HERTFORD COLLEGE PRIVACY NOTICE

1. General Information
2. Information for particular groups
3. Records of Processing Activities (ROPAs)

A summary of what this notice contains

Hertford College is committed to protecting the privacy and security of personal data.

This notice explains what personal data Hertford holds about you, how we use it, how we share it, how long we keep it and what your legal rights are in relation to it.

For the parts of your personal data that you supply to us, this notice also explains the basis on which you are required or requested to provide the information. For the parts of your personal data that we generate about you, or that we receive from others, it explains the source of the data.

This notice is arranged in three parts:

1: General Information.

This information is relevant for everyone, and covers key information about Hertford's general approach to protecting your data, and some of our specific processes.

2: Information for particular groups of people.

This provides summary information about the data we hold and process for particular groups of people including why we hold it, the legal basis on which we do it, and how we share it.

3: Records of Processing Activities (ROPAs).

This provides further, detailed information (where it has not already been provided in Part 2) on the categories of data held, how they are processed, the related legal basis, and the data retention policies that apply.

1 General Information

1.0.1 About personal data

“Personal data” is information relating to you as a living, identifiable individual. We refer to this as “your data”.

“Processing” your data includes various operations that may be carried out on your data, including collecting, recording, organising, using, disclosing, storing and deleting it.

Data protection law requires us:

To process your data in a lawful, fair and transparent way
To only collect your data for explicit and legitimate purposes
To only collect data that is relevant, and limited to the purpose(s) we have told you about
To ensure that your data is accurate and up to date
To ensure that your data is only kept as long as necessary for the purpose(s) we have told you about, and
To ensure that appropriate security measures are used to protect your data.

1.0.2 Hertford's contact details for personal data matters

If you need to contact us about your data, please contact :

Data Protection Officer
Hertford College
Catte Street
Oxford
OX1 3BW

email:dpo@hertford.ox.ac.uk

1.0.3 The data we hold and process

We have set out a schedule of the data we hold for different categories of people under specific later sections of this notice. This schedule includes information on:

The type of personal data we hold and process
Where we source this from
Why we need it, and the purposes to which it is put
The lawful basis upon which we hold it, including any additional requirements for Special Category data
How and why we might share it, and
How long we keep it for

1.0.4 Sharing data

Part 2 sets out how we may share data for specific categories of people. There are some general situations where we may share data for anyone we hold it about, including:

For the purposes of complying with our legal or regulatory obligations

If auditors are required to inspect our records for the purpose of their audit
To protect your vital interests, or those of another person
If circumstance require it, with our legal advisers for the purposes of obtaining privileged and confidential legal advice relating to the College's relationship with you
With agencies responsible for the prevention and detection of crime, apprehension and prosecution of offenders, or collection of a tax or duty for the purpose of the prevention, detection or investigation of crime, for the location and/or apprehension of offenders, for the protection of the public, and/or to support the national interest.

1.0.5 Sharing data outside the EU

The law provides various further safeguards where data is transferred outside of the EU. Our policy on sharing data in this way applies to all categories of data that we hold or process.

When you are resident outside the EU in a country where there is no “adequacy decision” by the European Commission, and an alternative safeguard is not available, we may still transfer data to you which is necessary for the implementation of pre-contractual measures, or for the performance of your contract with us.

Otherwise, we may transfer your data outside the European Union, but only for the purposes referred to in this notice and provided:

There is a decision of the European Commission that the level of protection of personal data in the recipient country is adequate; or
Appropriate safeguards are in place to ensure that your data is treated in accordance with UK data protection law, for example through the use of standard contractual clauses; or
There is an applicable derogation in law which permits the transfer in the absence of an adequacy decision or an appropriate safeguard.

1.0.6 Automated decision-making

We do not envisage that any decisions will be taken about you based solely on automated means, however we will notify you in writing if this position changes.

1.0.7 Your legal rights

Subject to certain conditions set out in UK data protection law, you have:

The right to request access to a copy of your data, as well as to be informed of various information about how your data is being used
The right to have any inaccuracies in your data corrected, which may include the right to have any incomplete data completed
The right to have your personal data erased in certain circumstances
The right to have the processing of your data suspended, for example if you want us to establish the accuracy of the data we are processing
The right to receive a copy of data you have provided to us, and have that transmitted to another data controller (for example, another University or College)
The right to object to any direct marketing (for example, email marketing or phone calls) by us, and to require us to stop such marketing
The right to object to the processing of your information if we are relying on a “legitimate interest” for the processing or where the processing is necessary for the performance of a task carried out in the public interest. The lawful basis for any particular processing activity we carry out is set out in our detailed table of processing activities for each type of relationship in Part 3, below
The right to object to any automated decision-making about you which produces legal effects or otherwise significantly affects you
Where the lawful basis for processing your data is consent, you have the right to withdraw your consent at any time. When you tell us you wish to exercise your right, we will stop further processing of such data. This will not affect the validity of any lawful processing of your data up until the time when you withdrew your consent. You may withdraw your consent by contacting the College's Data Protection Officer

Further guidance on your rights is available from the Information Commissioner's Office (https://.ico.org.uk/).

You have the right to complain to the Information Commissioner's Office (UK's supervisory office for data protection) if you believe that your data has been processed unlawfully.

1.0.8 Future changes to this privacy notice, and previous versions

We may need to update this notice from time to time, for example if the law or regulatory requirements change, if technology changes, if the University makes changes to its procedures, or to make Hertford's operations and procedures more efficient. If the change is material, we will give you not less than two months' notice of the change so that you can decide whether to exercise your rights, if appropriate, before the change comes into effect. We will notify you of the change by email and via the student intranet.

This notice is version V2.0 (May 2018).

You can access past versions of our privacy notices on our website.

2 Information for particular groups

2.1 Applicants and Prospective Students

2.1.1 Data that you provide to us and the possible consequences not providing it

If you do not provide us with information that we ask for:

If you are a prospective student wanting to attend an open day, it may mean that you cannot attend the open day, depending on the type of information we requested
If you are an applicant wanting to study with us, it may mean that we reject your application, depending on the type of information we requested

2.1.2 Other sources of your data

Apart from the data that you provide to us, we may also process data about you from a range of sources. These include:

Your school or previous educational establishments or employers if they provide references to us
Your family members, guardians, friends, and other contacts who may provide us with information about you if and when they contact us, or vice versa

2.1.3 Details of our processing activities, including our lawful basis for processing

We have prepared a detailed schedule (see Part 3) setting out the categories of data we hold, the processing activities that we undertake, the source of the data, the reasons why we process it, how long we keep it and the lawful bases we rely on.

The schedule includes detailed information about how and why we process various categories of data, and the related lawful basis including:

For the purpose of administering your application, we will process various information on the lawful basis that we have a legitimate interest in receiving, considering and administering applications from prospective students including:
- details of which courses you are applying for
- your application, including your contact details, personal statement, predicted grades and education history
- any written work or tests you submit, and our assessment of that work or tests
The information we process for these purposes also includes information that we take into account when deciding who to invite for an admissions interview. We may take into account “contextual” data such as information we can access about your school and postcode, and whether you have been in the care system. Further information about this process is contained here.

Further, to comply with a legal obligation, namely Hertford's obligation to ensure, so far as is reasonably practicable, that its staff, students and visitors are not exposed to health and safety risks, we will also process details of any relevant criminal convictions, allegations or charges that we ask you to declare to us when you apply to us, and of any Disclosure and Barring Service checks that we request. Relevant criminal convictions or charges are those that indicate an applicant or student might pose an unacceptable risk to other students or staff. More information is available for undergraduate admissions at: https://www.ox.ac.uk/admissions/undergraduate/applying-to-oxford/decisions/criminal-convictions?wssl=1 and for graduate admissions at: https://www.ox.ac.uk/admissions/graduate/applying-to-oxford/university-policies/criminal-convictions?wssl=1.

Processing of criminal convictions and allegations are subject to further controls, as explained above. In this case, the processing is permitted as it is necessary for the exercise of a protective function (the protection of anyone on Hertford's premises), which must be carried out without your consent so as not to prejudice the exercise of that function, and such processing is necessary for reasons of substantial public interest. The processing may also be necessary for the prevention or detection of unlawful acts. (Once the information has been provided to us, this processing must be carried out without your consent, as the law prohibits us from requiring your consent as a condition of performing a contract with you).

We will process bank and other payment details, where we need to reimburse you, or where you provide such details to us when making a payment. We have a legitimate interest in processing such data for this purpose.

2.1.4 How we share your data

We will not sell your data to third parties. We will only share it with third parties if we are allowed or required to do so by law. This includes for example:

where we are required to report information about students that are subject to visa controls to UK Visas and Immigration
where we are required to report information to the University of Oxford in order for it to fulfil its obligations to report information to the Higher Education Statistics Agency or its successor body in order to comply with regulatory obligations
where we decide to report alleged criminal misconduct to the police

It also includes disclosures where the third party is an agent or service provider appointed by the College to enable us to operate effectively, provided we are satisfied that appropriate safeguards have been put in place to ensure adequate levels of security for your data. All our third party service providers are required to take appropriate security measures to protect your personal information in line with our policies, and are only permitted to process your personal data for specific purposes in accordance with our instructions. We do not allow our third party providers to use your personal data for their own purposes.

Please also see our information in Part 1 about sharing data outside of the EU.

2.2 Current Students

2.2.1 Data that you provide to us and the possible consequences of not providing it.

The provision of most data that you provide to us is a contractual requirement. If you do not provide us with information that you are contractually obliged to provide, the consequences will depend on the particular circumstances. In some cases we may not be able to provide you with certain services; in other cases, this could result in disciplinary action or the termination of your contract.

2.2.2 Other sources of your data

Apart from the data that you provide to us, we may also process data about you from a range of sources. These include:

Data that we and our staff generate about you, such as during tutorials and in connection with your attendance and accommodation at Hertford
The University of Oxford, which operates a number of systems that Colleges have access to, including access to your examination results, fees outstanding, degree ceremony bookings, emergency contact details, student loan status, “right to work” checks and visa information, disability information and reports by supervisors
Your school or previous educational establishments or employers if they provide references to us
Fellow students, family members, friends, visitors to Hertford and other contacts who may provide us with information about you if and when they contact us, or vice versa

2.2.3 Details of our processing activities, including our lawful basis for processing

The schedule includes detailed information about how and why we process various categories of data, and the related lawful basis including:

Details of which course you are studying
Other data that is necessary to the operation of the Hertford student contract or to the functioning of Hertford, including:
- any data about you contained in your assessed work, our assessments of your work and details of any qualifications you are awarded
- details of any disciplinary complaints or decisions about you
- your contact and accommodation details
- any communications you have with us, and any communications we generate about you, for example if you ask us to defer your studies to a later academic year
- details of any payments that you make to us, including your bank/payment card details
Data you and others sent us when you applied to us (including information sent to us via UCAS and your predicted grades). This includes your academic record and personal statement which we use to assess your application
Details of any relevant criminal convictions, allegations or charges that we ask you to declare to us either when you apply to us, or whilst you are a student, or which are reported to us, and of any Disclosure and Barring Service checks that we request. Relevant criminal convictions or charges are those that indicate an applicant or student might pose an unacceptable risk to other students or staff. More information is available for undergraduate admissions at: https://www.ox.ac.uk/admissions/undergraduate/applying-to-oxford/decisions/criminal-convictions?wssl=1 and for graduate admissions at https://www.ox.ac.uk/admissions/graduate/applying-to-oxford/university-policies/criminal-convictions?wssl=1.
Information that you voluntarily provide to us about any disabilities or health conditions you have, and about your age, ethnicity, gender, religion and belief, and/or sexual orientation. You may also provide this information to us as part of the equality monitoring that we undertake pursuant to our legal obligations under the Equality Act 2010
Where you inform us of a health condition or disability, we will take this information into account when considering whether to make a reasonable adjustment under equality law and in other cases where we are legally required to
Data about you that we have to collect by law (for example where UK immigration law requires us to record information about you, or to report it to the immigration authorities)
Data that we voluntarily provide about you, either whilst you are a student or after you graduate, for example if you ask us for a reference
Bank and other payment details, where we need to reimburse you, or where you provide such details to us when making a payment

2.2.4 How we share your data

We will not sell your data to third parties. We will only share it with third parties if we are allowed or required to do so by law. This includes for example:

Where we are required to report information about students that are subject to visa controls to UK Visas and Immigration
To comply with regulatory requirements
Where we decide to report alleged criminal misconduct to the police
The College will share information with your sponsor(s) in accordance with the terms of relevant contract(s) or agreement(s) with you and your sponsor. This data is likely to relate to attendance and academic progress. This may include international transfer of data where the sponsor is based overseas. Sponsors can be employers, parents or other third parties
We share information relating to the payment of student fees with educational loan providers, such as the Student Loans Company, where this is required under the terms of the funding arrangement, or otherwise at your request. This is for the purposes of confirming your identity, enrolment and attendance. We may also be required to share information relating to intermission or illness in order to facilitate financial support. Your data is shared to facilitate payment of tuition fee and maintenance loans and the provision of other financial support including bursaries
Where you are a recipient of funding originating form overseas bodies, we may be requested or required to provide information to those bodies in relation to you
Potential employers or education providers that you have approached
We may wish to contact your next of kin, guardians or emergency contact in cases of emergency. Should a situation arise where it would be appropriate, in our reasonable opinion, to use the next of kin details that you have provided to us, we will disclose to your next of kin such of your personal data as is warranted by the situation. Decisions to contact these individuals will be made in consideration of your rights and freedoms
We will share data relating to your student status with relevant local government departments for the purposes of council tax exemption, assessment and/or collection
We share basic information with GP practices, on your request, to ensure that you are registered with a local GP during your time at Oxford
We share data such as your name, address and nationality, to enable the ERO to contact you regarding eligibility to vote in general, local and European elections
If circumstances require it, we may share your data with our legal advisers for the purposes of obtaining privileged and confidential legal advice relating to the College's relationship with you
We may share your data with government departments, crime prevention and law enforcement agencies when required or considered appropriate in the circumstances and with the proper consideration of your rights and freedoms. Organisations we may share your data with include the Police and UK Visas and Immigration
In order to apply for a DBS check, if you are engaged in an activity which involves contact with children or vulnerable adults or where the College considers a criminal records check is required. You will be notified in advance of any requirement to carry out a DBS check
The College may share student data with third party software providers where required to administer teaching, timetabling, examinations and for anti-plagiarism services. We may share your data in order to facilitate access to IT systems and services such as providers of operating systems, library catalogues and online learning environments
If auditors wish to inspect College records, this may require them to have access to your data for the purpose of conducting their audit. Any audit will be conducted pursuant to an agreement with the College which includes provisions to protect your data from misuse
Within the University:
- Where we are required to report information to the University of Oxford in order for it to fulfil its obligations to report information to the Higher Education Statistics Agency or its successor body in order to comply with regulatory obligations
- We may share Admissions data (including student applications and qualifications), examination results, payments of fees and collection of debts. We also provide information about financial support you receive. We also inform the University of any decisions that you tell us about regarding your course, such as options you wish to take, or if you decide to change or withdraw from your course, intermit or suspend your studies. We may also share records of any decisions we make about your wishes, such as whether to allow you to take options, change your course or suspend your studies
- Your data is shared to allow the University and Colleges to work together in providing admissions decisions, making decisions about your course and in administering examinations, assessments and collect fees, and to avoid duplication of effort in areas where the University and Colleges have a common interest. Information about financial support is provided to allow the University to complete its data return to the Higher Education Statistics Agency, which is a regulatory requirement on the University
- We also share data with the University to enable it to comply with its duties as a tier 4 sponsor, for example to verify student attendance in accordance with UKVI requirements
- We may also transfer data concerning your health, disabilities or welfare if it is appropriate to make a request to the University (for example to make a reasonable adjustment)
- We share "right to work" checks for Graduate Students as tutoring work is often conducted at several Colleges. We share your title, first name, surname, single sign-on user name, tutor subject, College, date checked, confirmation of your permanent right to work, immigration status, student status and location of "right to work" documents (noting the document that was checked and where it is held) with the Conference of Colleges and other Colleges
- If you lodge an appeal with the Conference of Colleges Appeal Tribunal, we will share your data with the Conference of Colleges and the Tribunal (which is administered by the Conference of Colleges). The data we share will be necessary for the appeal process and pursuant to the Tribunal's published procedure

Please also see our information in Part 1 about sharing data outside of the EU.

2.3 Job Applicants

2.3.1 What personal data we hold about you and how we use it

We may hold and use a range of data about you at different stages of our relationship with you. We might receive this data from you, we might create it ourselves, or we might receive it from someone else (for example if someone provides us with a reference about you).

2.3.2 Categories of data that we collect, store and use include but are not limited to:

The contact details that you provide to us, including names, addresses and telephone numbers
The position, role, grade, salary and benefits attaching to the relevant role
Your application paperwork, including the results of any testing
Details of your qualifications and correspondence in relation to them
References received about you, as well as the names and contact details of referees
Requests for special arrangements and/or waiver of eligibility criteria, including our consideration and decisions in relation to the same
Communications with you regarding the outcomes of your application
Records of decisions, including relevant committee and panel reports
Copies of passports, right to work documents, visas and other immigration data
Details of any medical issues and/or disabilities that you have notified to us, including any consideration and decision on reasonable adjustments made as a result
Equality monitoring data

2.3.3 Data that you provide to us and the possible consequences of not providing it

Most data that you provide to us is processed by us in order that we, and you, can comply with obligations imposed by law. For example:

Copies of your passport, right to work, and visa information will be collected by us at the time of your application or appointment, and at the point of any change or renewal of immigration status, to enable us to comply with UK Immigration and Visa requirements. We may be required by law to retain that data, along with related information (such as your application paperwork, short-lists and selection committee papers), even where you are not appointed, until a certain point after the person appointed ceases to be employed by Hertford
If the relevant role requires regular interactions with children or vulnerable adults, we are required by law to carry out a Disclosure and Barring Service check in relation to you. In accordance with section 124 of the Police Act 1997, DBS certificate information is only passed to those who are authorised to receive it in the course of their duties and, in line with the DBS code of practice, is not kept by Hertford for any longer than is necessary

Your failure to provide such data may mean that you are unable to take up the relevant role.

Other data that you give to us is provided on a wholly voluntary basis – you have a choice whether to do so. Examples include:

Equality monitoring data, which is requested by the College as part of the equality monitoring that we undertake pursuant to our legal obligations under the Equality Act 2010
Disability and health condition information, which you may choose to provide to us in order that we can take this information into account when considering whether to make a reasonable adjustment

2.3.4 Other sources of your data

Apart from the data that you provide to us, we may also process data about you from a range of sources. These include:

Data that we generate about you when processing your application;
Data generated by the University of Oxford, where the role you have applied for is a joint position offered by both Hertford and the University
Your previous educational establishments and/or employers if they provide references to us

2.3.5 Details of our processing activities, including our lawful basis for processing

2.3.6 How we share your data

We do not, and will not, sell your data to third parties. We will only share it with third parties if we are allowed or required to do so by law.

Examples of bodies to whom we are required by law to disclose certain data include, but are not limited to:

The Home Office, UK Visas and Immigration – to fulfil Hertford's obligations as a visa sponsor

Examples of bodies to whom we may voluntarily disclose data, in appropriate circumstances, include but are not limited to:

Other Colleges and/or PPHs within the University of Oxford, University offices and/or departments - where you apply for a role shared between different parts of the collegiate university, we may need to share relevant data for the proper functioning of relevant contracts and services
Higher Education Statistics Agency (HESA) - some information, usually in pseudonymised form, will be sent to HESA for statistical analysis and to allow government agencies to carry out their statutory functions
Third party service providers - to facilitate the activities of the College. Any transfer will be subject to an appropriate, formal agreement between us and the processor

Where information is shared with third parties, we will seek to share the minimum amount of information necessary to fulfil the purpose.

All our third party service providers are required to take appropriate security measures to protect your personal information in line with our policies, and are only permitted to process your personal data for specific purposes in accordance with our instructions. We do not allow our third party providers to use your personal data for their own purposes.

Please also see our information in Part 1 about sharing data outside of the EU.

2.4 Current and former Employees

2.4.1 What personal data we hold about you and how we use it

We may hold and use a range of data about you at different stages of our relationship with you. We might receive this data from you; we might create it ourselves, or we might receive it from someone else (for example if someone provides us with a reference about you).

2.4.1.1 Categories of data that we collect, store and use include (but are not limited to):

The contact details that you provide to us, including names, addresses and telephone numbers
Your position, role, contract terms, grade, salary, benefits and entitlements
Records about your recruitment, including your application paperwork, details of your qualifications, references (including names and contact details of referees), requests for special arrangements, communications regarding our decisions, and relevant committee and panel reports
Details of any relevant criminal convictions or charges that we ask you to declare to us, either when you apply to us, or during your membership of the College. Relevant criminal convictions or charges are those that indicate you might pose an unacceptable risk to students or staff. Further, your role at the College may require that we conduct a Disclosure and Barring Service check, which will provide us with details of any relevant criminal convictions and/or cautions that you have received
Copies of passports, right to work documents, visas and other immigration data
Details of any medical issues and/or disabilities that you have notified to us, including any consideration and decision on reasonable adjustments made as a result
Equality monitoring data
Dietary requirements
Your financial details, including bank and building society account numbers, sort codes, BACS IDs, NI numbers, tax codes, payslips and similar data
Pensions membership data, including identification numbers, quotes and projections, terms benefits and contributions
Learning and development records, including your attendance, completions, accreditations and certifications
Capability procedure records, including performance indicators, records of review meetings, feedback, decisions and outcomes
Promotion and progression records, including applications, references and supporting materials, records of deliberations and decisions, feedback and awards
Records regarding grievances, disciplinary proceedings or investigations prompted by, involving or relating to you
Attendance and absence records, including leave requests, sickness records and related data
Photographs, audio and video recording
Computing and email information, including login information for our IT systems, IP address(es), equipment allocated to you and records of network access
Biometric data

2.4.2 Data that you provide to us and the possible consequences of not providing it

Most data that you provide to us is processed by us in order that we, and you, can each fulfil our contractual obligations and/or comply with obligations imposed by law. For example:

Copies of your passport, right to work, and visa information will be collected by us at the time of your application to enable us to comply with UK Immigration and Visa requirements. We may also be required by law to retain that data, along with related information (such as your application paperwork, short-lists and selection committee papers) until a certain point after your employment with the College ends
Financial data, including your account number and sort code, BACS ID, NI number, salary, tax codes and payments information are collected by us at the time of your appointment to enable us to pay you in accordance with the contract between us
You have a contractual obligation to inform us of relevant conflicts of interest affecting your involvement in Hertford management and decision-making. Failure to do so may undermine the reputation and integrity of the College, and may have legal implications

The consequences for any failure to provide such data will depend on the particular circumstances. For example, a failure to provide copies of your passport, right to work and visa information, may mean that we are unable to enter into, or continue, with your employment. A failure to notify the College of relevant conflicts of interest may result in disciplinary proceedings being commenced.

