About this Policy
This policy explains when and why we collect personal information, how we use it and how we keep it secure and your rights in relation to it.
We may collect, use and store your personal data, as described in this Data Privacy Policy and as described when we collect data from you.
Our business and internal computer systems are designed to comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk). For the purposes of the GDPR, we will be the “controller” of all personal data we hold about you.
We reserve the right to amend this Privacy Policy from time to time without prior notice. You are advised to check back regularly for any amendments. Amendments will never be made retrospectively.
Use of Personal Information
We only collect your personal data with your specific consent and we will hold your data in accordance with the GDPR. This table states how we will use your personal information/photographs:
- Name: will be used for agreed quotes in promotional material online and printed
- Photograph/video: to be used in promotional material online/printed and social media
How we protect your personal data
We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction.
Please note that where you are transmitting information to us over the internet this can never be guaranteed to be 100% secure.
Who else has access to the information you provide us?
We will never sell your personal data. We will not share your personal data with any third parties except where required to do so by law or as set out in the paragraph below.
We may pass your personal data to third parties who are service providers, agents and subcontractors to us for the purposes of completing tasks and providing services to you on our behalf. However, we disclose only the personal data that is necessary for the third party to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own purposes.
Data Breaches
We will report any unlawful data breach of our website’s database, along with our business and internal computer systems or the database(s) of any of our third-party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk.
How long do we keep your information?
We will hold your personal data on our systems for as long as it is in NCUK’s legitimate interest to do so or for as long as is necessary to comply with our legal obligations. We will review your personal data regularly to establish whether we are still entitled to process it. If we decide that we are not entitled to do so, we will stop processing your personal data except that we will retain your personal data in an archived form in order to be able to comply with future legal obligations e.g. compliance with tax requirements and exemptions, and the establishment exercise or defence of legal claims.
We securely destroy all information once we have used it and no longer need it.
Your rights
Under the GDPR you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.
If you have provided consent for the processing of your data, you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.
Contact details
If you have any concerns as to how your data is processed, you can contact us at ambassador@ncuk.ac.uk