How we handle your personal data
Your personal information is created, stored and transmitted securely in a variety of paper and electronic formats by the University in accordance with the provisions of the Data Protection Act 1998 and related legislation. Access to your personal information is limited to staff who have a legitimate interest in it for the purpose of carrying out their contractual duties. It is used for a range of purposes:
- To assess an individual's qualifications and suitability, including state of health, for a particular job or task.
- To administer a range of HR processes (e.g. disciplinary action).
- For remuneration, payroll and pension administration.
- To establish a contact point in the case of an emergency.
- To manage an employee's interactions with the various facilities and services offered by the University.
- To establish an employee's training and development requirements.
- To support the preparation of statistics for various purposes (including the monitoring of equality and diversity issues; see the ‘Sensitive Personal Data’ and ‘Internal reporting’ sections below).
- Your personal information is disclosed as permitted or required by law and, in particular, to support statutory and other reporting duties (e.g. Higher Education Statistics Agency requirements; see the ‘Higher Education Statistics Agency’ section below).
Sensitive Personal Data
Sensitive personal data, as defined by the Data Protection Act, includes that relating to:
- Ethnic origin.
- Religious belief.
- Sexual orientation.
- Gender identity.
The University is obliged to seek this information from staff but it is not compulsory for staff to provide responses. You may have been asked to provide personal sensitive information via the recruitment process. Access to, and the sharing of, this information is controlled very carefully (e.g. Departmental Administrators and other managers are not able to access any sensitive personal data in CHRIS).
When reporting on personal sensitive information only aggregate data is presented so that an individual's data will be protected.
Internal management information reporting is an important management tool for all large organisations to meet statutory reporting requirements, to monitor its policy and performance, and to develop equality aims and objectives and provide a better understanding of our diverse University community.
Staff statistics are published internally on an annual basis by the Academic Division.
Higher Education Statistics Agency
Much of the data maintained by the University about staff is required by the Higher Education Statistics Agency (HESA). HESA gathers information from publicly funded higher education institutions at the request of various government bodies, such as the Department for Business, Innovation and Skills and the Higher Education Funding Council for England. For information about how this data is used, please see the HESA Staff Collection Notice page.
Queries and further information
If you have any queries about how your data is used or the application of the Data Protection Act, please contact the University Data Protection Officer (tel. 64142, email email@example.com).
Introductory information and guidance for staff on their responsibilities under the Data Protection Act can be found in the University's Data Protection section.
Details of the University's overall data protection notification (registration) with the Information Commissioner are available at www.ico.gov.uk.
Under the Data Protection Act you have a right to a copy of the data held by the University.
This statement was last updated on 14 June 2012. Any changes will be published here and you will be notified via this webpage and/or by email.