Some data that you give to us is provided on a wholly voluntary basis – you have a choice whether to do so. Examples include:

Equality monitoring data, which is requested by the College as part of the equality monitoring that we undertake pursuant to our legal obligations under the Equality Act 2010
Disability and health condition information, which you may choose to provide to us in order that we can take this information into account when considering whether to make a reasonable adjustment

2.4.3 Other sources of your data

Apart from the data that you provide to us, we may also process data about you from a range of sources. These include:

Data that we generate about you, such as when processing your application, arranging payments, and/or in relation to accommodation provided by us
The University of Oxford, which operates a number of systems that Colleges have access to, including systems that allow us to access your teaching allocation records and schedules
Your previous educational establishments and/or employers if they provide references to us
Fellow members of College, family members, friends, visitors to Hertford and other contacts who may provide us with information about you if and when they contact us, or vice versa

2.4.4 Details of our processing activities, including our lawful basis for processing

2.4.5 How we share your data

We do not, and will not, sell your data to third parties. We will only share it with third parties if we are allowed or required to do so by law.

Examples of bodies to whom we are required by law to disclose certain data include, but are not limited to:

Home Office; UK Visas and Immigration - to fulfil College's obligations as a visa sponsor
Disclosure and Barring Service (DBS) - required for certain posts to assess an applicant's suitability for positions of trust or where the post works with vulnerable people or children
The Higher Education Funding Council for England (HEFCE) - data submitted for the Research Excellence Framework (REF) which is a system for assessing the quality of research in higher education
HM Revenues & Customs (HMRC) - real-time information released to HM Revenue & Customs (HMRC) in order to collect Income Tax and National Insurance contributions (NICs) from employees
To comply with any other regulatory requirements

Examples of bodies to whom we may voluntarily disclose data, in appropriate circumstances, include but are not limited to:

Other Colleges and/or PPHs within the University of Oxford, University offices and/or departments - where a member is employed by or connected to both organisations, or are providing services in different parts of the collegiate university, we may need to share relevant data for the proper functioning of relevant contracts and services
Agencies with responsibilities for the prevention and detection of crime, apprehension and prosecution of offenders, or collection of a tax or duty, for the purposes of the prevention, detection or investigation of crime, for the location and/or apprehension of offenders, for the protection of the public, and/or to support the national interest
Mortgage lender and letting agencies - in order to allow these organisations to verify for mortgages and tenancy agreements. Release of this information is subject to a written request being received from the employee
Universities Superannuation Scheme (USS) / Oxford Staff Pension Scheme (OSPS) - in order to provide data required for the provision of pensions by these providers
Higher Education Statistics Agency (HESA) - some information, usually in pseudonymised form, will be sent to the HESA for statistical analysis and to allow government agencies to carry out their statutory functions
Occupational Health providers - to enable the provision of these facilities
Third party service providers - to facilitate activities of the College. Any transfer will be subject to an appropriate, formal agreement between us and the processor
If auditors wish to inspect College records, this may require them to have access to your data for the purpose of conducting their audit. Any audit will be conducted pursuant to an agreement with the College which includes provisions to protect your data from misuse
We may wish to contact your next of kin, guardians or emergency contact in cases of emergency. Should a situation arise where it would be appropriate, in our reasonable opinion, to use the next of kin details that you have provided to us, we will disclose to your next of kin such of your personal data as is warranted by the situation. Decisions to contact these individuals will be made in consideration of your rights and freedoms
We share data relating to staff living in College-owned accommodation with the local authority for council tax purposes
Employers whom you have approached in connection with a job, to provide references etc.
If circumstances require it, we may share your data with our legal advisers for the purposes of obtaining privileged and confidential legal advice relating to the College's relationship with you
Where an occupational health referral is made we will share your contact details with the provider, as well as appropriate details to enable the provider to conduct its assessment
We submit details of teaching and research outputs and assessments, plus ancillary data to show that you meet the qualifying criteria for consideration by relevant panels

Where information is shared with third parties, we will seek to share the minimum amount of information necessary to fulfil the purpose.

Please also see our information in Part 1 about sharing data outside of the EU.

2.5 Attendees, organisers and those involved in conferences and events

2.5.1 What personal data we hold about you and how we use it

2.5.1.1 Categories of data that we collect, store and use include (but are not limited to):

Contact details that you provide to us, including names, addresses and telephone numbers
Details of event organisers and guests, including details of organisations represented and event purpose
Financial information including your details of invoicing and outstanding payments (including payment information such as credit card or banking payment information) for facilities and services provided by the College at your request
Room and meal booking information, including any medical issues and/or disabilities that you have notified to us
Dietary requirements
Photographs, audio and video recording of events (where applicable)
Computing and email information, including Guest login information (IP address(es), devices connected, traffic monitoring data)

2.5.2 Data that you provide to us and the possible consequences of not providing it

Most data that you provide to us is processed by us in order that we, and you, can each fulfil our contractual obligations and/or comply with obligations imposed by law. For example:

Financial information, as listed above, must be provided as part of any contract between us for the provision of services or access to facilities
Details of event organisers and guests, including details of organisations represented and event purpose must be provided to us under the contract in place between us, in order that we can properly manage College facilities and ensure that our facilities are not used to further illegal or inappropriate aims

The consequences for any failure to provide such data will depend on the particular circumstances. For example, a failure to provide the relevant financial information will mean that we are unable to process any payment from you and may not be able to enter into the relevant contract with you. A failure to provide accurate organisation and purpose details for events may mean that we choose not to enter into the relevant contract with you, or that an event in progress is not permitted to continue.

Some data that you give to us is provided on a wholly voluntary basis – you have a choice whether to do so. An example would be disability and health condition information, which you may choose to provide to us in order that we can take this into account when allocating appropriate accommodation to you.

2.5.3 Other sources of your data

Apart from the data that you provide to us, we may also process data about you from a range of sources. These include:

Data that we generate about you, such as when communicating with you, receiving your requests, orders and/or payments
Guests attending the relevant conference and/or event
Third parties with an interest in the activities of your organisation

2.5.4 Details of our processing activities, including our lawful basis for processing

2.5.5 How we share your data

We do not, and will not, sell your data to third parties. We will only share it with third parties external to the collegiate University, if we are allowed or required to do so by law.

Examples of bodies to whom we are required by law to disclose certain data include, but are not limited to:

Agencies with responsibilities for the prevention and detection of crime, apprehension and prosecution of offenders, for the purpose of the prevention, detection or investigation of crime, for the location and/or apprehension of offenders, and/or for the protection of the public (in cases where there is a duty on us to report)
HM Revenue & Customs (HMRC) - invoicing information to the extent required to fulfil College's tax reporting obligations

Examples of bodies to whom we may voluntarily disclose data, in appropriate circumstances, include but are not limited to:

Other Colleges and/or PPHs within the University of Oxford - where events are progressed on a joint basis
Third party service providers - to facilitate activities of the College. Any transfer will be subject to an appropriate, formal agreement between Hertford and the processor
Agencies with responsibilities for the prevention and detection of crime, apprehension and prosecution of offenders - for the prevention, detection or investigation of crime, for the location and/or apprehension of offenders, and/or for the protection of the public

Where information is shared with third parties, we will seek to share the minimum amount of information necessary to fulfil the purpose.

Please also see our information in Part 1 about sharing data outside of the EU.

2.6 Suppliers, contractors, and those with whom we undertake financial transactions

2.6.1 Data that you provide to us and the possible consequences of not providing it

In most cases the data you provide will be a necessary requirement of your transaction with the College. If you do not provide your data, we will not be able to process the transaction.

2.6.2 Other sources of your data

Apart from the data that you provide to us, we may also process data about you that we generate about you, or that we receive from a third party (for example banks who provide us with your details when payments are made or received by Hertford.

2.6.3 Details of our processing activities, including our lawful basis for processing

2.6.4 How we share your data

We will not sell your data to third parties. We will only share it with third parties if we are allowed or required to do so by law. This includes for example where we decide to report alleged criminal misconduct to the police.

Please also see our information in Part 1 about sharing data outside of the EU.

2.7 Those who come in to contact with our security systems and procedures

2.7.1 Data that you provide to us and the possible consequences of not providing it

In most cases the data you provide will be a necessary requirement of entering or living on Hertford premises. If you do not provide such data you may not be able to enter Hertford premises, and depending on circumstances this may become a disciplinary matter that could lead to the termination of your contract with us whether you are an employee, or a student.

2.7.2 Other sources of your data

Apart from the data that you provide to us, we may also generate data about you, for example if you use a College fob or swipe card to access premises, the College access control system will generate a log of your attendance.

2.7.3 Details of our processing activities, including our lawful basis for processing

This includes detailed information about how and why we process various categories of data, and the related lawful basis. It includes:

Occasional monitoring that may occur of staff where College has reasons to believe the individual concerned may be guilty of misconduct. Monitoring for such purposes may only be carried out in accordance with College's Physical Security policy which includes safeguards to ensure that individual privacy is respected appropriately. The lawful basis for such processing is that the College has a legitimate interest in ensuring that staff comply with their legal obligations as employees.
CCTV monitoring that College undertakes to help provide safety and security on College premises, and to assist with the prevention of crime and other unlawful activity. College may take disciplinary action if a safety or security incident involves a breach of staff or student disciplinary policies and report safety or security incidents to the police if the incident involves an apparent criminal offence. Monitoring for such purposes may only be carried out in accordance with College's Physical Security policy which includes safeguards to ensure that individual privacy is respected appropriately. The lawful basis for such processing is that the College has a legitimate interest in ensuring that staff comply with their legal obligations as employees.
Movement records of staff, students and visitors to College premises, for example the timing of access to buildings or offices, whether through electronic access systems or manual records. The lawful basis for such processing is that the College, its members and visitors have a legitimate interest in implementing such measures to help maintain College safety and security.
Records of requests and bookings for rooms, including records of any decisions the College makes pursuant to its obligation to take such steps as are reasonably practicable to ensure that freedom of speech within the law is secured for members, students and employees of the College and for visiting speakers. The lawful basis for such processing is that the College has a legitimate interest in making its rooms available to members of the College to enable events to be held. Where freedom of speech issues are involved, the processing is necessary for compliance with a legal obligation (namely under the Education (No 2) Act 1986).

2.7.4 How we share your data

Examples of bodies to whom we are required by law to disclose certain data include, but are not limited to:

Agencies with responsibilities for the prevention and detection of crime, apprehension and prosecution of offenders - for the prevention, detection or investigation of crime, for the location and/or apprehension of offenders, and/or for the protection of the public (in cases where there is a duty on us to report).

Examples of bodies to whom we may voluntarily disclose data, in appropriate circumstances, include but are not limited to:

Other Colleges and/or PPHs within the University of Oxford - where security is managed on a joint basis.
Third party service providers - to facilitate activities of the College. Any transfer will be subject to an appropriate, formal agreement between Hertford and the processor.
Agencies with responsibilities for the prevention and detection of crime, apprehension and prosecution of offenders - for the prevention, detection or investigation of crime, for the location and/or apprehension of offenders, and/or for the protection of the public.

Where information is shared with third parties, we will seek to share the minimum amount of information necessary to fulfil the purpose.

Please also see our information in Part 1 about sharing data outside of the EU.

2.8 Those who use our IT services, or telephony systems

2.8.1 Data that you provide to us and the possible consequences of not providing it

In most cases the data you provide will be a necessary requirement of using the relevant system (for example, you will need a password to access College IT systems). If you do not provide such data you will not be able to use the system, and depending on circumstances this may become a disciplinary matter that could lead to the termination of your contract with us whether you are an employee, or a student.

2.8.2 Other sources of your data

Apart from the data that you provide to us, we may also process data about you from a range of sources. These include:

The University of Oxford, which operates a number of systems that Colleges have access to, including email and telephony services.
Information that we generate in the course of operating the College's IT systems, or which we obtain from third party suppliers, for example telephone records provided by suppliers of telephone systems.

2.8.3 Details of our processing activities, including our lawful basis for processing

This includes detailed information about how and why we process various categories of data, and the related lawful basis. It includes monitoring that may occur of use of telephone and IT services, including, subject to certain safeguards, email content, internet use and/or telephone records for the purpose of ensuring that such services are not used for unlawful purposes, or otherwise breach the College's/University's IT/telephone regulations. The lawful basis for such processing is that the College has a legitimate interest in maintaining the integrity of its systems, to investigate misuse and in taking action to prevent misuse recurring.

2.8.4 How we share your data

Please also see our information in Part 1 about sharing data outside of the EU.

2.9 Users of our website

2.9.1 What personal data we hold about you and how we use it

Whenever you use a website, mobile application or other Internet service, certain information is created and recorded automatically. The same is true for our websites, being those with URLs containing hertford.ox.ac.uk.

In addition to the data we gather via web forms placed on our site (the handling of which will be governed by the relevant data protection notice covering the circumstances and context), we collect and generate a variety of data via our websites.

2.9.2 Categories of data that we collect, store and use include (but are not limited to):

Log data: whenever you use our website, our servers automatically record information (“log data”) regarding that access, including:
- Any data sent by your browser or mobile app to enable you to access the site
- Location data of users (if provided by the connecting device)
- Internet Protocol (IP) address of the connecting device or other unique device identifiers
- Browser type and setting for the connecting device
- The date and time of access
- Details of any attempts to log on to closed systems
- Crash data
Cookie data: we may use “cookies” (small text files sent by your computer each time you visit our website, unique to your visit or your browser) or similar technologies to record additional information. Our cookies record information including:
- Language preferences
- Contents of online ‘shopping baskets' (where relevant)

Most data collected is statistical data about our users' browsing actions and patterns, and does not identify any individual. However, there may be occasions where browsing patterns are connected to IP addresses or location data such that the data as a whole is personal data.

Whether we collect some of the above information often depends on your device type and settings. To learn more about what information your device makes available to us, please also check the policies of your device manufacturer or software provider.

2.9.3 The lawful basis on which we process your data

The law requires that we provide you with information about the lawful basis on which we process your personal data, and for what purpose.

In most circumstances, we require your consent to place cookies on your device. When you access our website you are notified that we use cookies, and continued use of the site following that notification is taken as consent to the use of cookies.

If you would prefer that we do not use cookies, you should adjust your browser settings to reject cookie use.

Where we use cookies for site security, or to ensure the proper functioning of the site (for example via the use of load-bearing cookies), we do not require your consent to the use of these cookies. We have a legitimate interest in their use and we process all data, as collected by those cookies, on that basis.

2.9.4 Data that you provide to us and the possible consequences of not providing it

The data that we collect via our website in the course of your accessing it is provided by you on a voluntary basis. If you elect to adjust your browser settings to reject cookies, it may affect your experience in using the site, in the event that any blocked cookies support functionality.

2.9.5 Other sources of your data

Apart from the data that you provide to us, we may also receive data about you from other sources:

We may get information about you and your activity outside College from other third parties we work with. For example:

The University of Oxford, with whom we share single sign on services
Google Analytics shares information with websites or apps where it runs to provide statistics. We also receive this information, which may include information such as whether clicks on other sites led to visits to our site. For more information about Google Analytics see http://www.google.com/analytics/.

2.9.6 How we share your data

We do not, and will not, sell your data to third parties. We will only share it with third parties if we are allowed or required to do so by law.

Examples of bodies to whom we are required by law to disclose certain data include, but are not limited to:

UK agencies with duties relating to the prevention and detection of crime, apprehension and prosecution of offenders, safeguarding, or national security. We may share data with government departments, crime prevention and law enforcement agencies when required or considered appropriate in the circumstances and with the proper consideration of your rights and freedoms.

Examples of bodies to whom we may voluntarily disclose data, in appropriate circumstances, include but are not limited to:

Other Colleges and/or PPHs within the University of Oxford, University offices and/or departments. For example, data from cookies may be shared in pursuit of our legitimate interest in maintaining the proper function and security of our website, or where the other party has a legitimate interest is receiving the data for similar purposes. Data may also be shared in an anonymised and/or statistical format.
Legal advisers and auditors to support our legal and financial obligations and objectives.
Third party service providers to facilitate activities of the College. Any transfer will be subject to an appropriate, formal agreement between the College and the processor.
UK agencies with duties relating to the prevention and detection of crime, apprehension and prosecution of offenders, safeguarding, or national security. We may share data with government departments, crime prevention and law enforcement agencies when required or considered appropriate in the circumstances and with the proper consideration of your rights and freedoms.

Where website information is shared with third parties, we will seek to share the minimum amount of information necessary to fulfil the purpose.

Please also see our information in Part 1 about sharing data outside of the EU.

2.10 Those whose data is stored in our archive

2.10.1 Data that you provide to us and the possible consequences of not providing it

If you as a researcher do not provide your data (such as your name and contact details), you may not be allowed to access the archive.

2.10.2 Other sources of your data

Apart from the data that you provide to us, the data we hold about you may have been obtained from our staff, students, the University of Oxford, donors to our archives or other third parties.

2.10.3 Details of our processing activities, including our lawful basis for processing

The schedule includes detailed information about how and why we process various categories of data, and the related lawful basis including the legitimate interest that the College has in processing in its archives:

Student files including dates of attendance, course of study and outcome of their studies, results of College examinations ("collections"), University examinations, and College and University assessments, awards, scholarships and prizes conferred, applications (e.g. UCAS forms and references), academic and disciplinary records. These files may include information about a former student's personal life including their health, family circumstances, ethnicity, sexuality, political opinions, religious or philosophical beliefs, criminal convictions or allegations, gender, background, family circumstances and/or financial circumstances. The College has a legitimate interest in processing such data for the purposes of research and its archive in the public interest. Hertford also considers that it is in the public interest to process special category and/or criminal convictions or allegations data for such purposes.
Extracts from staff records consisting of employee name, dates of employment, role(s) and reason(s) for departure (including for example retirement, new employment or dismissal), staff photograph, records of references given.
Other administrative records of the College, for example Governing Body and committee records. Such records may include the personal data of College staff where they are mentioned in Governing Body minutes, for example.
Other material collected by or donated to our archive

2.10.4 How we share your data and the safeguards we apply to such sharing

We will not sell your data to third parties. We will only share it with third parties if we are allowed or required to do so by law. Our archives may be consulted by researchers, with our permission and subject to various conditions that we may apply.

Please also see our information in Part 1 about sharing data outside of the EU.

2.11 Alumni, Donors and Supporters

Hertford's Alumni Relations and Development teams exist to establish and develop lifelong relationships with and amongst our alumni, donors and supporters. We're here to help you stay connected with each other, with Hertford and with Oxford University. Our communications with you will include news, research developments, events, exhibitions, collections and resources, reunions, volunteering opportunities, fundraising priorities and progress updates that are important to you.

2.11.1 The Data we collect

We collect information from you in three ways: directly from you during your ongoing relationship with us, or with the University and other Oxford Colleges you may have attended that participate in our shared relationship management system (DARS); from publicly available sources; and/or from third parties providing us with services or acting on our behalf.

The amount of data we collect and hold depends on the frequency and nature of your interactions and engagement with us. Information may be gathered across the lifetime of our relationship with you and from many different forms of interaction.

We may hold and process the following types of personal data about you:

2.11.1.1 Biographical information, which may include:

name, title, contact details, date of birth, gender, marital status, spouse, partner and family details
for current or past students: student ID, programme of study, department, College, matriculation or start date, graduation date, degree conferred
awards received whilst studying at Oxford (prizes, scholarships, accolades, bursaries); other education history and professional qualifications
involvement in sports teams, clubs and societies whilst at Oxford and subsequently
employment details (incl. salary/salary band), career history, professional activities
interests, activities and accolades, incl. honours, life achievements
profile pictures which come from publicly accessible sources (where copyright allows)
links to your public social media presence e.g. LinkedIn, Twitter, website or blog

2.11.1.2 Details of our ongoing relationship and your engagement with us, which may include:

records of your personal interactions with us (e.g. correspondence, notes of meetings or conversations)
your communication preferences; records of communications you have received from us, including copies of letters, emails or appeal literature sent, and of fundraising activities in which you have been included (e.g. annual fund mailings, telephone fundraising campaigns)
data obtained through cookies and similar technologies such as pixels, tags, web beacons, and other identifiers. These help us understand how you interact with our email communications, websites and other online services we provide, e.g. crowdfunding, alumni networking sites. You will find a link to the relevant cookie policy on each of our websites
your attendance (and that of your guests) on visits to, or at events across the collegiate University, including details of any payments made, and photographs, audio and video recordings in which you may be included
details of benefits and services provided to you, e.g. use of College or University libraries, Oxford University Careers Service
your connections to other alumni, students, staff, friends, groups or networks, donors and supporters within the collegiate University community
membership of College or University social media groups e.g. Facebook, LinkedIn
a record of offers of voluntary support you have made, e.g. offers of expertise, advice, mentoring, internships, coaching, accommodation/support for students visiting your area
a record of volunteer work you have undertaken

2.11.1.3 Information about your giving, which may include:

current and past donations and pledges, documentation relating to these gifts and records of the projects you have supported
financial information required to process your gifts
if you have given it, an indication of your intent to leave a legacy, including copies of Wills or sections of Wills
any requests you have made for anonymity in relation to your giving
thank you letters, donor reports provided relating to gifts you have made, correspondence and notes of meetings
plans for activities and future interactions
records of membership of any societies or groups related to your giving
your relationship to friends and patrons groups associated with, or providing support to, the collegiate University
your relationship to relevant trusts, foundations and corporates, e.g. membership on board of trustees

2.11.1.4 Information relating to your willingness or financial capacity to support our charitable objectives, which may include:

Our understanding of your likely philanthropic interests, and a note of particular projects we think may be of interest to you. This understanding may be provided by you or from information in the public domain
Information about your giving to other organisations, and other support that you provide (e.g. volunteering roles, trusteeships), where this information is given to us by you or publicly reported, and where it helps us to understand your interests and capacity to provide support
Other information which may give an indication of the scale of any potential philanthropic gift you may be able to give, such as information about earnings and assets, including property, or publicly reported estimates of wealth
Any estimate we may make regarding the potential scale of your support on the basis of the above information and your previous giving
Personal recommendations, where made by other supporters, that you may be willing and able to provide support

2.11.1.5 Sensitive personal data, which may include:

Health information, including any medical conditions - we may use health information provided by you so we can make reasonable adjustments to improve the service we are able to offer you (e.g. seating or access at an event, dietary requirements, provision of disabled parking, or allocation of accommodation). With your permission, we may also hold health data to ensure our engagement with you is based on a suitable understanding of, and care and respect for, your particular circumstances.
Criminal convictions, offences and allegations of criminal activity - we may use publicly available information concerning criminal convictions and offences or allegations of criminal activity, including money laundering or bribery offences, to carry out due diligence on donors or prospective donors in line with our guidelines on the acceptance of gifts.
Race or ethnicity, religious beliefs, sexual orientation, political opinions - we do not seek to obtain these categories of sensitive data. However, they may sometimes be inferred from other data we hold, for example, your relationships, society memberships, job titles, donations to specific causes or interests.

