Events and Partnerships Privacy Notice
The Engagement and Partnerships function focuses on developing and managing relationships with local and regional partners that bring tangible and valuable benefits to both parties. We work with a wide range of stakeholders through a corporate events programme, high profile visits, public engagement events, conferences and graduation ceremonies.
We engage with you as someone who has previously attended an event, registered an interest in the University of Bradford events programme, or as someone who shares a similar vision and values of the University of Bradford. We do this by inviting you to a range of events, or personal visits that we feel will interest you. We do this under the University of Bradford’s Charter to support the advancement and dissemination of knowledge.
Our stakeholders are important to us which is why we engage them through events and partnership development. We are committed to protecting your privacy, keeping your data safe and not doing anything with it that you wouldn’t reasonably expect. This statement sets out the basis on which any personal data we collect from you will be processed by us when you register online or provide an RSVP to attend an event at the University of Bradford. It describes how we collect, store, manage, protect and use your personal information.
In addition to the Events and Partnerships team, Faculties and Directorates deliver events within their academic or professional fields. Each Faculty or Directorate may hold and process personal data relating to the events delivered in their service separately to the data stored by the Events and Partnerships team.
Under what legal basis does the processing of my personal data take place?
The General Data Protection Regulation (GDPR) provides for a number of different legal bases under which processing of personal data may take place. In cases of a conference or event where a registration process exists, consent to add you to our public events mailing list will be requested as part of the registration process. In registering for public events or conferences information which you submit via the registration form will enable the University of Bradford to make all the necessary arrangements for your attendance at the event. Access to any information provided in this context will be restricted to individuals who need to see the data to carry out their duties in relation to the delivery of the event.
In cases where we invite stakeholders to visit the University or attend events we will rely on the following bases:
- Necessary for the purposes of the legitimate interests: Event invitations will be extended to individuals such as local business people and civic leaders, VIPs and other high profile stakeholders who we believe have an interest in the theme of an event and share the vision and/or values of the University of Bradford. In such cases, it is in the legitimate interests of the University to process personal information in order to extend an invitation.
What categories of personal data are used?
Personal data necessary for the organisation, including invitation process, and management of the event will be used.
Types of personal data can include but is not limited to:
- personal details, including contact information
- visual images(for use in marketing materials
- biographical details
- education and employment details
- Family, nationality or other information as stipulated by VISA regulations
- disability status (to allow consideration for travel or event requirement)
- dietary requirements
- Information published by companies house
- Information contained in newspaper articles
- Social media info
Where do we get your personal data from?
We obtain your information from you directly, via third party apps and websites such as Eventbrite which may store your personal details and then pass them on when you make a booking with us and we may also use information available from external sources to augment information we already have. This enables us to contact you in the event that you change your address, job or phone number, or didn’t provide it to us.
We also use information from external sources to gain a better understanding of our supporters to improve our event invitation methods, products and services and make sure we contact you in the most relevant and appropriate way. The information we get from other organisations depends on your privacy settings and the responses you give them.
When we collect it as you use our websites or Apps.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages users as a whole find useful and which they do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. Cookies are completely safe and secure and will never contain any sensitive information.
Accept or Decline Cookies
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of the website.
For further information about deleting and controlling cookies see AboutCookies.org
When someone you know refers you to us.
On occasion, someone you know, for example friends, family or a business associate, may give us your name and contact details as someone who is likely to be interested in events hosted by the University of Bradford. We will contact you as soon as is practicable to let you know we are processing your data in this way.
We use social media to provide updates and promote events, news and partnership updates. On occasion we may reply to comments or questions you make to us on social media platforms.
How do we keep your data safe and who has access to it?
We are committed to keeping your data secure. Your data is held on our client relationship management system Salesforce, ticketing and registration platform Eventbrite, or hosted on a secure server within the University network.
Salesforce is a US owned cloud based CRM System. Salesforce owns or controls access to the infrastructure that Salesforce uses to store data submitted by customers to the Covered Services (“Customer Data”). In general, Customer Data is stored in data centers in the region from which a customer subscribes to the Covered Services.
Eventbrite are US owned and your personal data held by them is held outside the EU. Both companies have subscribed to the US/EU Privacy Shield Framework which ensures that information held by US companies is processed in accordance with the same standards as required by the EU General Data Protection Regulation (GDPR).
We may use MailChimp as a tool to send communications to you and therefore transfer your data to them to do this. MailChimp aim to be complaint with the rules of GDPR by May 2018, and will have put measures in place to keep your data secure.
Access to information held for Engagement and Partnerships is restricted to individuals who need to see the data to carry out their duties in the university. Your information is only accessible by appropriately trained staff and contractors.
We take appropriate measures to ensure that the personal information disclosed to us is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used.
Who else do we pass this information on to?
We may need to disclose your details if required to the police, regulatory bodies or legal advisors where there is a legal requirement or an overriding public interest to do so.
Other than this the University would normally only share your personal data with contractors we use to deliver an event and in such cases, only for the purposes of delivering that event. Examples include external event venues, caterers etc. These organisations are contractually required to process your information in accordance with our instructions and in accordance with all relevant data protection laws.
We never sell or trade your personal data.
Do we transfer the information overseas?
On occasions events will be delivered internationally. In these cases it may be necessary to share data overseas in which case we will check there is adequate protection.
Where the University uses companies based in the US, we will try to use companies that have signed up to the Privacy Shield Framework.
How long do we keep this information for?
In line with JISC Records Retention Schedule documents relating to the organisation and administration of events shall be kept for 1 year following event completion and 3 years following event completion for the planning and evaluation of events. Delegates, who continually attend events or give consent for ongoing event notifications, data will remain active on our client relationship management system or Eventbrite until such a time that consent is withdrawn.
How can you verify, modify or delete your information?
You have a right to ask us to stop processing your personal data in cases where we are relying on our legitimate interests, and if it’s not necessary for the purpose you provided it to us for (e.g. registering you for an event) we will do so.
You also have the right to withdraw your consent in cases where you have provided this. Contact the Events and Partnerships team on 01274 23217 or email@example.com.
What are your rights as a data subject?
As a person whose personal data we are processing, you have certain rights in respect of that personal data; you have the right:
- To withdraw consent or ask us to stop processing your personal data
- To access your personal data that we process;
- To rectify inaccuracies in personal data that we hold about you if it is inaccurate or incomplete;
- To request the deletion or removal of your personal data where there is no compelling reason for its continued processing;
- To restrict the processing of your personal data in certain ways;
- To obtain your personal data for reuse;
- To object certain processing of your personal data;
- To complain to the Information Commissioner's Office about the way in which we process your personal data.
If you have questions regarding the organisation of an event, or concerning any information processed in the context of an event, or on your rights, feel free to contact the support team, using the contact information of the event or contact us directly on +44 (0) 1274 233217, email firstname.lastname@example.org
To contact the University's Data Protection Officer, please call +44 (0)1274 233021 email: email@example.com.
This statement was published 4 May 2018
Our information practices change from time to time, please check for updates on this page.
Address: University of Bradford, Richmond Road, Bradford, BD7 1DP.