Privacy Notice

The majority of the personal data OBU holds about you is directly related to the administration of your programme with OBU.

OBU will also use your personal data (including special category) for programme management purposes and complying with our legal obligations, for instance to meet the requirements of our Erasmus+ Grant Agreement with the British Council.

OBU may contact you to ask for feedback about your experiences.

• You consent to providing it to us
• OBU need to use this to enter into a contract with you or maintain an existing one
• OBU have a legal obligation to use your data (such as reporting statistics relating to Erasmus+)
• OBU need to use this data to protect you or others from the risk of harm

If OBU asks you for special category data such as: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, data concerning health or sexual life, genetic/biometric data or criminal records OBU will use these data because:

• You have given OBU explicit consent to do so
• OBU need to use this data for employment, social security or social protection law, or a collective agreement
• OBU will use personal data which you have knowingly made public
• OBU need to use this data for legal purposes

• OBU will share the personal data of students applying for Erasmus+ funding with the British Council (National Agency)
• OBU will share the personal data of students applying for exchange programmes with the host institution
• OBU will share the personal data of students applying for exchange programmes with Mobility-Online (third party online application portal provider)
• To protect your vital interests (for example in an emergency OBU may need to share contact details)

Data may be stored overseas when you make your application.

If you are applying for a period of exchange at an institution outside the EEA, information relevant to your application will be shared with the International Office of your host university.

• You have the right to be informed
• You have the right of access to your data
• You have the right to correct data if it is wrong
• You have the right to ask for your data to be deleted
• You have the right to restrict use of the data we hold
• You have the right to data portability
• the right to object to OBU using your data
• You have rights in relation to using your data automated decision making and profiling.

Yes, in many cases we will not be able to meet our commitments to you (under contract or otherwise) if we do not collect and store your personal data.

In a situation where your explicit consent is required we will make clear the specific consequence of not providing your data.

No, OBU does not currently undertake any automated decision making or profiling using your personal data that falls within the scope of UK law.

A period of five years from the date of closure of the applicable Erasmus+ Grant Agreement for students accessing funding through the Erasmus+ programme.

For non-Erasmus+ exchange programmes Oxford Brookes will only retain personal data for as long as necessary to:

1. Fulfil the purpose for which the data was collected or obtained.
2. Fulfil our own obligations under UK Law.

Your personal data will be securely deleted once either of these conditions no longer apply. For more information on retention periods (the exact length of time Brookes retains each category of personal information) please refer to the University record retention schedule or contact the Information Security Management team.

You can contact the Information Security Management team.

Postal Address: GDPR Queries, Information Security Management Team, IT Services, Room 2.12, Gibbs Building, Headington Campus, Gipsy Lane, Oxford, OX3 0BP

Email: info.sec@brookes.ac.uk