2.11.2 How we use your data

Your personal data are used by us for the following purposes in support of alumni and supporter relations, and fundraising:

2.11.2.1 For alumni and supporter engagement:

To manage our ongoing relationship with you and to provide a record of your interactions and contributions to College and University life
To offer and manage a varied programme of events tailored to your interests, including networking events, subject reunions, Gaudy dinners, sports events, concerts, seminars and lectures
To ensure you are aware of the wider programme of events, lectures and seminars taking place across the collegiate University which we believe may be relevant to you and that you may have an interest in attending
To keep you up to date with news from your College, department, or other areas in which you have shown an interest, e.g. by making a donation, attending an event, or becoming a member/friend
To provide you with information about alumni benefits and services, including access to the University of Oxford Careers Service
To let you know of volunteering opportunities across the collegiate University, including linking current students with alumni for careers advice and internships, or speaking opportunities
To provide the most relevant content and best possible user experience when you are interacting with our digital communications and platforms
To identify and profile potential volunteers, alumni ambassadors and event attendees
To accept and process commercial revenue, e.g. for merchandise or event tickets
To undertake surveys and market research
To create classifications and groupings (through manual or automated analyses) in order to best direct engagement activities
To analyse the success of our engagement activities, collect feedback, and manage complaints

2.11.2.2 For all fundraising and donor stewardship

To help ensure that our fundraising efforts are conducted as efficiently as possible, and that our approaches to potential donors are respectful, professional, and made, as far as possible, based on evidence and an understanding of what may interest you
To ask you for your support for our fundraising programmes, always mindful of fundraising best practice
To accept and process philanthropic revenue
To provide acknowledgement, recognition and stewardship of your gift
To inform you of the impact of your gift
To create classifications and groupings (through manual or automated analyses) in order to best direct fundraising activities
To support peer-to-peer fundraising campaigns
To inform fundraising, marketing and donor stewardship strategies

2.11.2.3 For fundraising for major gifts

In addition to analysing data shared with us, we may use publicly available information and recommendations from staff and supporters to identify individuals who we believe may have the interest and financial capacity to make a major gift.
Where we have reason to think a potential donor may possess an interest and financial capacity to donate, we may research and collate additional information from sources in the public domain, typically concerning a potential donor's interests in so far as they may coincide with our work, their philanthropic activity, financial capacity and networks in order to substantiate this. We may undertake this research ourselves or use the services of a third-party partner. This new information may be added to the record of a donor or potential donor.
Where this activity is being undertaken for a new contact with whom we have no previous relationship, we will provide the individual with a link to this privacy notice as part of our initial engagement.
Information may be collated into a briefing or profile in order to assist the planning of an approach to a potential donor to discuss that individual's interest in our work and in supporting it.
We may also carry out due diligence on potential donors using publicly available information in order to comply with our policy on the acceptance of gifts, and to fulfil our legal responsibilities.

2.11.2.4 For operational reporting, management reporting, and governance

We may use your personal data for the purposes of operational reporting, to produce management information, and for other relevant purposes relating to the governance of the collegiate University. We will use only the data required and, unless necessary, we will use anonymised or pseudonymised data.

2.11.2.5 In our external communications

With your permission, we may publish your name in an online directory, in donor listings, as part of a guest list, or we may work with you to create press releases or case studies to be included in our publications or on our websites.
If you do not wish your data to be used in any of the ways listed above, or have any questions, please contact the Development Office.

2.11.3 When and how we share your data

We may, from time to time, need to share your personal data within the collegiate University of Oxford or with third-parties working on our behalf. We will only do this in appropriate circumstances, by secure means, and with the relevant data sharing agreements in place. We do not, and will not, sell your data.

Third parties will only process your personal data on our instructions and where they have agreed to treat your data confidentially and to keep it secure. We only permit them to process your personal data for specified purposes. We do not allow our third-party service providers to use your personal data for their own purposes or to keep your data after the processing is complete. All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies.

Whenever your information is shared, we will always seek to share the minimum amount of information necessary to fulfil the purpose, this includes the use of anonymised or pseudonymised data where that is sufficient.

2.11.3.1 Your data may be shared in the following ways.

Within the collegiate University of Oxford:

We may share your data with Colleges and departments that make up the collegiate University. We will do this only where it is necessary in order to carry out any of the purposes listed in this privacy notice. For example, where the University is coordinating with one or more Colleges to organise shared events to which you are invited; to manage and coordinate relationship management activities with you; to ensure your contact information is up-to-date, to distribute to your College any gifts received via the University's payment methods.
We may also share relevant data, in appropriate circumstances, with College or University Sports Clubs and Societies where you are (or were) a member of that club or society.

Within the collegiate University of Oxford via the Development and Alumni Relations System (DARS)

The collegiate University of Oxford utilises a shared relationship management system, known as DARS (Development and Alumni Relations System), to store and share data across participating teams, departments, and Colleges. Our objective in doing so is to improve our mutual understanding of the multiple relationships you have across the collegiate University; we believe this understanding is crucial for us to be able to provide you with the best possible experience we can. Developing a better appreciation of our relationship with you should improve our communications with you and mean we are better able to respond to your preferences about how we stay connected with you. This includes improving the quality of the data we hold about you and ensuring that we are processing the latest and most accurate data you have provided.
Hertford uses DARS and is therefore a “joint data controller” of your personal data, together with the University of Oxford and other College participants. This means that if you have questions about your data you can either contact us or the University and we will liaise as appropriate to respond to your query.

With organisations or individuals affiliated to Hertford College

We benefit from a network of organisations and individuals who volunteer their support to Hertford College. We may share relevant data with them, in appropriate circumstances, by secure means, and with the relevant data sharing agreements in place. These may include:
Volunteers offering their expertise by serving on boards or otherwise advising on or assisting with alumni or development matters
Recognised University or College alumni societies and networks, for example when they are helping to organise a dinner or host an event to which you are invited.

With partner organisations that accept gifts in support of Hertford

The following organisations enable tax-efficient giving to Hertford College and the collegiate University of Oxford, from outside of the UK. Data may be shared by us with these organisations where it relates specifically to donations you have made, or have pledged to donate via these organisations.
- Americans for Oxford, Inc. (AFO) accepts gifts in support of the collegiate University of Oxford. AFO has been determined by the United States Internal Revenue Service to be a tax-exempt public charity. The personal data you provide when making a gift to AFO are collected and processed by Oxford University's North American Office using the shared Development and Alumni Relations System (DARS).
- Swiss Friends of Oxford (SFOU). Swiss residents can give tax efficiently to the collegiate University of Oxford. SFOU is set up as an association (Verein) under Swiss law and has a tax ruling from the canton of Zug recognising its tax-exempt status.
- German Friends of Oxford University. Residents of Germany can also make tax-efficient donations to the collegiate University of Oxford via the German Friends of Oxford University without incurring any fees.

With third-party organisations engaged by us to provide services, including:

mailing houses, printers, event organisers or venues
organisations providing tools such as relationship- or event-management systems; databases and reporting/analysis tools; alumni networking or crowdfunding platforms; email or survey tools; payment services (e.g. direct debit, online donation processing)
organisations assisting with activities such as market research, marketing and communications, organisational effectiveness, strategy and planning, auditing, business intelligence and analysis, customer experience

2.11.4 How we protect your data

We take precautions to safeguard your personal information against loss, theft and misuse, unauthorised access, disclosure and destruction through the use of appropriate administrative, physical and technical security measures.

Our shared relationship management system (DARS) is hosted on a secure server within the University of Oxford's network and is protected by multi-level authentication. Access is limited to individuals who need to see and use the data to carry out their duties, and access rights are restricted according to individual job roles in order to ensure that users only see information that is relevant to them. All DARS users receive appropriate training, including training on data privacy, before being granted access.

Where you have provided us with your credit or debit card information, over the phone, or on a printed giving form, that data is stored securely and destroyed after your payment has been processed. Bank details used for processing Direct Debits are stored under the Direct Debit Guarantee Scheme. Online donations are processed via our third-party payment service providers and your credit or debit card information is not collected or stored by us.

Transfers of your data outside of the European Economic Area (EEA): although most of the information we collect, store and process stays within the UK, some information may be transferred to countries outside of the European Economic Area (EEA). This may occur if, for example, one of our third-party partners' servers are located in a country outside of the EEA. This may also occur where staff in our international offices access DARS, our shared relationship-management system.

Transfers outside of the EEA will only take place if one of the following applies:

the country receiving the data is considered by the EU to provide an adequate level of data protection
the organisation receiving the data is covered by an arrangement recognised by the EU as providing an adequate standard of data protection e.g. transfers to companies that are certified under the EU US Privacy Shield
the transfer is governed by approved contractual clauses
the transfer has your consent
the transfer is necessary for the performance of a contract with you or to take steps requested by you prior to entering into that contract
the transfer is necessary for the performance of a contract with another person, which is in your interests
the transfer is necessary in order to protect your vital interests or of those of other persons, where you or other persons are incapable of giving consent
the transfer is necessary for the exercise of legal claims
the transfer is necessary for important reasons of public interest

2.11.5 How long we keep your data

Hertford considers its relationship with alumni, donors and supporters to be life-long and we will retain much of your data indefinitely unless you request otherwise. When determining how long we should retain your personal data we take into consideration our legal obligations and tax or accounting rules. If you have pledged a legacy gift, it will be necessary to retain your data until your gift is received, so that we can identify the gift against that pledge. When we no longer need to retain personal information, we ensure it is securely disposed of. We may keep anonymised statistical data indefinitely, but you cannot be identified from such data.

2.11.6 The legal basis for processing your data

We will only use your personal data where the law allows us to do so. Most commonly we rely on the following legal bases for processing your personal data:

Where we have a legitimate interest to do so for purposes listed within this privacy notice. Where we use legitimate interest as the basis for our processing we have carefully considered each of the ways we process your data to ensure that we carry out our activities with a focus on the interests of our alumni, donors and supporters, and in the most efficient and effective way.
Where we need to perform the contract we have entered into with you. Information processed for this purpose includes, but is not limited to, the information you provide when you register for an event, or to enable us to process a donation.
Where we are required to comply with our legal obligations, such as for: reclamation of Gift Aid on your donations; statutory returns to the Office for Students (OfS), the Charity Commission or ICO; participation in the HESA Graduate Outcomes Survey; responses to the Charity Commission or ICO in relation to audits or official investigations; responses to FOI Requests, under the Freedom of Information Act 2000.
Where your consent is required, for example where sensitive personal data is recorded. You can withdraw your consent at any time and we will stop any processing of your personal data requiring your consent.

We will only process your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related reason and that reason is compatible with the original purpose. If we need to use your data for an unrelated purpose, we will seek your consent to use it for that new purpose. Please note that we may process your data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

2.11.7 Contacting us

You may contact either the College or the University about any of the data we hold / process at the following addresses, in addition to the general address for our Data Protection Officer set out earlier.

Development Office
Hertford College
Catte Street
Oxford OX1 3BW
Email: development.office@hertford.ox.ac.uk

University Development and Alumni Relations Database Team
University of Oxford Development Office
University Offices, Wellington Square
Oxford, OX1 2JD
United Kingdom
Email: database@devoff.ox.ac.uk

If possible, please quote your Alumni Number

If you have registered with Oxford Alumni Web, either via the central University Alumni Office site or via your College, you can update your communication preferences at any time at: https://www.alumniweb.ox.ac.uk/

3 Records of Processing Activities (ROPAs)

3.1 Applicants

3.1.1 Admissions

3.1.1.1 Includes

Records of our admissions decisions, including decision letters that we send to applicants, notes of your interview performance, feedback we provide you on your application, records of the offers we make, records of whether you accept the offer, and where you do, records of whether you meet the conditions of the offer and records of whether you enrol at the College. We also receive details of equivalent decisions by the University department that you apply to.

3.1.1.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you.

3.1.1.3 Why we process it

To make admissions decisions and inform you of the outcome.

3.1.1.4 How long we keep this data

Successful applicants who enrol: for 6 years after the end of the academic year when you cease to be a registered student, but if you are awarded a scholarship this will remain on your record permanently as part of the College archive. Unsuccessful applicants: for 12 months after the end of the application cycle. Successful applicants who do not enrol: 12 months after the last date when you could have enrolled.

3.1.1.5 Our lawful basis for processing

Processing is necessary in order to take steps at your request prior to entering a contract. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.1.1.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in administering applications and deciding who should be offered places.

3.1.2 Communications pre-application

3.1.2.1 Includes

Pre-application communications with prospective students.

3.1.2.2 Source of the data

We obtain this data from you; we generate this data about you.

3.1.2.3 Why we process it

To answer queries that you may have about studying at the College.

3.1.2.4 How long we keep this data

3.1.2.5 Our lawful basis for processing

3.1.2.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in receiving and responding to a range of queries from prospective students.

3.1.3 Ethnicity, ethical and equality

3.1.3.1 Includes

Sensitive data that you provide during the application process, consisting of information about your ethnicity, disabilities, special needs, dietary requirements (whether for health or religious reasons), and records of any criminal convictions that you inform us about. Records of our decisions taking this information into account.

3.1.3.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you.

3.1.3.3 Why we process it

We process this data in order to consider whether to make reasonable adjustments (in the case of information about your disability and/or health), to implement them and for equality monitoring purposes. In the case of criminal convictions, the College and University will use this data to consider and make decisions about whether any conviction poses an unacceptable risk in the collegiate university environment.

3.1.3.4 How long we keep this data

3.1.3.5 Our lawful basis for processing

3.1.3.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in assessing whether any individual poses an unacceptable safety risk.

3.1.3.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.1.3.8 Special category - details of public interest etc.

Where the College processes special category data for these purposes, the processing is necessary for the prevention of a breach of its obligations under the Equality Act 2010 . The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equality and to make reasonable adjustments. The processing must be carried out without consent so as not to prejudice those purposes.

3.1.3.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.1.3.10 Criminal conviction and or criminal allegation grounds further information

Where the College processes criminal convictions/allegations data for these purposes, the processing is necessary for the prevention of a breach of its obligations under health and safety law . The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning health and safety. The processing must be carried out without consent so as not to prejudice those purposes.

3.1.4 Fee status

3.1.4.1 Includes

Your fee status (e.g. home, EU, or international) and associated information about your country of residence, the amount of your fees and funding information including your financial declaration, any supporting information you provide about funding (e.g. loans, grants, sponsorship and/or self-funding resources, including copies of evidence you submit) and decisions that we make in light of that information. The evidence submitted by you or on your behalf may include financial information about those assisting you financially, for example parents' bank statements. We may also share this data with the University.

3.1.4.2 Source of the data

We obtain this data from you We obtain this data from third parties (e.g. parents).

3.1.4.3 Why we process it

In order to determine the fees you are required to pay and to confirm that you will be able to meet the requirement to pay fees.

3.1.4.4 How long we keep this data

3.1.4.5 Our lawful basis for processing

Processing is necessary in order to take steps at your request prior to entering a contract. Processing is necessary for compliance with a legal obligation.

3.1.4.6 Details relating to lawful basis (where applicable)

Legislation determines to an extent the level of fees you are required to pay, based on your country of residence.

3.1.5 Financial support applications

3.1.5.1 Includes

Applications for and decisions about financial support, for example scholarships, bursaries and hardship funds. This includes communications that we send and receive to third parties that provide financial support.

3.1.5.2 Source of the data

We obtain this data from you. We generate this data about you. We may receive decisions from third parties that provide financial support.

3.1.5.3 Why we process it

In order to make decisions about financial support and to ensure that the College is encouraging and supporting participation by talented people from all backgrounds.

3.1.5.4 How long we keep this data

3.1.5.5 Our lawful basis for processing

You have given your consent to the processing for one or more specific purposes.

3.1.6 Interview invitations

3.1.6.1 Includes

Records about whether to invite applicants for interview, including consideration of contextual information (relating to information about your school performance, postcode and care background),test scores and marks for written work that we have requested. We will also hold copies of the tests and written work that you submit.

3.1.6.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you We also obtain this data from you.

3.1.6.3 Why we process it

We process this data to decide who to invite for interview. The role of contextual admissions data is explained more fully on the University's website, but is taken into account when deciding whether to invite applicants for interview in addition to candidates who have met the usual departmental admissions criteria: https://www.ox.ac.uk/admissions/undergraduate/applying-to-oxford/decisions/contextual-data?wssl=1

3.1.6.4 How long we keep this data

3.1.6.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.1.6.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in using appropriate data about academic performance, and to take account of the context of academic achievement in order to decide who to invite for interview.

3.1.7 Open days

3.1.7.1 Includes

Records of open days: these include attendees names and contact details, records of attendance at subject meetings and any accommodation bookings we make (and if you book accommodation, details of who you would like us to contact in case of emergency).

3.1.7.2 Source of the data

We obtain this data from you; we generate this data about you.

3.1.7.3 Why we process it

The College and prospective students have a legitimate interest in arranging and attending open days to share and learn about College life before deciding whether to apply.

3.1.7.4 How long we keep this data

For six months after the open day.

3.1.7.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.1.7.6 Details relating to lawful basis (where applicable)

The College and prospective students have a legitimate interest in arranging and attending open days to share and learn about College life before deciding whether to apply.

3.1.8 UCAS and Oxford University applications

3.1.8.1 Includes

Information you provide to us or the University of Oxford during the application process, including with your UCAS and graduate application forms consisting of your name, intended course, preferred Colleges, contact details, gender identity, education and employment history, predicted grades, language proficiency, personal statement, references and any research proposal or written work that you submit during the application process.

3.1.8.2 Source of the data

We obtain this data from the University of Oxford.

3.1.8.3 Why we process it

To make admission decisions.

3.1.8.4 How long we keep this data

Application forms, records of decisions including letters, notes on interview performance will be deleted after two years from the end of the academic year for which the application took place.

All information relating to unsuccessful applicants will be deleted at the end of the academic year for which the application took place, with the exception of anonymised statistical information which will be permanently retained.

3.1.8.5 Our lawful basis for processing

3.1.8.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in administering applications and deciding who should be offered places.

3.1.9 Visa applications

3.1.9.1 Includes

We may assist students making visa applications before they arrive, and making visa extensions when they are on the course. This involves us taking copies of passports and visas, which we store electronically and share with the University so that it has records of students' entitlement to study. We also provide the University with students' name, date of birth, passport number, course, fees paid & due for it to share this information with the Home Office/UK Visas and Immigration as part of its reporting obligations under immigration law.

3.1.9.2 Source of the data

We obtain this data from you; we generate this data about you.

3.1.9.3 Why we process it

Overseas students need visas in order to attend university.

3.1.9.4 How long we keep this data

3.1.9.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for compliance with a legal obligation.

3.1.9.6 Special category grounds

We require your explicit consent to acquire and retain this data.

3.2 Archives

3.2.1 Academic records

3.2.1.1 Includes

Student files including dates of attendance, course of study and outcome of their studies, results of College examinations ("collections"), University examinations, College and University assessments, awards, scholarships and prizes conferred, applications (e.g. UCAS forms and references), academic and disciplinary records. These files may include information about a former students personal life including their health, family circumstances, ethnicity, sexuality, political opinions, religious or philosophical beliefs, criminal convictions or allegations, gender, background, family circumstances and/or financial circumstances.

3.2.1.2 Source of the data

We generate this data about you; we obtain this data from the University of Oxford.

3.2.1.3 Why we process it

So that we have a record of student results, as a record of your academic progression and if we are later asked for a reference or verification of your attendance. To maintain the College archive of its former students and to historically document the College's teaching function, and for the purposes of future research.

3.2.1.4 How long we keep this data

Permanently.

3.2.1.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for the performance of a task carried out in the public interest. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.1.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining an archive of its activities as part of a long established university with a strong identity and history, and in maintaining such records for future research.

3.2.1.7 Special category grounds

Processing is necessary for archiving in the public interest, and/or for historical research purposes.

3.2.1.8 Special category - details of public interest etc.

There is a public interest in the College maintaining its archive of College life for future generations in the context of the College being a College of a long-established University with a strong identity and history. The College is required to implement appropriate safeguards for individuals' rights and freedoms. The UK Data Protection Act provides safeguards by making specific provision preventing processing which is likely to cause substantial damage or substantial distress to a data subject; and/or which is carried out for the purposes of measures or decisions with respect to a particular data subject, unless the purposes for which the processing is necessary include the purposes of approved medical research.

3.2.1.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 1 of Schedule 1 to the Data Protection Act 2018.

3.2.1.10 Criminal conviction and or criminal allegation grounds further information

Where it processes such data, the College is required to implement appropriate safeguards for individuals' rights and freedoms. The UK Data Protection Act provides safeguards by making specific provision preventing processing which is likely to cause substantial damage or substantial distress to a data subject; and/or which is carried out for the purposes of measures or decisions with respect to a particular data subject, unless the purposes for which the processing is necessary include the purposes of approved medical research.

3.2.2 Academic activity records

3.2.2.1 Includes

Archives of academic conferences, seminars and lectures hosted and/or organised by the College, consisting of the names of attendees, agenda/programmes, papers delivered. These records may include the personal data of attendees and organisers.

3.2.2.2 Source of the data

We obtain this data from you.

3.2.2.3 Why we process it

As part of the College archive we accept and maintain papers and collections of significance to the College or which are otherwise of importance as an archive.

3.2.2.4 How long we keep this data

Permanently.

3.2.2.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.2.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in archiving past conferences, seminars and lectures that it hosted and/or organised.

3.2.3 Acquisition records

3.2.3.1 Includes

Records of the acquisition of items in the archive, including who the item was received from and the date of receipt. Catalogues, indexes and lists of items in the archive including the same information.

3.2.3.2 Source of the data

We generate this data about you.

3.2.3.3 Why we process it

To maintain a record of the content of our archive and how it was acquired, as a record in its own right and in case enquiries are subsequently made about the archived item itself (for example, about ownership of the item).

3.2.3.4 How long we keep this data

Permanently.

3.2.3.5 Our lawful basis for processing

Processing is necessary for the performance of a task carried out in the public interest. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.3.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in recording, indexing and cataloguing its archive acquisitions.

3.2.4 Conservation records

3.2.4.1 Includes

Conservation information relating to items in the College archive, including the identity of who carried out the conservation and of the item on which the conservation measures were performed.

3.2.4.2 Source of the data

We obtain this data from you and from third parties. We generate this data about you.

3.2.4.3 Why we process it

To maintain a record of conservation measures applied to items in our archive to help with future conservation.

3.2.4.4 How long we keep this data

Permanently.

3.2.4.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.4.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining records of conservation measures which will assist future conservators to make decisions about the appropriate conservation techniques to use.

3.2.5 Financial records

3.2.5.1 Includes

Financial records and legal records relating to College assets and the College estate. These may include the personal data of individuals involved in managing the College assets and estate, witnesses and parties to legal documents.

3.2.5.2 Source of the data

We obtain this data from you; we generate this data about you.

3.2.5.3 Why we process it

To maintain a historic record of College finances and assets.

3.2.5.4 How long we keep this data

Permanently.

3.2.5.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.5.6 Details relating to lawful basis (where applicable)

3.2.6 Governance records

3.2.6.1 Includes

Governance documents: College statutes and documents relating to their interpretation, including Privy Council documents and correspondence, decisions and documents relating to the College Visitor, Royal Commissions and related documents. These records may include the personal data of those named in the documents, including correspondents.

