Oxford Brookes University (the University) is committed to protecting the privacy and security of personal data. Personal data is information that could identify you.
The University will be the Data Controller of any personal data that you supply. This means that we will make the decisions on how your data is used and for what reasons.
The University publishes additional privacy notices applicable to other groups, facilities and activities. Subject to your circumstances, other notices may also apply to you so please read this privacy notice in conjunction with other applicable privacy notices.
Why do we need your data?
We will use your personal data to process your enquiry, to communicate with you to provide you with information relating to your enquiry, or for statistical purposes and internal reporting.
If you opt in to receive further information, we will use your personal data to inform you about our courses, events, scholarships, bursaries, services or student life. You can update your preferences at any time using our preferences form.
What is our legal basis for processing your personal data?
The legal basis for processing your personal data for responding to your enquiry is that processing is necessary for the purposes of legitimate interest pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject.
The legal basis for processing your data for marketing purposes is based on the consent of the data subject.
What types of personal data will we use?
Name, date of birth, address, email address, course of interest and year of entry.
Who will we share your data with?
Your personal data may be processed and stored by a third-party processor, on behalf of the University. If you have contacted us through Weibo or WeChat or our Chinese website, your enquiry may be shared with partners PingPong Digital. We may also share your data with relevant educational agents that are in contract with us so they can follow up on your enquiry on our behalf. You can find a list of agents we work with on our country pages.
Will we transfer your data outside of the UK?
Yes, we may. Oxford Brookes University uses Sinorbis (based in Australia) to provide associated IT Services. We have a contract in place with this partner that ensures any sharing of data is secure and compliant with data protection legislation.
We may also share your data with education agents within your country to follow up on your enquiry. You can find the lists of agents we work with on our country pages.
What rights do you have regarding your personal data that we hold?
- You have the right to be informed.
- You have the right of access to your data.
- You have the right to correct data if it is wrong.
- You have the right to ask for your data to be deleted.
- You have the right to restrict use of the data we hold.
- You have the right to data portability.
- You have the right to object to Oxford Brookes University using your data.
- You have rights in relation to using your data automated decision making and profiling.
Are there any consequences if you do not provide the requested data?
Yes, we may not be able to respond to your enquiry or effectively provide information you have requested.
Will there be any automated decision making using your data?
How long will we keep your data?
Unless you request otherwise, Oxford Brookes University will keep your data for three years after your last interaction with us. After this time your personal information will be securely deleted.
Who can I contact if I have concerns?
If you have any questions or concerns about how your personal data is being used, please contact the Information Security Management team.
- Email: firstname.lastname@example.org
In certain circumstances we may refer your query or concern to the University Data Protection Officer (DPO), a semi-independent role at Brookes required by UK law. If you would prefer to contact the DPO directly, please email email@example.com.
What is the Information Commissioner’s Office (ICO)?
The ICO is the UK's independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. While we recommend that you raise any concerns or queries with us first you have the right to complain to the ICO directly if you believe Brookes is using your personal data unlawfully.
Please visit www.ico.org.uk for information on how to make a complaint or would like independent and impartial guidance on data protection and privacy.
Information Security Management team