services you have enquired about.
The university will not share your data with third parties, unless you are a member of the Green Growth Platform.
If you are a member of the university’s Green Growth Platform, the university will share company data about you with third parties, specifically the University of Portsmouth Greentech and Liverpool John Moores University as part of the Clean Growth UK network.
How does the university protect data?
The university takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.
How long we will keep your data?
We will retain your data for two years from the last point of activity with us, after which point it will be deleted.
Data subject's rights:
access, rectification, erasure, restriction of processing, objection to processing, right to data portability
As a data subject, you have a number of rights. You can:
- access and obtain a copy of your data via a subject access request
- require the university to change incorrect or incomplete data
- require the university to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing
- object to the processing of your data, in certain circumstances, for example, where the university is relying on its legitimate interests as the legal ground for processing; or for direct marketing purposes
- ask the university to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the university’s legitimate grounds for processing data
- withdraw your consent at any time, where we have requested and obtained your consent
- where our lawful basis is consent or performance of a contract we will allow portability of your data.
Whether providing personal data is a statutory or contractual requirement and the consequences for failing to provide the data
There is no statutory or contractual requirement to provide your personal data to us, we are processing it under legitimate interest as you have indicated that you are interested to receive information on one of our business services.
The existence of automated decision making, including profiling, information about the logic involved, including the significance and the envisaged consequences of such processing for the data subject
We will not use your personal data for automated decision making / or profiling about you as an individual.
Changes to this notice
We keep our privacy notices under regular review. This privacy notice was last updated in July 2018.
Other privacy notices
We do our utmost to protect your privacy. Please be aware that other privacy notices exist within the university in respect of data held, including but not limited, to activities in relation to your enquiries, application, current students, alumni and use of our website.
The right to complain to the ICO
If you are unsatisfied with the way the university has processed your personal data, or have any questions or concerns about your data please contact firstname.lastname@example.org.
If we are not able to resolve the issue to your satisfaction, you have the right to apply to the Information Commissioner’s Office (ICO).