3.2.6.2 Source of the data

We obtain this data from you; we generate this data about you.

3.2.6.3 Why we process it

To maintain a historic record of governance documents relating to the College.

3.2.6.4 How long we keep this data

Permanently.

3.2.6.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.6.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining a record of its governance documents for future reference.

3.2.7 Governing Body agendas, minutes, legal records

3.2.7.1 Includes

Governing body and committee agendas, minutes and related correspondence. These may include personal data of the meeting attendees, correspondents and of individuals referred to in the documents.

3.2.7.2 Source of the data

We obtain this data from you; we generate this data about you.

3.2.7.3 Why we process it

To maintain a historic record of College administration.

3.2.7.4 How long we keep this data

Permanently.

3.2.7.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.7.6 Details relating to lawful basis (where applicable)

3.2.7.7 Special category grounds

Processing is necessary for archiving purposes in the public interest as permitted under the UK Data Protection Act.

3.2.7.8 Special category - details of public interest etc.

3.2.7.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 1 of Schedule 1 to the Data Protection Act 2018.

3.2.7.10 Criminal conviction and or criminal allegation grounds further information information

3.2.8 Personal papers and collections

3.2.8.1 Includes

Personal papers and collections donated to the College archive. These may consist of correspondence and documents relating to and/or referring to the donor or third parties.

3.2.8.2 Source of the data

We obtain this data from you We may receive this from third parties (e.g. donors).

3.2.8.3 Why we process it

As part of the College archive we accept and maintain papers and collections of significance to the College or which are otherwise of importance as an archive.

3.2.8.4 How long we keep this data

Permanently.

3.2.8.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.8.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in receiving collections and papers for its archive, and donors have a legitimate interest in giving such collections and papers to the College.

3.2.8.7 Special category grounds

Processing is necessary for archiving purposes in the public interest and for research purposes as permitted under the UK Data Protection Act.

3.2.8.8 Special category - details of public interest etc.

There is a public interest in the College maintaining its archive of College life for future generations in the context of the College being a College of a long-established University with a strong identity and history. The College is required to implement appropriate safeguards for individuals' rights and freedoms. The UK Data Protection Act provides safeguards by making specific provisions preventing processing which is likely to cause substantial damage or substantial distress to a data subject; and/or which is carried out for the purposes of measures or decisions with respect to a particular data subject, unless the purposes for which the processing is necessary include the purposes of approved medical research.

3.2.8.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 1 of Schedule 1 to the Data Protection Act 2018.

3.2.8.10 Criminal conviction and or criminal allegation grounds further information

Where it processes criminal convictions data for archiving purposes, the College is required to implement appropriate safeguards for individuals' rights and freedoms. The UK Data Protection Act provides safeguards by making specific provision preventing processing which is likely to cause substantial damage or substantial distress to a data subject; and/or which is carried out for the purposes of measures or decisions with respect to a particular data subject, unless the purposes for which the processing is necessary include the purposes of approved medical research.

3.2.9 Records of employment for academic staff

3.2.9.1 Includes

Employee records for academic staff consisting of the employee name, dates of employment, role(s) and reason(s) for departure (including for example retirement, new employment or dismissal), staff photograph, records of references given.

3.2.9.2 Source of the data

We obtain this data from you; we generate this data about you.

3.2.9.3 Why we process it

To maintain historic records of College employees for the archive, and in case we are approached for references.

3.2.9.4 How long we keep this data

Permanently.

3.2.9.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.9.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining a record of its activities as part of a long established university with a strong identity and history, and in maintaining such records for future research. The College, its former employees and other parties have a legitimate interest in the College being able to provide references for former staff.

3.2.9.7 Special category grounds

Processing is necessary for archiving in the public interest, and/or for historical research purposes.

3.2.9.8 Special category - details of public interest etc.

3.2.9.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 1 of Schedule 1 to the Data Protection Act 2018.

3.2.9.10 Criminal conviction and or criminal allegation grounds furthe information

3.2.10 Records of employment for non-academic staff

3.2.10.1 Includes

Employee records for non-academic staff, consisting of the employee name, dates of employment, role(s) and reason(s) for departure (including for example retirement, new employment or dismissal), staff photograph, records of references given.

3.2.10.2 Source of the data

We obtain this data from you; we generate this data about you.

3.2.10.3 Why we process it

To maintain historic records of College employees for the archive, and in case we are approached for references.

3.2.10.4 How long we keep this data

Permanently.

3.2.10.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.10.6 Details relating to lawful basis (where applicable)

3.2.11 Records of the College's cultural life

3.2.11.1 Includes

Records of College cultural life: photographs, pictures, written records, trophies, other memorabilia and ephemera of College members, teams, choirs, clubs and societies, plays and performances, of participation in events and sporting fixtures and of the outcomes. This may include written correspondence and minute books relating to these matters.

3.2.11.2 Source of the data

We obtain this data from you. We generate this data about you. We obtain this data from other third parties e.g. student societies.

3.2.11.3 Why we process it

As part of the College archive recording College life, which may be relevant to you individually (for example if you later request a reference from us), but which is also part of the College's own record of what its members have achieved over time.

3.2.11.4 How long we keep this data

Permanently.

3.2.11.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.11.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining a record of its cultural life.

3.2.11.7 Special category grounds

Processing is necessary for archiving purposes in the public interest as permitted under the UK Data Protection Act.

3.2.11.8 Special category - details of public interest etc.

3.2.11.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 1 of Schedule 1 to the Data Protection Act 2018.

3.2.11.10 Criminal conviction and or criminal allegation grounds further information

Where it processes such data for archiving purposes, the College is required to implement appropriate safeguards for individuals' rights and freedoms. The UK Data Protection Act provides safeguards by making specific provision preventing processing which is likely to cause substantial damage or substantial distress to a data subject; and/or which is carried out for the purposes of measures or decisions with respect to a particular data subject, unless the purposes for which the processing is necessary include the purposes of approved medical research.

3.2.12 Records relating to buildings and estates

3.2.12.1 Includes

Records relating to College buildings, including architectural records and maintenance records. These may include the personal data of those involved in construction and maintenance of College buildings.

3.2.12.2 Source of the data

We obtain this data from you; we generate this data about you.

3.2.12.3 Why we process it

To maintain a historic record of College architecture, and to assist future conservation of College buildings.

3.2.12.4 How long we keep this data

Permanently.

3.2.12.5 Our lawful basis for processing

Processing is necessary for the performance of a task carried out in the public interest; processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.12.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining its historic buildings. It also has a legitimate interest in maintaining a record of its activities as part of a long established university with a strong identity and history, and in maintaining such records for future research.

3.2.13 Visitor and enquiry records

3.2.13.1 Includes

Names, contact information, the dates and nature of enquiries relating to visitors, enquirers, researchers and donors to our archives. Records include the contact details of applicants for access to College archives, records of applications including the reasons for the application, the nature of the records requested and the access granted. Records may include disability information if this is relevant to accessibility of the archive. It may also include information about the reasons for the researcher's interest, which may refer for example to their religion or belief.

3.2.13.2 Source of the data

We obtain this data from you; we generate this data about you.

3.2.13.3 Why we process it

To maintain a record of how our archives have been used and who has previously used them, so that we can monitor the use and integrity of our archives. It is useful to refer back to earlier enquiries on similar topics. This information is also retained for the security of the collections.

3.2.13.4 How long we keep this data

Permanently, except for disability information provided to us solely for accessibility purposes, which will be retained for 12 months after your last contact with us.

3.2.13.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.2.13.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining the integrity of its archives, to ensure they are kept securely and are available as a resource for researchers and others with a legitimate interest in reviewing the archives.

3.2.13.7 Special category grounds

Processing is necessary for compliance with equality law (Substantial public interest under the UK Data Protection Act).

3.2.13.8 Special category - details of public interest etc.

In the case of processing disability data relevant for access requirements, the processing is necessary for the prevention of a breach of its obligations under the Equality Act 2010. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equality and to make reasonable adjustments. Such processing must be carried out without consent so as not to prejudice those purposes. In the case of other special category data, the processing is necessary for archiving and/or scientific or historical research purposes, and is in the public interest.

3.3 Conferences and Events

3.3.1 Banking and financial records

3.3.1.1 Includes

Financial information including bank/building society account numbers, sort codes, credit/debit card numbers, invoices and outstanding payment information.

3.3.1.2 Source of the data

We obtain this data from you.

3.3.1.3 Why we process it

As part of taking payments (including deposits and balances) for events, providing invoices and pursuing outstanding amounts.

3.3.1.4 How long we keep this data

For 7 years from the point of invoice. To the extent that payments remain outstanding, retention of the data may be extended to enable recovery proceedings to take place.

3.3.1.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary in order to take steps at your request prior to entering a contract.

3.3.2 Chapel records

3.3.2.1 Includes

Chapel Office: information relating to individuals who have, or intend to be, married in the College chapel, including names, ages, occupations, marriage dates, and wedding preferences and plans.

3.3.2.2 Source of the data

We obtain this data from you.

3.3.2.3 Why we process it

To make the College chapel available to current and former staff, students , office-holders, members and others for the purpose of wedding ceremonies.

3.3.2.4 How long we keep this data

Details of alumni ceremonies may be noted on the relevant alum files held by the College and held permanently. A skeleton record of ceremonies is held by the College (including, for example, details of main participants, type of event, dates and times). A register of marriages (which may be held by the Chapel or belong to the Parish Church St Mary the Virgin) is held permanently.

3.3.2.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary in order to take steps at your request prior to entering a contract. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.3.2.6 Details relating to lawful basis (where applicable)

We, and you , have a legitimate interest in our recording sufficient data to enable your planned nuptials to proceed. We also have a legitimate interest in recording those details on the College Archive, as part of the record of College life.

3.3.3 Conference and Event bookings

3.3.3.1 Includes

Records of requests and bookings for conferences and events, including records of any decisions the College makes pursuant to its obligation to take such steps as are reasonably practicable to ensure that freedom of speech within the law is secured for members, students and employees of the College and for visiting speakers.

3.3.3.2 Source of the data

We obtain this data from you and from third parties. We generate this data about you.

3.3.3.3 Why we process it

As part of the management of event bookings and to comply with our legal obligations.

3.3.3.4 How long we keep this data

Where concerns exist in relation to a proposed event, or one that has occurred, records may be retained for 6 years following the date of the event. Details of other proposed or actual events will be held for up to one year.

3.3.3.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation.

3.3.3.6 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.3.3.7 Special category - details of public interest etc.

Where it processes special category data for these purposes, the College is exercising functions conferred under the the Education (No 2) Act 1986. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning freedom of speech within the law.

3.3.3.8 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.3.3.9 Criminal conviction and or criminal allegation grounds further information

Where it processes criminal conviction or allegation data for these purposes, the College is exercising functions conferred under the Education (No 2) Act 1986. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning freedom of speech within the law.

3.3.4 Contact details

3.3.4.1 Includes

Contact details (for example, name, current addresses, telephone contact details), to the extent collected, of event attendees, speakers and conference organisers.

3.3.4.2 Source of the data

We obtain this data from you. We obtain data from third parties e.g. where someone is organising an event that involves you as a speaker.

3.3.4.3 Why we process it

In order to communicate with you about events and conferences you are attending, have expressed an interest in or may have an interest in.

3.3.4.4 How long we keep this data

We retain the contact details of attendees for one year following an event. Details for conference and event organisers are held for 6 years post event. If you are also an alumnus, the fact of your attendance or involvement may be noted in your alum record (please refer to the Record Of Processing Activity relating to alumni, and the relevant privacy notice, for further details as to what we hold for alumni). If you have requested inclusion in our communications lists in order to be notified of future events and opportunities, we will continue to hold your contact details until you tell us you no longer wish to be contacted or time has passed such that we are no longer certain that you wish to continue to receive messages and we are unable to obtain renewed confirmation from you that you wish to do so.

3.3.4.5 Our lawful basis for processing

3.3.4.6 Details relating to lawful basis (where applicable)

Where you have an expressed an interest in events and conferences, processing is necessary in order to enable us to enter into relevant contracts with you or take relevant preparatory steps. We also have a legitimate interest in processing your personal contact data for the purposes of marketing additional events to you, where appropriate and in line with other regulatory and legislative regimes. Where marketing is done by electronic media, we will seek your explicit prior consent (as required under PECR).

3.3.5 Correspondence

3.3.5.1 Includes

Correspondence with you.

3.3.5.2 Source of the data

We obtain this data from you.

3.3.5.3 Why we process it

To hold an accurate record of our communications with you.

3.3.5.4 How long we keep this data

Correspondence will ordinarily be held for its useful life, and the majority will be deleted within 6 years of receipt. However, where the content of communications continues to inform College activity, copies may be kept longer. In addition, correspondence referenced in Governing Body minutes will be added to the College archive in perpetuity.

3.3.5.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.3.5.6 Details relating to lawful basis (where applicable)

We, and you, have a legitimate interests in the College holding a full record of our correspondence with you, which can be referred back to as required.

3.3.6 Email and computer records

3.3.6.1 Includes

Computer and email information, including guest logins, username and password information for College IT systems, IP addresses of devices you connect to College IT systems, details of when you connected or logged in to our network, and records of internet usage.

3.3.6.2 Source of the data

We generate this data about you.

3.3.6.3 Why we process it

For the proper management of College IT resources.

3.3.6.4 How long we keep this data

Records will be destroyed after one year.

3.3.6.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.3.6.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in the proper management of College IT resources.

3.3.7 Event and conference records

3.3.7.1 Includes

Records of College events and conferences in which you have expressed an interest, or for which you have registered for and/or attended.

3.3.7.2 Source of the data

We generate this data about you.

3.3.7.3 Why we process it

To enable the proper management of College events, to ensure that we have an accurate record of attendance at College events and to enable us (where permitted) to inform you of additional events which may be of interest to you. Also, to inform the planning of future events.

3.3.7.4 How long we keep this data

We retain details of events that you have attended for one year following an event, and details of conferences and events that you organise for 6 years post event. If you are also an alumnus, the fact of your attendance or involvement may be noted in your alum record (please refer to the Record Of Processing Activity relating to alumni, and the relevant privacy notice, for further details as to what we hold for alumni). If you have requested inclusion in our communications lists in order to be notified of future events and opportunities, we will continue to hold your contact details until you tell us you no longer wish to be contacted or time has passed such that we are no longer certain that you wish to continue to receive messages and we are unable to obtain renewed confirmation from you that you do.

3.3.7.5 Our lawful basis for processing

3.3.7.6 Details relating to lawful basis (where applicable)

To the extent that your attendance is based on a contractual relationship, processing is necessary for the performance of that contract or as part of preparatory steps prior to entering into that contract. For other events, we have a legitimate interest in understanding who will be attending College events for organisational, Health and Safety and similar purposes. Further, we have a legitimate interest in all cases in recording this information in order to assess the popularity and impact of College events, plan future events and make details of planned events available to parties likely to be interested in attending (where permitted by relevant regulatory and statutory regimes).

3.3.8 Feedback and comments

3.3.8.1 Includes

Opinions and comments made by you on College events, as expressed in communications with the College (to the extent recorded).

3.3.8.2 Source of the data

We obtain this data from you.

3.3.8.3 Why we process it

The views and concerns of attendees at our events help to guide the planning of future activities.

3.3.8.4 How long we keep this data

Comments regarding forthcoming events may be held until the event has occurred. To the extent that they are used to inform the planning of additional events, they may be referenced in College managerial documents and held in the College archives in perpetuity.

3.3.8.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.3.8.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in proactively managing our events programme.

3.3.9 Health and dietary records

3.3.9.1 Includes

Information about your health, dietary requirements and/or disabilities.

3.3.9.2 Source of the data

We obtain this data from you.

3.3.9.3 Why we process it

When we consider what reasonable adjustments to make on your behalf, or we need to take account of any dietary requirements you have (whether for medical or belief reasons), when planning for you attendance at events.

3.3.9.4 How long we keep this data

Data is collated for use in relation to specific events, and is deleted within 1 month of the event occurring. However, if you are an alumnus or regular donor or attendee, we may save the information on file in order that it can be referenced and appropriate provision made for you at future events.

3.3.9.5 Our lawful basis for processing

3.3.9.6 Details relating to lawful basis (where applicable)

Processing is necessary for compliance with equality law, and/or food safety law. We also have a legitimate interest in ensuring that you receive an appropriate service and treatment in your interactions with us.

3.3.9.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.3.9.8 Special category - details of public interest etc.

Where it processes special category data for these purposes, the College is complying with obligations under the Equality Act 2010 and/or pursuant to health and safety legislation. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equal opportunity and to make reasonable adjustments, and to comply with its health and safety obligations.

3.3.10 Legal compliance records

3.3.10.1 Includes

Records generated for legal or statutory compliance purposes that contain names and/or associated personal data. For example, copies of data supplied pursuant to requests made under data protection and/or freedom of information legislation, records made to comply with safeguarding, health and safety or counter-terrorism legislation, in connection with legal advice or claims, or to comply with auditors' requirements.

3.3.10.2 Source of the data

We generate this data about you.

3.3.10.3 Why we process it

So that we have a record of information supplied, both in the interests of good administration and also to meet legal and regulatory requirements.

3.3.10.4 How long we keep this data

This data will be retained for a period of 7 years from the date the record was generated.

3.3.10.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation.

3.3.10.6 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.3.10.7 Special category - details of public interest etc.

Where it processes special category data for these purposes, the College is complying with its obligations under legislation. The processing is necessary for reasons of substantial public interest, namely the requirement for the College to comply with its statutory and legal obligations.

3.3.10.8 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.3.10.9 Criminal conviction and or criminal allegation grounds further information

Where it processes criminal convictions/allegations data for these purposes, the College is complying with its obligations under legislation. The processing is necessary for reasons of substantial public interest, namely the requirement for the College to comply with its statutory and legal obligations.

3.3.11 Meal bookings

3.3.11.1 Includes

Meal bookings.

3.3.11.2 Source of the data

We generate this data about you.

3.3.11.3 Why we process it

So that we may provide catering services to guest in accordance with relevant entitlements, and invoice correctly for services provided.

3.3.11.4 How long we keep this data

For 6 years following the booking. In the event that disputes arise in relation to the booking, we may retain the data for a longer period, until a reasonable period after the dispute is resolved.

3.3.11.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.3.12 Photographs

3.3.12.1 Includes

Photographs taken during events and conferences.

3.3.12.2 Source of the data

We generate this data about you.

3.3.12.3 Why we process it

To maintain a record of College events, including entry of materials into the College archive. Images are also used to advertise activities within the College, both internally and externally, in circumstances where any required consents have been obtained.

3.3.12.4 How long we keep this data

Photographs will normally be deleted 6 years after the date of their origination, unless they are considered to have sufficient cultural or historical significance to warrant their retention within the College's archive in perpetuity. (See the Record Of Processing Activity for Archives, and the Privacy Policy related thereto).

3.3.12.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.3.12.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining a record of College life, and in marketing College facilities and opportunities.

3.3.13 Room bookings

3.3.13.1 Includes

Conference room bookings (including, for example, overnight guests), including names, contact details, ages, and disability details.

3.3.13.2 Source of the data

We obtain this data from you; we generate this data about you.

3.3.13.3 Why we process it

As part of the administration and management of College property.

3.3.13.4 How long we keep this data

For 6 years following the booking. In the event that disputes arise in relation to the booking, we may retain the data for a longer period, until a reasonable period after the dispute is resolved.

3.3.13.5 Our lawful basis for processing

3.3.13.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in the proper management of College facilities, in maintaining the security of College premises, in understanding the purposes for which facilities have been reserved, and in recording the identities of those booking College facilities.

3.3.13.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.3.13.8 Special category - details of public interest etc.

3.3.14 Security records

3.3.14.1 Includes

Security records, including CCTV records, access control records, guest vehicle registrations and records of keys issued and returned. Records of security incidents, accident reports and health and safety records.

3.3.14.2 Source of the data

We generate this data about you.

3.3.14.3 Why we process it

To monitor the attendance of people on College premises, as part of the College's safety and security arrangements.

3.3.14.4 How long we keep this data

CCTV records, access control and access logs are retained for 6 months. Security incidents, accident reports and health and safety records are retained for 6 years from creation. If incidents are mentioned during Governing Body meetings, the minutes will be retained in the College archive in perpetuity.

3.3.14.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.3.14.6 Details relating to lawful basis (where applicable)

We, you, and College residents have a legitimate interest in restricting access to College property to authorised persons, monitoring the attendance of people on College premises, and maintaining a record of incidents occurring on College property, as part of the College's safety and security arrangements.

3.3.14.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.3.14.8 Special category - details of public interest etc.

The College processes special category information in pursuit of our functions and under health and safety legislation, and for the purposes of performing or exercising obligations or rights which are imposed or conferred by law on the College or the data subject in connection with employment, social security or social protection.

3.3.14.9 Criminal conviction and or criminal allegation grounds

The processing is necessary for purposes of the prevention or detection of an unlawful act and must be carried out without the consent of the data subject, so as not to prejudice those purposes.

3.3.14.10 Criminal conviction and or criminal allegation grounds further information

To the extent that data recorded includes data on criminal offences, convictions and allegations.

3.4 Employees

3.4.1 Absence

3.4.1.1 Includes

Absence records (including but not limited to vacation, maternity/paternity/shared parental leave, time off for dependants, career breaks, etc.)

3.4.1.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.1.3 Why we process it

To record, monitor, plan for and respond to absences.

3.4.1.4 How long we keep this data

Records relating to absence will be retained for 7 years from the date of the absence.

3.4.1.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.1.6 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.1.7 Special category - details of public interest etc.

To the extent that absences are due to ill health or reasons linked to 'special category' information as defined under GDPR.

3.4.1.8 Criminal conviction and or criminal allegation grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.1.9 Criminal conviction and or criminal allegation grounds further information

To the extent that absences are due to allegations of criminal behaviour or criminal convictions.

3.4.2 Accommodation applications

3.4.2.1 Includes

Housing applications, information, decisions and arrangements: tenancy applications, related correspondence, tenancy agreements, rents, deposits and fee details.

3.4.2.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.2.3 Why we process it

For the management of College-owned housing used for employee and office-holder occupation.

3.4.2.4 How long we keep this data

Records relating to housing applications will be retained for 7 years from the date on which the tenancy ends (HMRC retention requirement.

3.4.2.5 Our lawful basis for processing

3.4.2.6 Details relating to lawful basis (where applicable)

We are required by law to place deposits in certain deposit schemes, and hold appropriate records in relation to the same.

3.4.3 Appointments

3.4.3.1 Includes

Appointment records: criminal conviction and Disclosure and Barring Service information.

3.4.3.2 Source of the data

We obtain this data from you and from third parties.

3.4.3.3 Why we process it

As part of the application process to assist us in making recruitment decisions.

