You will generally not have to pay a fee to access your personal information (or to exercise any of the other rights). If you make a request, we have one month to respond to you. We may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Please see our policy on Data Rights for further information. If you wish to exercise any of your rights, or have any questions about your rights, please contact the Data Protection Officer at [email protected].
6. Data sharing
We may have to share your data with third parties, including third-party service providers and suppliers.
We require third parties to respect the security of your data and to treat it in accordance with the law.
If we have to transfer any of your personal data outside the UK we ensure the receiving country or organisation is deemed to have adequate data protection provision. Where a country or organisation does not have adequate protections we will put safeguards in place. Details of these safeguards can be provided to you upon request.
Our privacy notices will set out more details about whom we will share data with.
7. Data security
We have put in place measures to protect the security of your information.
Where third parties have access to your data, we will provide instructions for them to process your personal information only on in accordance with our instructions, and where they have agreed to treat the information confidentially and to keep it secure.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a relevant business need. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
The University’s overarching approach to data protection is set out in our Data Protection Policy.
8. Links to other websites
This Privacy Policy does not apply to other advertisers or websites. Our website may contain links to other websites of interest which we might not own or operate. You should note that we do not have any control over websites outside our ownership. Therefore, we cannot be responsible for the protection and privacy of any information which you may provide whilst visiting such external websites accessed from links and these websites are not governed by this Privacy Policy. You should exercise caution and review the privacy statement applicable to the website in question.
9. Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee compliance with this Privacy Notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO at [email protected]
10. International Transfers
If we have to transfer any of your personal data outside the European Economic Area (EEA) we ensure the receiving country or organisation is deemed to have adequate data protection provision. Where a country or organisation does not have adequate protections, we will put safeguards in place. Details of these safeguards can be provided to you upon request.
11. Unsolicited Marketing
We may contact corporate contacts with unsolicited marketing. Our legal basis for this is legitimate interests and we comply with the Privacy and Electronic Marketing Regulations (PECR) by only contacting corporate subscribers and always offering an opt out.
12. Complaints
If you are dissatisfied with the way the University of Essex has processed your personal data, or if have any questions or concerns about your data please contact [email protected]. If we are not able to resolve the issue to your satisfaction, you have the right to complain to the Information Commissioner’s Office (ICO). They can be contacted at https://ico.org.uk/make-a-complaint/
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline: 0303 123 1113
13. Changes to this Privacy Notice
This privacy notice was published on Monday, 31 January 2022. We may change this privacy notice from time to time. Last revised 20 December 2023.