3.4.3.4 How long we keep this data

For 6 months following your appointment to the relevant role. Information relating to criminal convictions collected in the course of the recruitment process will be deleted once the DBS check has yielded a satisfactory or unsatisfactory result. DBS certificate information will be retained for 6 months from the date of your appointment.

3.4.3.5 Our lawful basis for processing

Processing is necessary in order to take steps at your request prior to entering a contract. Processing is necessary for compliance with a legal obligation. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.3.6 Details relating to lawful basis (where applicable)

To the extent that a role will involve working with minors, processing is necessary for compliance with safeguarding law.

3.4.3.7 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.4.3.8 Criminal conviction and or criminal allegation grounds further information

Processing is necessary for the purpose of performing or exercising obligations or rights imposed or conferred by law in connection with employment, in circumstances where the College has an appropriate policy document in place. Processing is necessary for the protection of the public against dishonesty, unfitness or incompetence.

3.4.4 Appointment details

3.4.4.1 Includes

Appointment records: role details, negotiations, probation period and contract details.

3.4.4.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you.

3.4.4.3 Why we process it

To record the terms under which staff and office-holders are engaged by the College.

3.4.4.4 How long we keep this data

Appointment records will be retained for 7 years from the date of termination of your employment. This is in order to maintain complete and accurate records of your employment contract.

3.4.4.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.5 Appraisals

3.4.5.1 Includes

Appraisal information, including objectives, feedback given to and received about you, records of appraisal discussions and Personal Development Plans.

3.4.5.2 Source of the data

We obtain this data from you and from third parties.

3.4.5.3 Why we process it

To monitor, assist in and record your professional development.

3.4.5.4 How long we keep this data

These records will be kept for three years from the date that they are superseded by an updated appraisal, or three years following the termination of your employment (whichever is longer).

3.4.5.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.5.6 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.6 Bank records

3.4.6.1 Includes

Bank account, sort code and personal card details, expense allowances and expense claims.

3.4.6.2 Source of the data

We obtain this data from you.

3.4.6.3 Why we process it

To enable us to monitor expense claims made and make necessary payments.

3.4.6.4 How long we keep this data

Data relating to expenses allowances and expense claims will be retained for 7 years from termination of your employment.

3.4.6.5 Our lawful basis for processing

3.4.6.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in operating and ensuring appropriate use of the College expenses system.

3.4.7.1 Includes

Bank account, sort code, BACS ID, National Insurance number, salary details, payslips, bonus details, tax forms, tax codes and payments information.

3.4.7.2 Source of the data

We obtain this data from you and from third parties. We generate this data about you.

3.4.7.3 Why we process it

Processing is necessary for the operation of the College payroll and benefits system.

3.4.7.4 How long we keep this data

PAYE and payroll data will be retained for 7 years from termination of your employment for the purposes of reporting to HMRC. HMRC approvals will be retained permanently.

3.4.7.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.8 Benefits schemes

3.4.8.1 Includes

Employee and office-holder benefits scheme membership details, including (where relevant) but not limited to subscriptions for childcare vouchers and details of relevant childcare providers used, healthcare interest free loans and travel passes.

3.4.8.2 Source of the data

We obtain this data from you and from other third parties. We generate this data about you.

3.4.8.3 Why we process it

As part of the proper functioning of the employee and office holder benefits system.

3.4.8.4 How long we keep this data

These records will be retained for 7 years from the date of termination of your employment.

3.4.8.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.9 Biometric data

3.4.9.1 Includes

Biometric data (fingerprint-based).

3.4.9.2 Source of the data

We obtain this data from you.

3.4.9.3 Why we process it

To enable the clocking on/off process for casual workers.

3.4.9.4 How long we keep this data

These records will be deleted immediately following the termination of your employment or withdrawal of consent to processing.

3.4.9.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.9.6 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.10 Capability

3.4.10.1 Includes

Capability procedure records, including reasons for commencing the process, relevant performance indicators, records of review meetings and feedback, decisions and outcomes.

3.4.10.2 Source of the data

We obtain this data from the University of Oxford and from other third parties. We obtain this data from you. We generate this data about you.

3.4.10.3 Why we process it

To support the development of our employees and to appropriately manage under-performance.

3.4.10.4 How long we keep this data

This data will be retained for 6 years from the end of the capability procedure.

3.4.10.5 Our lawful basis for processing

3.4.10.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in managing the under-performance of employees appropriately.

3.4.10.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.11 Comments and feedback

3.4.11.1 Includes

Opinions and comments made by you on student's academic and other reports, and expressed during or in relation to College meetings (to the extent recorded).

3.4.11.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.11.3 Why we process it

As part of College records and minutes concerning teaching, management and administration. Copies are provided to the College Archives.

3.4.11.4 How long we keep this data

In perpetuity as part of College archives.

3.4.11.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for the performance of a task carried out in the public interest. Processing is necessary for compliance with a legal obligation. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.11.6 Details relating to lawful basis (where applicable)

To the extent that the materials in question relate to the education provided at the College, the processing is necessary for the performance of a public task. We also have a legitimate interest in maintaining records of College matters, including reports and discussions thereon. In some circumstances processing will be necessary to comply with our employment, equality or other legal obligations, or in order to fulfil our contract with you.

3.4.12 Conflict of interest

3.4.12.1 Includes

Conflict of interest declarations.

3.4.12.2 Source of the data

We obtain this data from you.

3.4.12.3 Why we process it

To enable us to identify when your personal or family interests and/or loyalties conflict with those of the College.

3.4.12.4 How long we keep this data

These records will be kept for 6 years from the termination of employment. If declarations are mentioned during governing body sessions, the minutes will be retained in the College archive in perpetuity.

3.4.12.5 Our lawful basis for processing

3.4.12.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in understanding when your interests may conflict with those of the College, and when you will be unable to contribute to College management and/or decisions. In certain circumstances we may also have a legal obligation to process this data.

3.4.13 Contact details

3.4.13.1 Includes

Contact details (name, addresses, telephone numbers), as amended from time to time.

3.4.13.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you. We generate this data about you.

3.4.13.3 Why we process it

In order to be able to contact you in your role as an employee or office holder at the College, and (where applicable) to comply with immigration law. These details will also appear on documents and materials held in the College archive.

3.4.13.4 How long we keep this data

Your contact details will be retained for a period of 6 years from the date of termination of your employment. Where this data has been entered into the College archive, his data will be retained permanently therein.

3.4.13.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for compliance with a legal obligation. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.13.6 Details relating to lawful basis (where applicable)

In relation to College archives, the College has a legitimate interest in holding a record of its activities.

3.4.14 Cultural activity records and photographs

3.4.14.1 Includes

Records of College cultural life and personal papers donated by member, including written records of teams, choirs, clubs and societies, plays and performances, of participation in events and sporting fixtures and of the outcomes.

3.4.14.2 Source of the data

We obtain this data from the University of Oxford and from other third parties. We obtain this data from you. We generate this data about you.

3.4.14.3 Why we process it

To allow the College's cultural life to function and flourish, and in order to maintain a record of College life, which may be relevant to you individually (for example if you later request confirmation of historical details from us), and which is also part of the College's own record of what its members have achieved over time.

3.4.14.4 How long we keep this data

Permanently.

3.4.14.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.14.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining a record of its cultural life.

3.4.14.7 Special category grounds

Processing relates to personal data which you have manifestly made public.

3.4.15 Dietary

3.4.15.1 Includes

Dietary information.

3.4.15.2 Source of the data

We obtain this data from you.

3.4.15.3 Why we process it

To ensure that you are provided with foods meeting your personal, philosophical and health requirements.

3.4.15.4 How long we keep this data

We retain this information for the length of your employment contract, in order to ensure you are provided with foods meeting your personal requirements. This information will be deleted immediately upon termination of your employment.

3.4.15.5 Our lawful basis for processing

3.4.15.6 Details relating to lawful basis (where applicable)

Processing is necessary for compliance with food safety and food standards law. We, and you, also have a legitimate interest in ensuring that you receive appropriate service on an ongoing basis.

3.4.15.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.4.15.8 Special category - details of public interest etc.

Where it processes special category data in relation to your dietary requirements, the College does so in pursuit of its compliance with consumer protection, health and safety and equality legislation. It processes the data for the purposes of preventing an unlawful breach of such legislation and/or the exercise of functions pursuant to its legal obligations.

3.4.16.1 Includes

Disciplinary or harassment records: if a disciplinary, harassment or similar complaint is made to the College in relation to you, including records of any investigation and / or decision that we take, dismissal records, settlements, and of any appeals process.

3.4.16.2 Source of the data

We obtain this data from the University of Oxford and from other third parties. We obtain this data from you. We generate this data about you.

3.4.16.3 Why we process it

To investigate, consider and reach conclusions in relation to employee and office holder disciplinary matters.

3.4.16.4 How long we keep this data

This data will be kept for 6 years from the outcome of the investigation or related disciplinary decision. Where appropriate, a reference to the fact disciplinary proceedings took place and the relevant date will be retained on your skeleton employment record permanently.

3.4.16.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for compliance with a legal obligation.

3.4.16.6 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.16.7 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Parts 1-3 of Schedule 1 to the Data Protection Act 2018.

3.4.16.8 Criminal conviction and or criminal allegation grounds further information

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.17 Email and computer records

3.4.17.1 Includes

Computer and email information, including login, username and password information for College IT systems, IP addresses of devices you connect to College IT systems, equipment allocated to you, and details of when you connected or logged in to our network, records of internet usage.

3.4.17.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you.

3.4.17.3 Why we process it

For the proper management of College IT resources.

3.4.17.4 How long we keep this data

Records will be destroyed one year after closure of your IT accounts.

3.4.17.5 Our lawful basis for processing

3.4.17.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in the proper management of College IT resources.

3.4.18 Email for mailing lists

3.4.18.1 Includes

Email contact information used in ad hoc mailing lists, for example for College events.

3.4.18.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.18.3 Why we process it

To enable employees and office-holders to participate in College events.

3.4.18.4 How long we keep this data

Your email contact data will be removed from mailing lists within three months of the termination of your employment.

3.4.18.5 Our lawful basis for processing

3.4.18.6 Details relating to lawful basis (where applicable)

The College, its employees and office holders have a legitimate interest that employees and office holders are notified of College events.

3.4.19 End of Employment

3.4.19.1 Includes

End of employment records, including details of exit interviews, relevant correspondence, and redundancy records (redundancy details, calculations of payments, refunds, notification to the Secretary of State) or termination records.

3.4.19.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.19.3 Why we process it

To understand the reasons that employees and office holders leave, to identify trends and issues, and to enable us to make improvements going forward. Where employees have left due to redundancy or their contracts have been terminated, we keep records to ensure we can respond appropriately to any ongoing queries.

3.4.19.4 How long we keep this data

These records will be retained for 6 years from the date of termination of your employment.

3.4.19.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.19.6 Details relating to lawful basis (where applicable)

We, and other members of the College, have a legitimate interest in understanding the reasons that employees and office holders leave. We also have a legitimate interest in holding appropriate records relating to potentially contentious decisions.

3.4.19.7 Special category grounds

We require your explicit consent to acquire and retain this data.

3.4.19.8 Criminal conviction and or criminal allegation grounds

You have consented to the processing. The processing relates to personal data that you have manifestly made public. The processing is necessary in connection with legal proceedings (including prospective legal proceedings) The processing is necessary for the purpose of obtaining legal advice.

3.4.19.9 Criminal conviction and or criminal allegation grounds further information

Where allegations of, or convictions for, criminal offences are held as part of leaver records, this data will usually be either public information, held for the purpose of obtaining legal advice in connection with legal proceedings, be necessary for the exercise of a function conferred on the College by an enactment or the rule of law, or held in the public interest for the purpose of protecting the public against unfitness, improper conduct or similar. Where no such grounds for processing this data apply, it will be held and processing only based on your consent.

3.4.20 Equality and appointments

3.4.20.1 Includes

Appointment records: Equality monitoring data.

3.4.20.2 Source of the data

We obtain this data from you.

3.4.20.3 Why we process it

For equality or monitoring purposes.

3.4.20.4 How long we keep this data

This information will only be held and processed in anonymised form. This information will be kept permanently in an anonymised form for College records and monitoring purposes.

3.4.20.5 Our lawful basis for processing

3.4.20.6 Details relating to lawful basis (where applicable)

Processing is necessary for compliance with our obligations under equality law, employment law and laws specific to the higher education sector.

3.4.20.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.4.20.8 Special category - details of public interest etc.

The processing is of data concerning health, sexuality, ethnicity or religious beliefs and is necessary for equality of opportunity of treatment purposes in accordance with the conditions and safeguards specified in the Data Protection Act 2018, with a view to promoting or maintaining such equality. In relation to College archives, the College has a legitimate interest in holding a record of its equality information over time.

3.4.21 Equality monitoring data

3.4.21.1 Includes

Recruitment records: equality monitoring data. This may consist of data concerning health, sexuality, ethnicity or religious beliefs.

3.4.21.2 Source of the data

We obtain this data from you.

3.4.21.3 Why we process it

For equality or monitoring purposes.

3.4.21.4 How long we keep this data

This information will only be held and processed in anonymised form. This information will be kept in perpetuity in an anonymised form for College records and monitoring purposes.

3.4.21.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms

3.4.21.6 Details relating to lawful basis (where applicable)

Processing is necessary for compliance with equality law.

3.4.21.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.4.21.8 Special category - details of public interest etc.

3.4.22 Event and meal bookings

3.4.22.1 Includes

Event and meal bookings, including details of monies stored on College payment systems and any charges paid/outstanding.

3.4.22.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.22.3 Why we process it

For the management of College catering provision.

3.4.22.4 How long we keep this data

Records of outstanding payments will be retained until they are paid in full. Records relating to event and meal bookings will be retained for one year after the end of the academic year in which the event took place.

3.4.22.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms

3.4.22.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in the sound and efficient management of College catering and events, including recording the identity of attendees, and recording and arranging for the recovery of monies owed.

3.4.23 Grievances

3.4.23.1 Includes

Grievances and related investigations raised with the College and relating to you, including records of any investigation and/or decision that we take, and of any subsequent appeal of resolution.

3.4.23.2 Source of the data

We obtain this data from you and from third parties. We generate this data about you.

3.4.23.3 Why we process it

As an employer we are required to make appropriate records as part of the handling of grievances and related investigations.

3.4.23.4 How long we keep this data

Data will be retained for 7 years from the date of investigation, or the date of the decision resulting from the grievance process, whichever is later.

3.4.23.5 Our lawful basis for processing

3.4.23.6 Details relating to lawful basis (where applicable)

Processing of this data is necessary to comply with employment law. We, you, and other parties who are involved, also have a legitimate interest in the proper investigation and handling of relevant complaints, disputes and grievances.

3.4.23.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.23.8 Criminal conviction and or criminal allegation grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws

3.4.24 Health and safety assessments

3.4.24.1 Includes

Health and Safety Assessments.

3.4.24.2 Source of the data

We obtain this data from you.

3.4.24.3 Why we process it

To enable us to make appropriate adjustments to your working environment and duties to accommodate changes in your physical and/or mental condition.

3.4.24.4 How long we keep this data

This data will be retained for 6 years from the date of termination of your employment, unless the assessment relates to the conduct and results of risk assessments of work which exposes employees to asbestos where records of assessments will be retained permanently. Assessments under health and safety regulations and records of consultations with safety representatives and committees will be retained permanently.

3.4.24.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation.

3.4.24.6 Details relating to lawful basis (where applicable)

Processing is necessary to comply with Health and Safety law.

3.4.24.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.25 Housing

3.4.25.1 Includes

Housing applications, information, decisions and arrangements: details of College-owned residential property occupants, including names, ages, disability details, nationality and immigration status data.

3.4.25.2 Source of the data

We obtain this data from you.

3.4.25.3 Why we process it

For the proper management of College-owned housing used for employee and office-holder occupation.

3.4.25.4 How long we keep this data

These records will be retained for one year from the date on which the tenancy ends, or until superseded by a follow-up check (Home Office retention requirements).

3.4.25.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary in order to take steps at your request prior to entering a contract. Processing is necessary for compliance with a legal obligation. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.25.6 Details relating to lawful basis (where applicable)

We are required by law to confirm and hold appropriate records regarding the immigration status of tenants. We also have a legitimate interest in knowing who the occupants of College properties are.

3.4.25.7 Special category grounds

We require your explicit consent to acquire and retain this data.

3.4.26 Information security incidents

3.4.26.1 Includes

Records of information security incidents and of PC misuse incidents.

3.4.26.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you.

3.4.26.3 Why we process it

To ensure that our systems are appropriately updated and secure, and in case records are required for subsequent disciplinary or police investigations.

3.4.26.4 How long we keep this data

This data will be retained for a period of one year from the last date of action in relation to the incident.

3.4.26.5 Our lawful basis for processing

3.4.26.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in the effective management, and proper use, of its IT systems.

3.4.26.7 Criminal conviction and or criminal allegation grounds

The processing is necessary for the purpose of obtaining legal advice or is otherwise necessary for establishing, exercising or defending legal rights. The processing meets a condition in Parts1-3 of Schedule 1 to the Data Protection Act 2018.

3.4.26.8 Criminal conviction and or criminal allegation grounds further information

Most commonly such data would be processed in connection with the detection or prevention of an unlawful act.

3.4.27 Joint Equity Scheme

3.4.27.1 Includes

Joint equity scheme arrangements, including title documents, copies of mortgage paperwork and payment records

3.4.27.2 Source of the data

We obtain this data from you and from third parties. We generate this data about you.

3.4.27.3 Why we process it

For the proper functioning of the College joint equity scheme arrangement.

3.4.27.4 How long we keep this data

These records will be retained for 7 years following release of the College's charge over the property.

3.4.27.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary in order to take steps at your request prior to entering a contract.

3.4.27.6 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.4.27.7 Special category - details of public interest etc.

To the extent that is it necessary to process special category data, this will be done for reasons of substantial public interest under the UK Data Protection Act 2018.

3.4.27.8 Criminal conviction and or criminal allegation grounds

The processing is necessary for the purpose of obtaining legal advice The processing meets a condition in Parts 1-3 of Schedule 1 to the Data Protection Act 2018.

3.4.27.9 Criminal conviction and or criminal allegation grounds further information

To the extent that criminal conviction data is relevant and processed by use in relation to the joint equity scheme, we would process it for the purpose of obtaining legal advice.

3.4.28 Keys and access cards

3.4.28.1 Includes

Allocation of key fobs/access cards.

3.4.28.2 Source of the data

We generate this data about you.

3.4.28.3 Why we process it

To enable you to access College facilities while maintaining the security of the College.

3.4.28.4 How long we keep this data

This information will be retained for one year after termination of your employment.

3.4.28.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.29 Learning and development

3.4.29.1 Includes

Learning and development records, including your attendance, completions, and certifications.

3.4.29.2 Source of the data

We obtain this data from you and from third parties. We generate this data about you.

3.4.29.3 Why we process it

As part of an accurate and up to date record of your employment by the College.

3.4.29.4 How long we keep this data

This data will be held for 6 years from the date of termination of your employment.

3.4.29.5 Our lawful basis for processing

3.4.29.6 Details relating to lawful basis (where applicable)

Processing in some instances is necessary to comply with our legal obligations in relation to the mandatory provision of training on specific issues to employees and office holders. We , and you, also have a legitimate interest in our holding an up to date record of your learning and development achievements, for workforce planning and recognition. We also have a legitimate interest in holding this data in the College Archive as part of our record of College life.

3.4.30 Leave

3.4.30.1 Includes

Leave and buy-out requests, including records of request consideration and decisions.

3.4.30.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you.

3.4.30.3 Why we process it

To manage requests for teaching remission subsequent to successful grant applications.

3.4.30.4 How long we keep this data

Records will be retained for 6 years from the date of the decision.

3.4.30.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.31 Legal compliance records

3.4.31.1 Includes

3.4.31.2 Source of the data

We generate this data about you.

3.4.31.3 Why we process it

So that we have a record of information supplied, both in the interests of good administration and also to meet legal and regulatory requirements.

3.4.31.4 How long we keep this data

This data will be retained for a period of 7 years from the termination of your employment, unless there is compelling justification for the data to be retained for a longer period e.g. in connection with legal advice, or in relation to auditing obligations.

3.4.31.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation.

3.4.31.6 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.4.31.7 Special category - details of public interest etc.

Where it processes special category data for these purposes, the College is exercising functions conferred under legislation. The processing is necessary for reasons of substantial public interest, namely the requirement for the College to comply with its statutory and legal obligations.

3.4.31.8 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.4.31.9 Criminal conviction and or criminal allegation grounds further information

3.4.32 Library records

3.4.32.1 Includes

Library access and book records, overdue book records, records of library cards and library fines.

3.4.32.2 Source of the data

We generate this data about you.

3.4.32.3 Why we process it

To operate College library facilities.

3.4.32.4 How long we keep this data

These records will be retained for a period of one year from the date of closure of your library account.

3.4.32.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for the performance of a task carried out in the public interest.

3.4.33 Medical

3.4.33.1 Includes

Medical questionnaires, notes and occupational health reports, including specifics of health issues, records of consequent adjustments, and communications relating thereto.

3.4.33.2 Source of the data

We obtain this data from you and from third parties. We generate this data about you.

3.4.33.3 Why we process it

For Occupational Health purposes and in compliance with our obligations under equality legislation.

3.4.33.4 How long we keep this data

Records relating to occupational health will be retained for 6 years from the termination of employment . Medical records relating to the Control of Asbestos at Work Regulations or Control of Substances Hazardous to Health Regulations will be retained for 40 years.

3.4.33.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for compliance with a legal obligation.

3.4.33.6 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.34 Medical and appointment

3.4.34.1 Includes

Appointment records: medical/health and disability information.

3.4.34.2 Source of the data

We obtain this data from you.

3.4.34.3 Why we process it

To enable us to make reasonable adjustments on commencement of your employment by the College.

3.4.34.4 How long we keep this data

This information will be held for three months from the date of the end of your employment.

3.4.34.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation.

3.4.34.6 Details relating to lawful basis (where applicable)

Processing is necessary for compliance with equality law.

3.4.34.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.35 Medical and recruitment

3.4.35.1 Includes

Recruitment records: medical/health and disability information.

3.4.35.2 Source of the data

We obtain this data from you.

3.4.35.3 Why we process it

To enable us to make appropriate adjustments during the recruitment process.

3.4.35.4 How long we keep this data

One year from the time a decision is made on the application.

3.4.35.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation.

3.4.35.6 Details relating to lawful basis (where applicable)

Processing is necessary for compliance with equality law.

3.4.35.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.36 Meeting attendance

3.4.36.1 Includes

Details of your attendance at, and participation in, College administrative meetings, including Governing Body, sub-committees and working groups.

3.4.36.2 Source of the data

We generate this data about you.

3.4.36.3 Why we process it

As a formal record of matters relating to the administration and management of College business. Copies of the records are also provided to and stored by the College Archives.

3.4.36.4 How long we keep this data

In perpetuity.

3.4.36.5 Our lawful basis for processing

3.4.36.6 Details relating to lawful basis (where applicable)

To the extent that the business of the relevant bodies forms an integral part of the provision of University education or publicly-funded research carried out in the public interest, the processing is necessary for the performance of the College's public task. As regards other aspects of such records, we have a legitimate interest in compiling a record of administrative and managerial matters, including details of those involved, decisions made and outcomes. The College also has a legitimate interest in the addition of such records to the College archives.

3.4.37 Next of kin and emergency information

3.4.37.1 Includes

Next of kin/emergency contact data.

3.4.37.2 Source of the data

We obtain this data from you.

3.4.37.3 Why we process it

To enable us to contact appropriate individuals in the event that you are injured, become unwell, or there other relevant cause for concern regarding your well-being.

3.4.37.4 How long we keep this data

This data will be destroyed within three months of the date of termination of your employment.

3.4.37.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.37.6 Details relating to lawful basis (where applicable)

It is in you, and our, legitimate interests for us to have the means to contact a family member or other designated representative in a situation where there is significant concern for your welfare.

3.4.38 Passport records for trips and events

3.4.38.1 Includes

Passport, right to work and visa information.

3.4.38.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you.

3.4.38.3 Why we process it

To enable us to assess your right to work in the United Kingdom and take steps to meet immigration requirements where necessary.

3.4.38.4 How long we keep this data

These records must be kept for the duration of employment and for a further two years after the University ceases to sponsor the visa holder (Home Office and UK Visas and Immigration retention requirement).

3.4.38.5 Our lawful basis for processing

3.4.38.6 Details relating to lawful basis (where applicable)

Processing is necessary for compliance with immigration and employment law.

3.4.38.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.39 Pastoral care

3.4.39.1 Includes

Pastoral care records (College provision of pastoral care to students), including details of your pastoral responsibilities, advisees, interventions and advice.

3.4.39.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.39.3 Why we process it

As part of the records of students advisees, and to create a record for future consultation in the event of complaints. Lists of tutor groups are retained in the College archives.

3.4.39.4 How long we keep this data

This data may be retained permanently.

3.4.39.5 Our lawful basis for processing

3.4.39.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in recording pastoral care information, in order to assess the proper functioning of the pastoral care system and to be able to handle complaints received in relation thereto. Advisees also have a legitimate interest in the creation of appropriate records of pastoral care received.

3.4.40 Pensions

3.4.40.1 Includes

Pension membership data including identification numbers, quotes and projections, terms, opt-in and opt-out notices, benefits and contributions.

3.4.40.2 Source of the data

We obtain this data from third parties.

3.4.40.3 Why we process it

In order to enable your enrolment in to your pension scheme and to make our contribution.

3.4.40.4 How long we keep this data

Most records relating to your pension will be retained for up to 6 years following the end of your employment. After that time, only a skeleton record will be held, setting out the name of the provider, the date the employee joined the pension scheme and (where applicable) the date of retirement. It is expected that former staff will be able to obtain all relevant data on their pension from the relevant pension provider, in perpetuity. Information concerning Pensioners will be retained for twelve years after the end of the benefit payments.

3.4.40.5 Our lawful basis for processing

3.4.40.6 Details relating to lawful basis (where applicable)

We, and you, have a legitimate interest in being able to request this data from the pensions provider at your request, and discussing it with you, including any implications of adjustments.

3.4.41 Pensions - other information

3.4.41.1 Includes

Other data relating to your occupational pension scheme, including: (a) death in service benefit nominations; (b) health information about you (as a result of incapacity retirement benefit); (c) information about your spousal or other relationships which might identify your sexuality; (d) absence information, which might allow the reverse engineering of trade union affiliation in the case of strike absences.

3.4.41.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.41.3 Why we process it

In order to be able to provide required information to your occupational pension scheme provider.

3.4.41.4 How long we keep this data

3.4.41.5 Our lawful basis for processing

3.4.41.6 Details relating to lawful basis (where applicable)

We, and you, have a legitimate interest in being able to provide this information to your occupational pension scheme provider, to enable the provider to operate the pension in accordance with the scheme and your and their respective rights and obligations.

3.4.41.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.42 Photographs - formal

3.4.42.1 Includes

Photographs (formal).

3.4.42.2 Source of the data

We generate this data about you.

3.4.42.3 Why we process it

To enable visual identification of staff and office-holders for security purposes. To publish images of staff and office-holders to enable identification by students, colleagues and third parties.

3.4.42.4 How long we keep this data

Permanently. This data will be held as part of the skeleton record of your employment for the purposes of College records and archives.

3.4.42.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.42.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in ensuring the security of our premises and the exclusion of non-authorised individuals. We, your colleagues, students and others also have a legitimate interest in being able to identify you. In relation to College archives, the College has a legitimate interest in holding a visual record of employees and office-holders over time.

3.4.43 Photographs - informal

3.4.43.1 Includes

Photographs (informal).

3.4.43.2 Source of the data

We obtain this data from the University of Oxford and from other third parties. We generate this data about you.

3.4.43.3 Why we process it

Photographic records of College life, including attendance at events and society memberships, are created on an ongoing basis. The College archives collect and store copies of such materials.

3.4.43.4 How long we keep this data

In perpetuity.

3.4.43.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.43.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in creating a historical archive recording College life.

3.4.44 Probation

3.4.44.1 Includes

Probation period records, including dates, duration, feedback and evaluations, and materials relating to any decisions made.

3.4.44.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you.

3.4.44.3 Why we process it

To manage the probationary period in line with your contract with the College and College procedures.

3.4.44.4 How long we keep this data

This data will be retained for 7 years from the date of termination of your employment.

3.4.44.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.45 Promotion and progression

3.4.45.1 Includes

Promotion and progression materials including applications, references and supporting materials, records of deliberations, decision notifications, feedback and awards; long service awards.

3.4.45.2 Source of the data

We obtain this data from the University of Oxford and from third parties. We obtain this data from you. We generate this data about you.

3.4.45.3 Why we process it

For the proper functioning of the promotion application and award process. relevant personal data may also be placed in the College archives as part of the record of College committee discussions.

3.4.45.4 How long we keep this data

This data will be retained for a period of 6 years from termination of your employment. Data which is of particular public, scientific or historical interest will be retained in perpetuity as part of the College archives.

3.4.45.5 Our lawful basis for processing

3.4.45.6 Details relating to lawful basis (where applicable)

In relation to College archives, the College has a legitimate interest in holding records about employee and office-holder advancement.

3.4.46 Recruitment

3.4.46.1 Includes

Recruitment records: your personal contact details, application paperwork, evidence of qualifications, references, requests for special arrangements or waiver of eligibility criteria, and selection committee reports. (Not including criminal conviction data, if applicable).

3.4.46.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you. We generate this data about you.

3.4.46.3 Why we process it

To enable us to consider whether to enter into a contract of employment with you. Certain parts of the record are also held as part of College compliance with immigration law, and/or entered into the College archive after 6 years.

3.4.46.4 How long we keep this data

Unsuccessful applicant data is erased after one calendar year has passed, except to the extent that details are recorded in College administrative records, such as Governing Body paper and minutes, such documents are stored in the College archive permanently.

Where the successful applicant is a Tier 2 or Tier 5 visa applicant, sponsored by the College, copies of the following recruitment records (for all shortlisted applicants in the relevant recruitment process) will be kept by the College for the time periods required under UK Visas and Immigration guidance, as amended from time to time.

Data for all applications shortlisted for final interview will be retained in the medium in which they were received (e.g. emails, application form, cv). This may include the names and total number of applicants short-listed for final interview; notes from the final interviews conducted; documented reasons why each rejected EEA national who attended a final interview was not employed. Reasons must directly relate to the essential selection criteria for the post.

3.4.46.5 Our lawful basis for processing

3.4.46.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining a record of its recruitment activities, and holding appropriate management and administration records.

3.4.46.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.47 Recruitment communications

3.4.47.1 Includes

Recruitment records: communications regarding our decisions (rejections, shortlists, interview invitations, offers).

3.4.47.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you.

3.4.47.3 Why we process it

To document the process under which applicants are considered for positions, and successful applicants are engaged as employees or office-holders at the College.

3.4.47.4 How long we keep this data

Recruitment records of successful applicants will be retained for 7 years from the date of the end of your contract of employment. Recruitment records for unsuccessful applicants will be destroyed three months from the date of completion of the recruitment process.

3.4.47.5 Our lawful basis for processing

Processing is necessary in order to take steps at your request prior to entering a contract. Processing is necessary for compliance with a legal obligation.

3.4.47.6 Details relating to lawful basis (where applicable)

The College stores various records in compliance with immigration law requirements.

3.4.48 References

3.4.48.1 Includes

References provided by, or in relation to you.

3.4.48.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.48.3 Why we process it

References in relation to you are provided for a number of reasons, including enabling you to seek alternative employment or take up voluntary posts, allowing you to access certain libraries and archives, and for provision to prospective landlords. References provided by you are held in order that the College has a record of recommendations or comments made by employees and office-holders in their official capacity.

3.4.48.4 How long we keep this data

Records of references will be kept for one year from the date of provision of the reference. An entry noting that a reference was provided will be retained on your skeleton employment record permanently.

3.4.48.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.48.6 Details relating to lawful basis (where applicable)

We, and you have a legitimate interest in providing you with references and keeping a record of what was said. We also have a legitimate interest in keeping a record of recommendations or comments made by employees and office-holders in their official capacity.

3.4.49 Research project and funding applications

3.4.49.1 Includes

Research project and funding applications and renewals.

3.4.49.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you.

3.4.49.3 Why we process it

As part of your record as an employee or office-holder at the College.

3.4.49.4 How long we keep this data

This data will be retained for a period of one year from the completion of the research project or, if unsuccessful, one year from the date of notification that the application was unsuccessful.

3.4.49.5 Our lawful basis for processing

3.4.49.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in recording the research activities of our employees and office holders, and identifying sources of funding they receive and supporting applications for funding made.

3.4.50 Room bookings

3.4.50.1 Includes

Room bookings.

3.4.50.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.50.3 Why we process it

As part of the administration and management of College property.

3.4.50.4 How long we keep this data

This data will be retained for one year from the end of the relevant academic year.

3.4.50.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.50.6 Details relating to lawful basis (where applicable)

3.4.51 Rotas

3.4.51.1 Includes

Staff rotas, flexible and part-time working arrangements, time sheets, casual work claim forms, and attendance records.

3.4.51.2 Source of the data

We generate this data about you.

3.4.51.3 Why we process it

For payroll administration and employee performance monitoring.

3.4.51.4 How long we keep this data

This data will be retained for 7 years.

3.4.51.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.4.52 Sabbatical entitlements

3.4.52.1 Includes

Sabbatical entitlements, including proposed dates, historical sabbatical periods, plans for the use of sabbatical time and reports on sabbaticals taken.

3.4.52.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.52.3 Why we process it

For the management of your sabbatical entitlements, to ensure sufficient cover for your role during your absence, and as part of your record of employment with the College. To the extent that sabbatical data is discussed in College committee, personal data may also be recorded in the College archive in the meeting minutes.

3.4.52.4 How long we keep this data

This data will be kept for 7 years from end of the tax year in which sabbatical discussions take place. If discussions relating to sabbatical entitlements are mentioned during governing body sessions, the minutes will be retained in the College archive in perpetuity.

3.4.52.5 Our lawful basis for processing

3.4.52.6 Details relating to lawful basis (where applicable)

To the extent that our purposes support the provision of teaching within the College, processing is necessary for the performance of a public task. For other purposes, we have a legitimate interest in monitoring and managing the availability of employees and office-holders.

3.4.53 SCR membership

3.4.53.1 Includes

SCR membership files: names, contact details, commencement of membership, terms.

3.4.53.2 Source of the data

We obtain this data from you; we generate this data about you.

3.4.53.3 Why we process it

Certain individuals are members of the College SCR post-employment or in circumstances where they have never been employed by the College. Files relating to such members, which provide a record of arrangements in place between us, are kept by the College.

3.4.53.4 How long we keep this data

These records will be retained for one year following the end of your SCR membership.

3.4.53.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.4.53.6 Details relating to lawful basis (where applicable)

The proper maintenance of SCR records is in you, and our, legitimate interests.

3.4.53.7 Special category grounds

We require your explicit consent to acquire and retain this data.

3.4.54 Security records

3.4.54.1 Includes

Security records, including CCTV, access control records and access logs . Security incidents, accident reports and health and safety records.

3.4.54.2 Source of the data

We generate this data about you.

3.4.54.3 Why we process it

To monitor the attendance of people on College premises, as part of the College's safety and security arrangements.

3.4.54.4 How long we keep this data

CCTV records, access control ,and access logs are retained for six months. Security incidents, accident reports, and health and safety records are retained for 6 years from creation. If such incidents are mentioned during governing body sessions, the minutes will be retained in the College archive in perpetuity.

3.4.54.5 Our lawful basis for processing

3.4.54.6 Details relating to lawful basis (where applicable)

We, and residents of the College, have a legitimate interest in restricting access to College property to authorised persons, maintaining a record of access and maintaining a record of incidents occurring on College property.

3.4.54.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.54.8 Special category - details of public interest etc.

The College also processes special category information in pursuit of a substantial public interest under the Data Protection Act 2018: exercising our functions and/or detecting or preventing unlawful acts under Health and Safety and similar legislation.

3.4.54.9 Criminal conviction and or criminal allegation grounds

The processing is necessary in connection with legal proceedings (including prospective legal proceedings), obtaining legal advice or is otherwise necessary for establishing, exercising or defending legal rights. The processing meets a condition in Parts 1-3 of Schedule 1 to the Data Protection Act 2018.

3.4.54.10 Criminal conviction and or criminal allegation grounds further information

Where data is recorded concerning criminal offences/allegations relating to you.

3.4.55 Sickness

3.4.55.1 Includes

Sickness records and related documentation, including sickness absence forms, employee 'Fit' notes, return to Work documentation.

3.4.55.2 Source of the data

We obtain this data from you and from third parties. We generate this data about you.

3.4.55.3 Why we process it

To comply with our obligations as an employer in the management of employees suffering ill health, to monitor reasons for absences, to consider relevant Health and Safety issues arising and to assist in scheduling of employee time.

3.4.55.4 How long we keep this data

Sickness records including Medical and Self Certificates will ordinarily be held for 7 years. Where records are known to be those of employees exposed to a substance hazardous to health (i.e. those who have been diagnosed with an asbestos-related illness, or where the College is aware that the employee has been exposed to an actionable levels of asbestos as set out in the Control of Asbestos at Work Regulations 2002; those who have been exposed to lead in accordance with the Lead (Control of Lead at Work Regulations 1980) or those exposed to radiations in accordance with the (Ionising Radiation Regulations 1985)), those records will will be retained for 40 years from the termination of employment.

3.4.55.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for compliance with a legal obligation.

3.4.55.6 Details relating to lawful basis (where applicable)

Processing is necessary to meet our employment law, and Health and Safety obligations.

3.4.55.7 Special category grounds

Processing is necessary for carrying out obligations or exercising our or your rights or obligations in employment or social security/protection as authorised by UK laws.

3.4.56 Teaching schedule

3.4.56.1 Includes

Teaching schedule information, including details of subjects taught, and size, timing and location of teaching sessions.

3.4.56.2 Source of the data

We generate this data about you.

3.4.56.3 Why we process it

As part of the administration and management of College teaching activities.

3.4.56.4 How long we keep this data

This data will be retained permanently.

3.4.56.5 Our lawful basis for processing

3.4.56.6 Details relating to lawful basis (where applicable)

The College and its students have a legitimate interest in processing data relating to teaching schedules and related information.

3.5 Finance and Commercial

3.5.1 Bank records

3.5.1.1 Includes

Bank account records, including names of payees and transaction details.

3.5.1.2 Source of the data

We receive this data from a third party (the bank).

3.5.1.3 Why we process it

In the normal course of operating the College's bank accounts.

3.5.1.4 How long we keep this data

Six years from end of the financial year to which the records relate.

3.5.1.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you; processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.5.1.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in processing its own banking records for cash-flow, accounting, financial control, fiduciary and audit purposes.

3.5.2 Conference Bookings

3.5.2.1 Includes

Records relating to conference bookings including communications and enquiries, details of the event or conference, the amount due, the contact and payment details of the purchaser.

3.5.2.2 Source of the data

We generate this data about you. We obtain this data from you. We obtain this data from third parties, e.g. legal advisors.

3.5.2.3 Why we process it

To process bookings and payments for conferences.

3.5.2.4 How long we keep this data

In the case of enquiries, a period of 12 months after the date of the enquiry, or 12 months after the conference if later. Papers delivered and information relating to conferences may be retained indefinitely in the College archive (details are explained in the privacy notice relating to College archives). In the case of transaction records, six years from end of the financial year in which the transaction occurred.

3.5.2.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you; processing is necessary in order to take steps at your request prior to entering a contract.

3.5.3 Governing Body agendas, minutes, legal records

3.5.3.1 Includes

Governing body and committee agendas, governance documents, and some legal, financial, buildings and architectural records are kept in the College archive. (For further details see the College archive privacy notice and accompanying schedule).

3.5.3.2 Source of the data

We obtain this data from you; we generate this data about you.

3.5.3.3 Why we process it

To maintain a historic record of College administration.

3.5.3.4 How long we keep this data

Permanently.

3.5.3.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms

3.5.3.6 Details relating to lawful basis (where applicable)

3.5.3.7 Special category grounds

Processing is necessary for archiving purposes in the public interest as permitted under the UK Data Protection Act

3.5.3.8 Special category - details of public interest etc.

There is a public interest in the College maintaining its archive of College life for future generations, and in the context of the College being a College of a long-established University with a strong identity and history. The College is required to implement appropriate safeguards for individuals' rights and freedoms. The UK Data Protection Act provides safeguards by making specific provision preventing processing which is likely to cause substantial damage or substantial distress to a data subject; and/or which is carried out for the purposes of measures or decisions with respect to a particular data subject, unless the purposes for which the processing is necessary include the purposes of approved medical research.

3.5.3.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 1 of Schedule 1 to the Data Protection Act 2018.

3.5.3.10 Criminal conviction and or criminal allegation grounds further information

3.5.4 Leases and title deeds

3.5.4.1 Includes

Title documents, transfers, leases and contracts which include the names of parties, signatories and witnesses.

3.5.4.2 Source of the data

We obtain this data from you.

3.5.4.3 Why we process it

In order to execute and retain title documents, transfers, leases and contracts.

3.5.4.4 How long we keep this data

In the case of contracts, for a period of 6 years after conclusion of the contract. In the case of title documents, transfers and leases, for a period of 12 years after the College disposes of its interest in the property.

3.5.4.5 Our lawful basis for processing

3.5.4.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in entering contracts, leases and transfers of land, and in retaining records and title documents to assist with the management of its properties.

3.5.5 Legal compliance records

3.5.5.1 Includes

3.5.5.2 Source of the data

We generate this data about you. We obtain this data from you. We obtain this data from third parties e.g. legal advisors.

3.5.5.3 Why we process it

So that we have a record of information supplied, both in the interests of good administration and also to meet legal and regulatory requirements.

3.5.5.4 How long we keep this data

These records will be retained for a period of 6 years from the date they were generated for compliance purposes unless there is compelling justification for the data to be retained for a longer period (e.g. in connection with legal advice, or in relation to auditing obligations).

3.5.5.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation.

3.5.5.6 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.5.5.7 Special category - details of public interest etc.

Where it processes special category data for these purposes, the College is complying with its obligations under legislation. The processing is typically necessary for the purposes of prevention or detection of an unlawful act, or the exercise of a function conferred by law. The processing is also necessary for reasons of substantial public interest, namely the requirement for the College to comply with its statutory and legal obligations.

3.5.5.8 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.5.5.9 Criminal conviction and or criminal allegation grounds further information

3.5.6 Management accounts, budgets and audits

3.5.6.1 Includes

Budget documents, audit and accounting documents, management accounts, investment documents and communications relating to such records, all of which may include names and contact details of individuals responsible for or involved with the budgets/accounts/investments.

3.5.6.2 Source of the data

We generate this data about you. We obtain this data from you. We obtain this data from third parties e.g. accountants.

3.5.6.3 Why we process it

As a normal part of the College's budgetary and accounting processes.

3.5.6.4 How long we keep this data

Six years from end of the financial year to which the records relate.

3.5.6.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.5.6.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in operating processes for budgeting, auditing, accounting and investment purposes.

3.5.7 Sales records

3.5.7.1 Includes

Records relating to event and merchandise sales and purchases including but not limited to date of the order, details of the event/merchandise booked, sold or purchased, the amount due, the contact and payment details of the purchaser including credit card number/credit card security number, direct debit or bank transfer (account holder, number and sort code) information and receipts.

3.5.7.2 Source of the data

We obtain this data from you; we generate this data about you.

3.5.7.3 Why we process it

To process payments for events and merchandise.

3.5.7.4 How long we keep this data

Six years from end of the financial year in which the transaction occurred.

3.5.7.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you; processing is necessary in order to take steps at your request prior to entering a contract.

3.5.8 Supplier, contractor and customer information

3.5.8.1 Includes

Supplier, contractor and customer information including names, contact details, communications with contractors, details of contracts, tender information, works undertaken, items purchased, invoicing arrangements, VAT numbers and payments made, banking details, information about the selection of contractors and suppliers, including information about the quality and/or value of the work or products.

3.5.8.2 Source of the data

We obtain this data from you; we generate this data about you.

3.5.8.3 Why we process it

As part of the College's normal operations and dealings with its suppliers and contractors.

3.5.8.4 How long we keep this data

In the case of transaction records, six years from end of the financial year in which the work was completed. Where information is required for VAT purposes we retain records in line with our obligations to retain VAT records which can be 6 years or 10 years in some cases. In the case of information about the selection of contractors/suppliers, including information about the quality and/or value of the work or products, we will retain this whilst you remain a supplier or potential future supplier to the College.

3.5.8.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you; processing is necessary in order to take steps at your request prior to entering a contract; processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.5.8.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in engaging suppliers and contractors that meet its required standards.

3.6 IT

3.6.1 Incident logs

3.6.1.1 Includes

Firewall, security and PC misuse incident log files consisting of the date and time of incident, which user (name and/or user name), details of the incident and any consequential action taken.

3.6.1.2 Source of the data

We generate this data about you.

3.6.1.3 Why we process it

In the course of maintaining the College's networks, protecting their integrity, investigating computer misuse and to minimise the risk of misuse recurring. Such records might also be used for disciplinary purposes where staff or students have breached College policies.

3.6.1.4 How long we keep this data

6 years from the date we learn of the incident.

3.6.1.5 Our lawful basis for processing

3.6.1.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining the integrity of its systems, to investigate misuse and taking action to prevent misuse recurring. Keeping such records is also necessary to comply with the College's security and accountability obligations under data protection laws.

3.6.1.7 Criminal conviction and or criminal allegation grounds

The processing is necessary for purposes of the prevention or detection of an unlawful act and must be carried out without the consent of the data subject, so as not to prejudice those purposes.

3.6.2.1 Includes

Login information for students, staff, fellows and visitors consisting of time, date and duration of login, username and name of person logging in, their university card number, IP and MAC addresses associated with login, records of which users have printed documents and at what time/date, details of any charges for printing. We also hold records of the level of access permission users have to the system and which areas (e.g. staff, student, visitor, administrator). We also hold encrypted / obfuscated password information and records of internet usage (including records of sites visited, time and date of visit).

3.6.2.2 Source of the data

We obtain this data from you; we generate this data about you.

3.6.2.3 Why we process it

As a necessary part of the management and operation of our systems and controlling who has access to them. In cases of misconduct or copyright abuse such records might also be used as part of any investigation or staff/student disciplinary action. Records of internet usage are required to assist with troubleshooting and determining which users are affected by a security incident. They are also required to monitor and/or prevent: malicious network traffic; -suspected access of illegal materials, alleged copyright infringement and/or violations of University or College IT or disciplinary regulations. Encrypted password information is held to enable users to login to our systems with their password.

3.6.2.4 How long we keep this data

Login information and internet use logs are retained for 12 months. Password and access level information is retained for as long as you are entitled to use our systems (e.g. whilst you are a student or staff member).

3.6.2.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms. Processing is necessary for compliance with a legal obligation. In the case of staff and students, processing is necessary for performance of our contract with you.

3.6.2.6 Details relating to lawful basis (where applicable)

The College has legitimate interest in keeping records of who has accessed its systems, websites visited and activity to assist with IT security and in taking disciplinary action under its contracts with staff or students if appropriate. Keeping such records and monitoring activity is also necessary to comply with the College's security and accountability obligations under data protection laws.

3.6.2.7 Criminal conviction and or criminal allegation grounds

The processing is necessary for purposes of the prevention or detection of an unlawful act and must be carried out without the consent of the data subject, so as not to prejudice those purposes.

3.6.3 Support logs

3.6.3.1 Includes

IT support logs and records consisting of user names/contact information, dates and times of requests/problems, details of requests and details of steps taken and resolution of requests.

3.6.3.2 Source of the data

We generate this data about you.

3.6.3.3 Why we process it

In the normal course of operating and maintaining our systems.

3.6.3.4 How long we keep this data

IT support logs are retained for 12 months.

3.6.3.5 Our lawful basis for processing

3.6.3.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in keeping such records to help it maintain the functioning and security of its systems. Keeping such records is also necessary to comply with the College's security and accountability obligations under data protection laws.

3.6.4 Telephony

3.6.4.1 Includes

Records of telephone calls made and received (records of numbers called to/from, duration of calls).

3.6.4.2 Source of the data

We obtain this data from you.

3.6.4.3 Why we process it

The data is provided to us by providers of telephone services (mobile and landline) to the College. We use this data to ensure we have been invoiced correctly by the provider, and to check that College provided telephones are being used in accordance with College policy.

3.6.4.4 How long we keep this data

Records are retained for 12 months.

3.6.4.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.6.4.6 Details relating to lawful basis (where applicable)

We have a legitimate interest in the proper and efficient administration of College telephones and in ensuring they are being used correctly.

3.7 SECURITY

3.7.1 Accidents

3.7.1.1 Includes

Accident records containing information about the date and nature of the accident, who was involved, who witnessed it and any steps taken concerning it.

3.7.1.2 Source of the data

We generate this data about you.

3.7.1.3 Why we process it

So that we have a record of accidents occurring on College premises. In some cases the College also has a legal obligation to record and report accidents to the relevant regulatory authority.

3.7.1.4 How long we keep this data

Five years from the date of the accident.

3.7.1.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms. The processing is necessary for compliance with a legal obligation.

3.7.1.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in creating and retaining records of accidents on College premises to assist with its management of health and safety risks. In some cases the College is obliged to record and report accidents under the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013.

3.7.1.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.7.1.8 Special category - details of public interest etc.

The processing is necessary for the protection of members of the public from any potential health and safety risks, and must be carried out without the consent of the individual so as not to prejudice such protection. Processing to record and report relevant accidents is (where a legal obligation is imposed on the College) in the substantial public interest and pursuant to the exercise of a function conferred on a person by an enactment.

3.7.2 CCTV

3.7.2.1 Includes

CCTV recordings and still images taken from recordings, records of who has accessed the CCTV images and recordings and the reason for accessing them.

3.7.2.2 Source of the data

We obtain this data from the University of Oxford.

3.7.2.3 Why we process it

We hold recordings of CCTV footage for a limited period for the purpose of providing safety and security on campus and to assist with the prevention and detection of crime or other unlawful activity [INCLUDE IF APPLICABLE- SEE NOTE IN DRAFT PRIVACY NOTICE [including misconduct as an employee or student]. Where an incident is recorded we may need to capture images for the purposes of any investigation by the College or police.

3.7.2.4 How long we keep this data

For six months.

3.7.2.5 Our lawful basis for processing

3.7.2.6 Details relating to lawful basis (where applicable)

The College, its members and visitors have a legitimate interest in being in a safe and secure environment. Logs of who has accessed the recordings and their reason for accessing them are recorded to comply with the College's security and accountability obligations under data protection law.

3.7.2.7 Criminal conviction and or criminal allegation grounds

The processing is necessary for purposes of the prevention or detection of an unlawful act and must be carried out without the consent of the data subject, so as not to prejudice those purposes.

3.7.3 Communications concerning medical emergencies

3.7.3.1 Includes

Informing emergency contacts about any medical emergency.

3.7.3.2 Source of the data

We obtain this data from you and/or others who have information about you, depending on the nature of the emergency.

3.7.3.3 Why we process it

To ensure your safety and medical well-being.

3.7.3.4 How long we keep this data

Whilst you are a registered student.

3.7.3.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.3.6 Details relating to lawful basis (where applicable)

The College and its students have a legitimate interest in emergency contacts being made aware in the event of a medical emergency.

3.7.3.7 Special category grounds

We require your explicit consent to acquire and retain this data.

3.7.4 Contractors' details

3.7.4.1 Includes

College security holds contact details for contractors working on College premises, and information about the contract they are working on.

3.7.4.2 Source of the data

We obtain this data from you.

3.7.4.3 Why we process it

So that we may contact those working on College premises to discuss the work they are undertaking, or in an emergency.

3.7.4.4 How long we keep this data

Whilst work is ongoing or the need for further work involving you is anticipated.

3.7.4.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.4.6 Details relating to lawful basis (where applicable)

The College and its contractors have a legitimate interest in being able to communicate about the work they are undertaking, or in an emergency.

3.7.5 Keys and access cards

3.7.5.1 Includes

Records of keys and access cards/fobs issued, including the name of the person to whom the key/fob has been issued and the identity number of the fob.

3.7.5.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you.

3.7.5.3 Why we process it

So that we have a record of who holds keys and access cards/fobs to support College security arrangements.

3.7.5.4 How long we keep this data

For as long as you hold the key/card/fob.

3.7.5.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.5.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining the security of its premises.

3.7.6 Location and emergency contacts

3.7.6.1 Includes

The College holds contact information for students, emergency contacts (e.g. next of kin) and staff and bedroom numbers for students.

3.7.6.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you. We generate this data about you.

3.7.6.3 Why we process it

So that we can contact staff, students or their nominated emergency contacts in case of an emergency.

3.7.6.4 How long we keep this data

Whilst you are a registered student.

3.7.6.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.6.6 Details relating to lawful basis (where applicable)

The College, its staff and students have a legitimate interest in being able to communicate with each other in case of an emergency.

3.7.7 Mail delivery

3.7.7.1 Includes

Names and addresses for delivery of mail and other items, including Parcel receipt and management records: containing names of recipient, location of parcel and who signed for it.

3.7.7.2 Source of the data

We generate this data about you.

3.7.7.3 Why we process it

To help you receive your mail.

3.7.7.4 How long we keep this data

For six months.

3.7.7.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.7.6 Details relating to lawful basis (where applicable)

The College and its members have legitimate interests in receiving deliveries, and in maintaining records to help reduce the risk of deliveries being lost after receipt at the College.

3.7.8 Medical emergencies

3.7.8.1 Includes

Emergency medical information about students may be held by College security.

3.7.8.2 Source of the data

We obtain this data from you.

3.7.8.3 Why we process it

Where students inform us of a medical condition and/or disability that might be of assistance to us if they have a medical emergency.

3.7.8.4 How long we keep this data

Whilst you are a registered student.

3.7.8.5 Our lawful basis for processing

Processing is necessary to protect your vital interests, or someone else's. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.8.6 Details relating to lawful basis (where applicable)

The College and its students have a legitimate interest in the College holding information which might help treat or prevent a medical emergency.

3.7.8.7 Special category grounds

Processing is necessary to protect someone's vital interests where you are incapable of giving consent.

3.7.9 Parking access

3.7.9.1 Includes

Where appropriate: parking access request form containing the applicant's name and any declaration or supporting evidence that the applicant has a disability,

3.7.9.2 Source of the data

We obtain this data from you; we generate this data about you.

3.7.9.3 Why we process it

So that we can consider applications for a parking space and decide whether to provide a space to applicants.

3.7.9.4 How long we keep this data

For as long as you have the parking space.

3.7.9.5 Our lawful basis for processing

3.7.9.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in supporting staff with disabilities who may have particular need of parking spaces, and taking account of its obligations to make reasonable adjustments.

3.7.9.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.7.9.8 Special category - details of public interest etc.

Where it processes special category data for these purposes, the College is processing such information for the purpose of complying with its duties under the Equality Act 2010 and is necessary for the purposes of preventing a breach of that legislation. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equality and discrimination, including the obligation to make reasonable adjustments. The processing must be carried out without the individual's consent, so as to avoid prejudice to the College's legal obligations if such consent were to be withdrawn.

3.7.10 Pigeon holes

3.7.10.1 Includes

Pigeon hole management records, consisting of the names of pigeon hole holders.

3.7.10.2 Source of the data

We generate this data about you.

3.7.10.3 Why we process it

To assist with delivering post and other items to pigeon holes.

3.7.10.4 How long we keep this data

For as long as you have the pigeon hole.

3.7.10.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.10.6 Details relating to lawful basis (where applicable)

The College and its members have a legitimate interest in operating a pigeon hole system to assist with the efficient delivery of post and similar items.

3.7.11 Punt bookings

3.7.11.1 Includes

Punt booking records consisting of the date and time of booking, the name and purpose of booking.

3.7.11.2 Source of the data

We obtain this data from you; we generate this data about you.

3.7.11.3 Why we process it

To assist with administration and security of College punts.

3.7.11.4 How long we keep this data

For six months.

3.7.11.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.11.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in providing access to its punts.

3.7.12 Room bookings

3.7.12.1 Includes

Room bookings consisting of room, date/time, booking description and the identity of the person/society/organisation booking the room. Records of requests and bookings for rooms, including records of any decisions the College makes pursuant to its obligation to take such steps as are reasonably practicable to ensure that freedom of speech within the law is secured for members, students and employees of the College and for visiting speakers.

3.7.12.2 Source of the data

We obtain this data from you; we generate this data about you.

3.7.12.3 Why we process it

As part of the system for providing College rooms and facilities to members of the College.

3.7.12.4 How long we keep this data

Until 12 months after the date of the event.

3.7.12.5 Our lawful basis for processing

3.7.12.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in making its rooms available to members of the College to enable events to be held.

3.7.12.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.7.12.8 Special category - details of public interest etc.

3.7.12.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.7.12.10 Criminal conviction and or criminal allegation grounds further information

Where it processes criminal convictions/allegations of criminal activity data for these purposes, the College is exercising functions conferred under the the Education (No 2) Act 1986. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning freedom of speech within the law.

3.7.13 Security access records

3.7.13.1 Includes

Security access records for staff, students and visitors (e.g. conference delegates, contractors). This includes your name and potentially any identity number (e.g. linked to your key swipe card or fob, including your university card number) and/or vehicle registration number. This information is also linked to our records of the timing of your access to any of our buildings or offices generated manually when you sign in with us and electronically by our key swipe card/fob system. We also hold records of the access rights that individual key holders have.

3.7.13.2 Source of the data

We generate this data about you.

3.7.13.3 Why we process it

We process this information to assist with security of College premises, so that we have records of who is on the premises in the event of a fire or similar emergency, to prevent unauthorised access to College premises and to assist with issuing replacement keys, cards and fobs.

3.7.13.4 How long we keep this data

For six months.

3.7.13.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.7.13.6 Details relating to lawful basis (where applicable)

The College, its members and visitors have a legitimate interest in implementing such measures to help maintain College safety and security.

3.8 STUDENTS

3.8.1 Academic choices and options

3.8.1.1 Includes

Records of any decisions that you tell us about regarding your course, such as options you wish to take, or if you decide to change or withdraw from your course, intermit or suspend your studies. Records of any decisions we make about your wishes, such as whether to allow you to take options, change your course or suspend your studies.

3.8.1.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.1.3 Why we process it

In order to consider and make decisions about your requests.

3.8.1.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student. Where the data has been added to the College archives, it will be retained permanently.

3.8.1.5 Our lawful basis for processing

3.8.1.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in being able to make decisions about your requests in accordance with its regulations and procedures.

3.8.2 Academic contract

3.8.2.1 Includes

Information about your contractual terms and conditions, personal tutor, university card number, contact details and any carer responsibilities that you tell us about.

3.8.2.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.2.3 Why we process it

So that we are able to deliver your course and can take account of your circumstances when we deliver it.

3.8.2.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student. Where the data has been added to the College archives, it will be retained permanently.

3.8.2.5 Our lawful basis for processing

3.8.2.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in being able to take account of relevant circumstances when providing your course.

3.8.3 Accommodation and licences to occupy

3.8.3.1 Includes

Details of your accommodation tenancy or licence agreement, including the duration of your occupancy, payments you have made and decisions about accommodation applications and room allocation.

3.8.3.2 Source of the data

We generate this data about you.

3.8.3.3 Why we process it

In order to provide you with accommodation.

3.8.3.4 How long we keep this data

Records relating to accommodation tenancy or licence agreements will be retained for 6 years after the end of the academic year when your tenancy or licence ends.

3.8.3.5 Our lawful basis for processing

3.8.3.6 Details relating to lawful basis (where applicable)

The College and its residents have a legitimate interest in the College providing accommodation and operating it efficiently and safely.

3.8.4 Accommodation details

3.8.4.1 Includes

Other records relating to your accommodation, for example your contact information, accommodation requests and preferences, booking forms for students and guests, records of any family members or dependants who occupy the accommodation, records of overnight guests, lost property records, rental of fridges, records of your accommodation inventory and of the condition/cleanliness of your accommodation throughout your occupancy.

3.8.4.2 Source of the data

We obtain this data from you.

3.8.4.3 Why we process it

In order to provide you with accommodation and related services and so that we have records for safety purposes of who is in College premises.

3.8.4.4 How long we keep this data

These records will be retained for six months after your tenancy or licence ends.

3.8.4.5 Our lawful basis for processing

3.8.4.6 Details relating to lawful basis (where applicable)

The College and its residents have a legitimate interest in the College providing accommodation and operating it efficiently and safely.

3.8.5 Admissions

3.8.5.1 Includes

Contextual admissions information for undergraduate admissions (relating to information about your school performance, postcode and care background).

3.8.5.2 Source of the data

We obtain this data from the University of Oxford.

3.8.5.3 Why we process it

The role of contextual admissions data is explained more fully on the University's website, but is taken into account when deciding whether to invite applicants for interview (in addition to candidates who have met the usual departmental admissions criteria): https://www.ox.ac.uk/admissions/undergraduate/applying-to-oxford/decisions/contextual-data?wssl=1

3.8.5.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student. Where the data has been added to the College archives, it will be retained permanently. In both cases, please note that if you participated in an outreach programme, such data may also be held on the Higher Education Achievement Tracker, operated by the University. An explanation of what is held on HEAT and for how long it is retained on that system is available here: http://www.ox.ac.uk/about/increasing-access/widening-access-and-participation/heat and http://www.heat.ac.uk/

3.8.5.5 Our lawful basis for processing

3.8.5.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in ensuring that people from a range of backgrounds have the opportunity to attend the College. Under relevant legislation the University is required to adhere to the agreement it has with the Office for Fair Access / Office for Students, which includes the use of contextual data in the undergraduate admissions process.

3.8.6 Archive and research information

3.8.6.1 Includes

Data listed in this table that we hold after the end of your contract with us, including data that we hold permanently for archiving and research purposes.

3.8.6.2 Source of the data

We obtain this data from you or from third parties such as the University. We generate this data.

3.8.6.3 Why we process it

In order to provide references, and so that we have a record if required by a regulator, for archiving and research purposes and/or for the purposes of legal claims.

3.8.6.4 How long we keep this data

See periods listed elsewhere in this table.

3.8.6.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.6.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in being able to provide references to its students and former students, and in being able to provide information to regulators, and/or defend or make legal claims. The College also has a legitimate interest in maintaining an archive of its activities as part of a long established university with a strong identity, history and research tradition, and in maintaining such records for future research.

3.8.6.7 Special category grounds

Processing is necessary for the establishment, exercise or defence of legal claims. Processing is necessary for archiving in the public interest, and/or for historical research purposes.

3.8.6.8 Special category - details of public interest etc.

3.8.6.9 Criminal conviction and or criminal allegation grounds

Processing is necessary for the establishment, exercise or defence of legal claims. Processing is necessary for archiving in the public interest, and/or for historical research purposes.

3.8.6.10 Criminal conviction and or criminal allegation grounds further information

3.8.7 Attendance and academic records

3.8.7.1 Includes

Your dates of attendance, course of study and outcome of your studies, results of College examinations ("collections"), University examinations, and College and University assessments, awards, scholarships and prizes conferred. Records of your student status, including whether you are on the visiting student programme and whether you are a full-time or part-time student. Records of your name, gender/preferred title, official head-shot/passport style photograph.

3.8.7.2 Source of the data

We generate this data about you; we obtain this data from the University of Oxford.

3.8.7.3 Why we process it

So that we have a record of your results, as a record of your academic progression and if we are later asked for a reference or verification of your attendance. So that we can administer and provide your course.

3.8.7.4 How long we keep this data

Permanently.

3.8.7.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you; processing is necessary for the performance of a task carried out in the public interest. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.7.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in processing this data so that it can deliver your course. Where we keep information for the purposes of the College archive, the College has a legitimate interest in maintaining a record of who has attended, the results, awards, prizes and scholarships that were awarded, so that it may provide references and verify attendance and as part of its historic archives.

3.8.8 Bookings for rooms and facilities

3.8.8.1 Includes

Records of requests and bookings for rooms and facilities for events held by students/student societies, including records of any decisions the College makes pursuant to its obligation to take such steps as are reasonably practicable to ensure that freedom of speech within the law is secured for members, students and employees of the College and for visiting speakers.

3.8.8.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.8.3 Why we process it

As part of the system for providing College facilities to students and student societies.

3.8.8.4 How long we keep this data

Records will be retained for one year from the date on which a decision is made.

3.8.8.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms. Processing is necessary for the performance of a task carried out in the public interest. Processing is necessary for compliance with a legal obligation.

3.8.8.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in ensuring that such requests and bookings are considered pursuant to its procedures and in accordance with relevant legislation. The College has a legal obligation under the Education (No 2) Act 1986 to take such steps as are reasonably practicable to ensure that freedom of speech within the law is secured for members, students and employees of the College and for visiting speakers.

3.8.8.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.8.8.8 Special category - details of public interest etc.

Where the College processes special category data for these purposes, the processing is necessary for the prevention of a breach of its obligations under the Education (No 2) Act 1986. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning freedom of speech within the law. The processing is also necessary for the exercise of a protective function. In both cases, the processing must be carried out without consent so as not to prejudice those purposes.

3.8.8.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.8.8.10 Criminal conviction and or criminal allegation grounds further information

3.8.9 Criminal records

3.8.9.1 Includes

Details of any criminal records that you declare to us on your application, or during your studies, or of any criminal incidents or allegations concerning you reported to us by anyone else. Where applicable, details of any Disclosure and Barring Service Checks about you obtained prior to or during your studies.

3.8.9.2 Source of the data

We obtain this data from you. We generate this data about you. We may obtain this data from third parties.

3.8.9.3 Why we process it

So that the College is a safe and secure environment.

3.8.9.4 How long we keep this data

Where criminal convictions, incidents or allegations are declared or reported to us, we will retain this data for 6 years after the end of the academic year when you cease to be a registered student. Where this data is retained in our archives, where criminal convictions, incidents or allegations are declared or reported to us, we will retain this data permanently. In both cases, where we require a Disclosure and Barring Service check to be carried out, we will retain the DBS certificate information for 6 months from the date the certificate is received and a skeleton record that the check was satisfactory or unsatisfactory passed will be kept on your College file permanently.

3.8.9.5 Our lawful basis for processing

3.8.9.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in requiring DBS checks to be carried out where its students are or may be engaged in regulated activity with children or vulnerable adults.

3.8.9.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.8.9.8 Special category - details of public interest etc.

Where the College processes special category data for these purposes, the processing is necessary for the prevention of a breach of its obligations under health and safety legislation. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equality and to make reasonable adjustments, and to comply with its health and safety obligations. The processing is also necessary for the exercise of a protective function. In both cases, the processing must be carried out without consent so as not to prejudice those purposes.

3.8.9.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.8.9.10 Criminal conviction and or criminal allegation grounds further information

3.8.10 Cultural activity records and photographs

3.8.10.1 Includes

Records of College cultural life: photographs and written records of teams, choirs, clubs and societies, plays and performances, of participation in events and sporting fixtures and of the outcomes.

3.8.10.2 Source of the data

We obtain this data from you We generate this data about you We obtain this data from third parties.

3.8.10.3 Why we process it

To allow the College's cultural life to function and flourish, and in order to maintain a record of College life, which may be relevant to you individually (for example if you later request a reference from us), and which is also part of the College's own archive record of what its members have achieved over time.

3.8.10.4 How long we keep this data

Records will be retained within College archives permanently.

3.8.10.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.10.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in maintaining a record of its cultural life, including for researchers and future students.

3.8.11 Degree ceremonies

3.8.11.1 Includes

Records relating to degree ceremonies; attendees, catering requirements, names of your guests.

3.8.11.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.11.3 Why we process it

In order to provide and operate degree ceremonies.

3.8.11.4 How long we keep this data

These records will be retained for one year from the date on which the ceremony took place and then held in the College archive permanently.

3.8.11.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.8.12.1 Includes

Disciplinary, harassment or grievance records if a disciplinary, harassment, grievance or other complaint is made by you or about you to the College, including records of any investigation and / or decision that we take, and of any appeals process.

3.8.12.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you. We generate this data about you. We obtain this data from third parties.

3.8.12.3 Why we process it

So that the College can maintain appropriate standards of conduct and behaviour for the benefit of all its members and visitors.

3.8.12.4 How long we keep this data

Disciplinary, harassment or grievance records about you will be retained for 6 years after the end of the academic year when you cease to be a registered student. If the information is included in the College archive, it will be permanently retained.

3.8.12.5 Our lawful basis for processing

3.8.12.6 Details relating to lawful basis (where applicable)

The College, its staff and students have a legitimate interest in the College being able to operate disciplinary, harassment and grievance procedures in accordance with its procedures.

3.8.12.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.8.12.8 Special category - details of public interest etc.

Where the College processes special category data for these purposes, the processing is necessary for the prevention of a breach of its obligations under the Equality Act 2010. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equality and to make reasonable adjustments. The processing is also necessary for the exercise of a protective function. In both cases, the processing must be carried out without consent so as not to prejudice those purposes.

3.8.12.9 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.8.12.10 Criminal conviction and or criminal allegation grounds further information

Where the College processes special category data for these purposes, the processing is necessary for the prevention of a breach of its obligations under the Equality Act 2010. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equality and to make reasonable adjustments. The processing is also necessary for the exercise of a protective function. In both cases, the processing must be carried out without consent so as not to prejudice those purposes.

3.8.13 Emergency contacts

3.8.13.1 Includes

Emergency contact details

3.8.13.2 Source of the data

We obtain this data from you.

3.8.13.3 Why we process it

So that we are able to contact people close to you in the event of an emergency.

3.8.13.4 How long we keep this data

For 6 years after the end of the academic year when you cease to be a registered student.

3.8.13.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.13.6 Details relating to lawful basis (where applicable)

The College and its students have a legitimate interest in the College being able to contact someone you nominate for emergency situations.

3.8.14 Employment with the College

3.8.14.1 Includes

Records of student helpers/hosts at open days, consisting of the name and contact details of the helper/host, records of any hours worked and records of any payments or other benefits paid by the College.

3.8.14.2 Source of the data

We obtain this data from you.

3.8.14.3 Why we process it

So that we have records of which students act as hosts on open days and can administer our open days and can make payments/provide other benefits to student hosts/helpers.

3.8.14.4 How long we keep this data

3.8.14.5 Our lawful basis for processing

Where there is a contract, processing is necessary for performance of our contract with you. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.14.6 Details relating to lawful basis (where applicable)

The College and prospective students attending open days have a legitimate interest in current students acting as hosts, to give prospective students an insight into College life.

3.8.15 Ethnicity, ethical and equality

3.8.15.1 Includes

Information about your ethnicity, health, religion or philosophical beliefs and/or sexuality processed for the purposes of identifying or keeping under review the existence or absence of equality of opportunity or treatment, with a view to enabling such equality to be promoted or maintained.

3.8.15.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you.

3.8.15.3 Why we process it

For equality monitoring purposes.

3.8.15.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student, unless we retain the data in the College archive, when it will be retained permanently.

3.8.15.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.15.6 Details relating to lawful basis (where applicable)

The College and its students have a legitimate interest in monitoring and promoting equality of opportunity.

3.8.15.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.8.15.8 Special category - details of public interest etc.

The processing is necessary for equality of opportunity or treatment purposes in accordance with the conditions and safeguards specified in the Data Protection Act 2018, with a view to promoting or maintaining such equality.

3.8.16 Fee status

3.8.16.1 Includes

Your fee status (e.g. home, EU, or international) and associated information about your country of residence, the amount of your fees and funding information including your financial declaration, details of any guarantee from parents or others, any supporting information you provide about funding (e.g. loans, grants, sponsorship and/or self-funding resources, including copies of evidence you submit) and decisions that we make in light of that information.

3.8.16.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you. We generate this data about you. We obtain this data from third parties (e.g. parents, sponsors, guarantors).

3.8.16.3 Why we process it

In order to determine the fees you are required to pay and to confirm that you will be able to meet the requirement to pay fees.

3.8.16.4 How long we keep this data

For 6 years after the end of the academic year when you cease to be a registered student. Where the information has been retained in the College archives, permanently. Records relating to US loans will be held for 10 years.

3.8.16.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms. Processing is necessary for compliance with a legal obligation. US loan information is retained for ten years on the grounds that the College has a legitimate interest in retaining these records so that it can assist you should the need arise.

3.8.16.6 Details relating to lawful basis (where applicable)

Legislation determines to an extent the level of fees you are required to pay, based on your country of residence. The College has a legitimate interest in being able to satisfy itself that students have appropriate arrangements are in place to meet the costs of their course and living expenses.

3.8.17 Financial records

3.8.17.1 Includes

Financial information including your contact information and details of invoicing and payment (including payment information such as credit card or banking payment information) of "battels", namely: College fees, accommodation, deposits, food and drink, laundry, use of sporting and other facilities as we have arranged with you.

3.8.17.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.17.3 Why we process it

In order to provide your course, accommodation and associated services.

3.8.17.4 How long we keep this data

In the case of transaction records, six years from end of the academic year in which you cease to be a student. Where information is required for VAT purposes we retain records in line with our obligations to retain VAT records which can be 6 years or 10 years in some cases. Where information is retained in the College Archives, it will be retained indefinitely.

3.8.17.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.8.18 Financial support

3.8.18.1 Includes

3.8.18.2 Source of the data

We obtain this data from you. We generate this data about you. We may receive decisions from third parties that provide financial support.

3.8.18.3 Why we process it

In order to make decisions about financial support and to ensure that the College is encouraging and supporting participation by talented people from all backgrounds.

3.8.18.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student. Where the data has been added to the College archives, it will be retained permanently.

3.8.18.5 Our lawful basis for processing

3.8.18.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in receiving, considering and making decisions about financial support in the interests of its students.

3.8.19 Health and dietary records

3.8.19.1 Includes

Information about your health, dietary requirements and/or disabilities, and records of decisions we make taking that information into account.

3.8.19.2 Source of the data

We obtain this data from the University of Oxford; we obtain this data from you; and we obtain this data from third parties, such as medical professionals that you ask to provide us with information.

3.8.19.3 Why we process it

When we consider what reasonable adjustments to make on your behalf to our provision of accommodation, catering or teaching or we need to take account of any dietary requirements you have (whether for medical or belief reasons), or where there is a medical emergency, and any decisions that we take as a result.

3.8.19.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student, unless we retain the data in the College archive, when it will be retained permanently.

3.8.19.5 Our lawful basis for processing

3.8.19.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in taking such information into account when it makes decisions that may affect your health, well-being or ability to participate. Processing is also necessary for compliance with equality law, and/or food safety law.

3.8.19.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.8.19.8 Special category - details of public interest etc.

Where the College processes special category data for these purposes, the processing is necessary for the prevention of a breach of its obligations under the Equality Act 2010 and/or under health and safety legislation. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equality and to make reasonable adjustments, and to comply with its health and safety obligations. The processing is also necessary for the exercise of a protective function. In both cases, the processing must be carried out without consent so as not to prejudice those purposes.

3.8.20 Legal compliance records

3.8.20.1 Includes

3.8.20.2 Source of the data

We generate this data about you.

3.8.20.3 Why we process it

So that we have a record of information supplied, both in the interests of good administration and also to meet legal and regulatory requirements.

3.8.20.4 How long we keep this data

These records will be retained for a period of 6 years from the date generated for compliance purposes unless there is compelling justification for the data to be retained for a longer period (for example in connection with legal advice, or in relation to auditing obligations).

3.8.20.5 Our lawful basis for processing

Processing is necessary for compliance with a legal obligation.

3.8.20.6 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.8.20.7 Special category - details of public interest etc.

Where it processes special category data for these purposes, the College is exercising functions conferred under legislation and/or complying with regulatory requirements. The processing is necessary for reasons of substantial public interest, namely the requirement for the College to comply with its statutory and legal obligations.

3.8.20.8 Criminal conviction and or criminal allegation grounds

The processing meets a condition in Part 2 of Schedule 1 to the Data Protection Act 2018.

3.8.20.9 Criminal conviction and or criminal allegation grounds further information

3.8.21 Library records

3.8.21.1 Includes

Library access and book records, overdue book records, records of library cards and library fines.

3.8.21.2 Source of the data

We generate this data about you.

3.8.21.3 Why we process it

To operate College library facilities.

3.8.21.4 How long we keep this data

These records will be retained for a period of one year from the date of closure of your library account.

3.8.21.5 Our lawful basis for processing

3.8.21.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in being able to operate its library and collect fines in accordance with its regulations and procedures.

3.8.22 Mailing lists about events

3.8.22.1 Includes

Mailing lists informing you about events and other information about the College and University.

3.8.22.2 Source of the data

We generate this data about you.

3.8.22.3 Why we process it

To enable students to participate in College events.

3.8.22.4 How long we keep this data

Your email contact data will be removed from mailing lists within three months of the date on which you cease to be a registered student at the College.

3.8.22.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.22.6 Details relating to lawful basis (where applicable)

The College and its students have a legitimate interest that students are notified of information about the College and University (for example, events).

3.8.23 Marketing and outreach information

3.8.23.1 Includes

Student information that appears in marketing and outreach materials, such as photographs of students and quotations about their experience, records of any students that participate in outreach activity.

3.8.23.2 Source of the data

We obtain this data from you.

3.8.23.3 Why we process it

To promote the College to potential applicants.

3.8.23.4 How long we keep this data

Permanently. Student information may be transferred to College archives for purposes in the public interest, or for historical research purposes as a record of College life.

3.8.23.5 Our lawful basis for processing

You have given your consent to the processing for one or more specific purposes.

3.8.24 Meal bookings

3.8.24.1 Includes

Meal bookings and attendance.

3.8.24.2 Source of the data

We obtain this data from you.

3.8.24.3 Why we process it

So that we may provide catering services to students and invoice them correctly for the services provided.

3.8.24.4 How long we keep this data

For 3 months after the end of the academic year when you cease to be a registered student.

3.8.24.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.8.25 Medical records

3.8.25.1 Includes

Records of consultations and any medical treatment or advice given by the College nurse.

3.8.25.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.25.3 Why we process it

To enable the College to look after your well-being and welfare.

3.8.25.4 How long we keep this data

For 3 years after the end of the academic year when you cease to be a registered student, or when you reach age 21, whichever is later.

3.8.25.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.25.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in making a College nurse available to provide basic medical advice and treatment to its students.

3.8.25.7 Special category grounds

Processing is necessary for health purposes under the Data Protection Act 1988.

3.8.26 Meeting attendance

3.8.26.1 Includes

Records of attendance at and participation in College committee meetings.

3.8.26.2 Source of the data

We generate this data about you.

3.8.26.3 Why we process it

Where you are a student member of a College committee, we may record your attendance and details of your involvement in the meeting minutes and in internal communications.

3.8.26.4 How long we keep this data

A permanent record will be retained in the College archive where your attendance and comments are recorded in committee minutes. Other records will be held for 6 years after the end of the academic year when you cease to be a registered student.

3.8.26.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.26.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in having student representatives on certain committees, and it is necessary to process your data for those committees to function properly.

3.8.27 Opt-outs

3.8.27.1 Includes

Records of students who have opted out of public display of their results/scholarships/awards/prizes.

3.8.27.2 Source of the data

We obtain this data from you.

3.8.27.3 Why we process it

In order to comply with student requests.

3.8.27.4 How long we keep this data

For 3 months after the end of the academic year when you cease to be a registered student.

3.8.27.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for compliance with a legal obligation.

3.8.28 Passport records for trips and events

3.8.28.1 Includes

Passport records for overseas trips and events.

3.8.28.2 Source of the data

We obtain this data from you.

3.8.28.3 Why we process it

Where the College organises an event abroad (for example a College Choir event).

3.8.28.4 How long we keep this data

For 3 months after the date on which you return from the overseas event/trip.

3.8.28.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.28.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in arranging cultural events abroad.

3.8.28.7 Special category grounds

We require your explicit consent to acquire and retain this data.

3.8.29 Performance and attendance

3.8.29.1 Includes

Records of student performance and attendance, including records of student self-assessment.

3.8.29.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.29.3 Why we process it

To help develop and guide you during your studies, our tutors monitor and assess your contributions in tutorials, including your written work, provide feedback and may ask you to self-assess your progress.

3.8.29.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student, unless we retain the data in the College archive, when it will be retained permanently.

3.8.29.5 Our lawful basis for processing

3.8.29.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in keeping such records to help develop and guide students during their studies.

3.8.30 Prizes, scholarships, bursaries

3.8.30.1 Includes

Records concerning nominations and decisions to confer prizes, scholarships and awards, where third party donors are not involved.

3.8.30.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.30.3 Why we process it

In order to decide who is to receive scholarships, awards or prizes.

3.8.30.4 How long we keep this data

Nomination and decision-making records will be retained for 6 years after the end of the academic year when you cease to be a registered student. A record of the award itself will be retained permanently.

3.8.30.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.30.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in making awards and awarding scholarships and prizes to students, and in fulfilling the wishes of its benefactors.

3.8.31 Prizes, scholarships, bursaries involving third parties

3.8.31.1 Includes

Records concerning nominations and decisions to confer prizes, scholarships and awards from third party donors.

3.8.31.2 Source of the data

We obtain this data from you We generate this data about you; We receive this information from third party donors.

3.8.31.3 Why we process it

In order to decide who is to receive scholarships, awards or prizes.

3.8.31.4 How long we keep this data

3.8.31.5 Our lawful basis for processing

We will only share your information with such a donor with your consent.

3.8.32 References

3.8.32.1 Includes

References we provide.

3.8.32.2 Source of the data

We generate this data about you.

3.8.32.3 Why we process it

Where we are asked to provide a reference for you.

3.8.32.4 How long we keep this data

Copies of references will be kept for six years from the date of provision of the reference. An entry noting that a reference was provided will be retained on your permanent record.

3.8.32.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.32.6 Details relating to lawful basis (where applicable)

The College, its students and the recipients of references have a legitimate interest in providing and receiving references.

3.8.33 Requests for support and assistance

3.8.33.1 Includes

Requests for assistance with academic matters, such as applications for special examination arrangements, requests for extensions to written work and submission of extenuating circumstances. Decision-making about such requests and records of actions taken.

3.8.33.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.33.3 Why we process it

We process this information and make decisions about you when you ask us to, and in accordance with the College's policies relating to such requests.

3.8.33.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student, unless we retain the data in the College archive, when it will be retained permanently.

3.8.33.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms. Processing is necessary for the performance of a task carried out in the public interest. Processing is necessary for compliance with a legal obligation.

3.8.33.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in ensuring that such requests for assistance are considered pursuant to its procedures and in accordance with relevant legislation.

3.8.33.7 Special category grounds

Substantial public interest under the UK Data Protection Act 2018.

3.8.33.8 Special category - details of public interest etc.

Where the College processes special category data for these purposes, the processing is necessary for the prevention of a breach of its obligations under the Equality Act 2010. The processing is necessary for reasons of substantial public interest, namely that the College must comply with its statutory obligations concerning equality and to make reasonable adjustments. The processing is also necessary for the exercise of a protective function. In both cases, the processing must be carried out without consent so as not to prejudice those purposes.

3.8.34 Research student records

3.8.34.1 Includes

Research student records, including details of your supervisor, the supervision process, examiner, College advisor, thesis title, submission and viva details and outcomes, progress reports, records of meetings about your progress.

3.8.34.2 Source of the data

We obtain this data from the University of Oxford. We generate this data about you.

3.8.34.3 Why we process it

In order to monitor your progress and make decisions about it.

3.8.34.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student. Where the data has been added to the College archives, it will be retained permanently.

3.8.34.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you.

3.8.35 Right to work

3.8.35.1 Includes

Information and copies of records confirming your entitlement to study in the UK, including records of your confirmation of acceptance for studies, passport, student visa and/or biometric residence permit, attendance records. We also have access to the University's system that shows whether you have the right to work in the UK.

3.8.35.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you.

3.8.35.3 Why we process it

So the the College can comply with its legal obligations in connection with Right to Work legislation, and can assist you in working for the College where you have the right to do so.

3.8.35.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student. Where the data has been added to the College archives, it will be retained permanently.

3.8.35.5 Our lawful basis for processing

3.8.35.6 Details relating to lawful basis (where applicable)

The College, its students and the University have a legitimate interest in the Colleges being able to provide information to the University in order to enable it to comply with immigration law obligations. In the case of right to work information, the processing is necessary for the College to comply with the requirements of UK Visas and Immigration under immigration law.

3.8.36 Student debts

3.8.36.1 Includes

Student debtor records and records of debts recovered, records of decisions we take about debts.

3.8.36.2 Source of the data

We generate this data about you.

3.8.36.3 Why we process it

In order to consider and take appropriate action. Depending on the circumstances this may include exploring alternative funding options and support that the College may offer, instalment payments, considering and implementing other measures to recover debts, such as late payment charges, disciplinary options and/or debt recovery action.

3.8.36.4 How long we keep this data

3.8.36.5 Our lawful basis for processing

3.8.36.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in being able to collect debts owed by students and former students.

3.8.37.1 Includes

Information that you submitted to UCAS and/or the University, College or any third party when you applied to study at Oxford, including your academic, employment history, predicted grades, language proficiency and personal statement; details of our admissions decision about you. Details of any references, written work or research proposals you submit as part of your application, and any records we make of your application or interview. Communications between us about your admission, including feedback we provide.

3.8.37.2 Source of the data

We obtain this data from the University of Oxford. We obtain this data from you. We generate this data about you. We may also obtain this data from schools or referees.

3.8.37.3 Why we process it

So that we have a record of our admissions decisions and can administer your application and your course. Also so that we have information and about your background and history if we are asked to provide a reference at a later date.

3.8.37.4 How long we keep this data

3.8.37.5 Our lawful basis for processing

3.8.37.6 Details relating to lawful basis (where applicable)

The College has a legitimate interest in being able to provide references to its students and former students.

3.8.38 University Fee records

3.8.38.1 Includes

We also collect University Fees on behalf of the University; the University informs us what you owe so that we may do this. We transfer the fees to the University, which then updates the record of what you owe.

3.8.38.2 Source of the data

We generate this data about you. We obtain this data from the University of Oxford.

3.8.38.3 Why we process it

We collect fees due to the University on its behalf and account to it for such fees.

3.8.38.4 How long we keep this data

3.8.38.5 Our lawful basis for processing

Processing is necessary for the performance of your contract with the University. Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.38.6 Details relating to lawful basis (where applicable)

The University has a legitimate interest in collecting fees due to it.

3.8.39 Visa applications

3.8.39.1 Includes

3.8.39.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.39.3 Why we process it

Overseas students need visas in order to attend university.

3.8.39.4 How long we keep this data

For 6 years after the end of the academic year you cease to be a registered student. Where the data has been added to the College archives, it will be retained permanently.

3.8.39.5 Our lawful basis for processing

Processing is necessary for performance of our contract with you. Processing is necessary for compliance with a legal obligation.

3.8.39.6 Special category grounds

We require your explicit consent to acquire and retain this data.

3.8.40 Welfare

3.8.40.1 Includes

Welfare records, including confidential records about requests for support and counselling, and of support and counselling provided.

3.8.40.2 Source of the data

We obtain this data from you; we generate this data about you.

3.8.40.3 Why we process it

In order to provide support and counselling services to our students.

3.8.40.4 How long we keep this data

For 6 years after the end of the academic year when you cease to be a registered student.

3.8.40.5 Our lawful basis for processing

Processing is necessary for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms.

3.8.40.6 Details relating to lawful basis (where applicable)

The College and its students have a legitimate interest in providing and having access to support and counselling services.

3.8.40.7 Special category grounds

We require your explicit consent to acquire and retain this data.

HERTFORD COLLEGE PRIVACY NOTICE

Table of Contents

1 General Information

1.0.1 About personal data

1.0.2 Hertford's contact details for personal data matters

1.0.3 The data we hold and process

1.0.4 Sharing data

1.0.5 Sharing data outside the EU

1.0.6 Automated decision-making

1.0.7 Your legal rights

1.0.8 Future changes to this privacy notice, and previous versions

2 Information for particular groups

2.1 Applicants and Prospective Students

2.1.1 Data that you provide to us and the possible consequences not providing it

2.1.2 Other sources of your data

2.1.3 Details of our processing activities, including our lawful basis for processing

2.1.4 How we share your data

2.2 Current Students

2.2.1 Data that you provide to us and the possible consequences of not providing it.

2.2.2 Other sources of your data

2.2.3 Details of our processing activities, including our lawful basis for processing

2.2.4 How we share your data

2.3 Job Applicants

2.3.1 What personal data we hold about you and how we use it

2.3.2 Categories of data that we collect, store and use include but are not limited to:

2.3.3 Data that you provide to us and the possible consequences of not providing it

2.3.4 Other sources of your data

2.3.5 Details of our processing activities, including our lawful basis for processing

2.3.6 How we share your data

2.4 Current and former Employees

2.4.1 What personal data we hold about you and how we use it

2.4.1.1 Categories of data that we collect, store and use include (but are not limited to):

2.4.2 Data that you provide to us and the possible consequences of not providing it

2.4.3 Other sources of your data

2.4.4 Details of our processing activities, including our lawful basis for processing

2.4.5 How we share your data

2.5 Attendees, organisers and those involved in conferences and events

2.5.1 What personal data we hold about you and how we use it

2.5.1.1 Categories of data that we collect, store and use include (but are not limited to):

2.5.2 Data that you provide to us and the possible consequences of not providing it

2.5.3 Other sources of your data

2.5.4 Details of our processing activities, including our lawful basis for processing

2.5.5 How we share your data

2.6 Suppliers, contractors, and those with whom we undertake financial transactions

2.6.1 Data that you provide to us and the possible consequences of not providing it

2.6.2 Other sources of your data

2.6.3 Details of our processing activities, including our lawful basis for processing

2.6.4 How we share your data

2.7 Those who come in to contact with our security systems and procedures

2.7.1 Data that you provide to us and the possible consequences of not providing it

2.7.2 Other sources of your data

2.7.3 Details of our processing activities, including our lawful basis for processing

2.7.4 How we share your data

2.8 Those who use our IT services, or telephony systems

2.8.1 Data that you provide to us and the possible consequences of not providing it

2.8.2 Other sources of your data

2.8.3 Details of our processing activities, including our lawful basis for processing

2.8.4 How we share your data

2.9 Users of our website

2.9.1 What personal data we hold about you and how we use it

2.9.2 Categories of data that we collect, store and use include (but are not limited to):

2.9.3 The lawful basis on which we process your data

2.9.4 Data that you provide to us and the possible consequences of not providing it

2.9.5 Other sources of your data

2.9.6 How we share your data

2.10 Those whose data is stored in our archive

2.10.1 Data that you provide to us and the possible consequences of not providing it

2.10.2 Other sources of your data

2.10.3 Details of our processing activities, including our lawful basis for processing

2.10.4 How we share your data and the safeguards we apply to such sharing

2.11 Alumni, Donors and Supporters

2.11.1 The Data we collect

2.11.1.1 Biographical information, which may include:

2.11.1.2 Details of our ongoing relationship and your engagement with us, which may include:

2.11.1.3 Information about your giving, which may include:

2.11.1.4 Information relating to your willingness or financial capacity to support our charitable objectives, which may include:

2.11.1.5 Sensitive personal data, which may include:

2.11.2 How we use your data

2.11.2.1 For alumni and supporter engagement:

2.11.2.2 For all fundraising and donor stewardship