University of Birmingham Guild of Students’ Student Privacy Notice

1. Statement of Policy

The University of Birmingham Guild of Students is fully committed to compliance with the requirements of the Data Protection Act 2018 (DPA) and the EU General Data Protection Regulation (GDPR).

The Guild of Students will therefore follow procedures which aim to ensure that all members, elected officers, employees, contractors, agents, consultants, volunteers or other partners of the Guild of Students who have access to any personal data held by or on behalf of the Guild of Students, are fully aware of and abide by their duties under the DPA and the GDPR.

In order to operate efficiently, the Guild of Students has to collect and use information about people to whom it delivers services and with whom it works. These may include members of the Guild of Students, current, past and prospective employees, clients and customers, and suppliers. In addition it may be required by law to collect and use information in order to comply with the requirements of central government.

This personal information must be handled and dealt with properly, however it is collected, recorded and used, and whether it be on paper, in computer records or recorded by any other means, and there are safeguards within the Act to ensure this.

The Guild of Students regards the lawful and correct treatment of personal information as very important to its successful operations and to maintaining confidence between the Guild of Students and those with whom it carries out business. The Guild of Students will ensure that it treats personal information lawfully and correctly.

To this end the Guild of Students fully endorses and adheres to the principles of Data Protection as set out in the DPA.

 

1.1 The DPA states that data must be processed in accordance with six ‘Data Protection Principles.’ Data will:

  • be processed fairly, lawfully and transparently;
  • be collected and processed only for specified, explicit and legitimate purposes;
  • be adequate, relevant and limited to what is necessary for the purposes for which it is processed;
  • be accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay;
  • not be kept for longer than is necessary for the purposes for which it is processed; and
  • be processed securely.

We are accountable for these principles and must be able to show that we are compliant.

The DPA makes a distinction between personal data and “special” personal data.

‘Personal data’ means information which relates to a living person who can be identified from that data (a ‘data subject’) on its own, or when taken together with other information which is likely to come into our possession. It includes any expression of opinion about the person and an indication of the intentions of us or others, in respect of that person. It does not include anonymised data.

 

1.2 ‘Special categories of personal data’ are types of personal data consisting of information as to:

  • your racial or ethnic origin;
  • your political opinions;
  • your religious or philosophical beliefs;
  • your trade union membership;
  • your genetic or biometric data;
  • your health; or
  • your sex life and sexual orientation.

The DPA is about processing personal data. ‘Processing’ means any operation which is performed on personal data such as:

  • collection, recording, organisation, structuring or storage;
  • adaption or alteration;
  • retrieval, consultation or use;
  • disclosure by transmission, dissemination, sharing or otherwise making available;
  • alignment or combination; and
  • restriction, destruction or erasure.

The Guild of Students will, through appropriate management and the use of strict criteria and controls, comply fully with the Data Protection Principles in processing all personal and special information.

Individuals will have the rights:

  • to be informed that processing is being undertaken;
  • to access one’s personal information within 30 days;
  • to prevent processing or erase information in certain circumstances; and
  • to correct or rectify information regarded as wrong information.

Lawful Bases for Processing Personal Data

If we process your personal data, we must have one of the following “lawful bases” for processing:

  • Your consent;
  • Processing is necessary for the performance of a contract with you or to take steps to enter into a contract;
  • Processing is necessary for compliance with a legal obligation;
  • Processing is necessary to protect your vital interests or those of another person;
  • Processing is necessary in the public interest or in the Data Controller’s official authority; or
  • Processing is necessary because it is in our legitimate interests, or those of a third party, unless these interests are overridden by yours.

Lawful Bases for Processing Special Data

We are also required by law to tell you if we want to process your special personal data (see list above), and we need to have one of the following lawful bases for processing special data:

  • Your explicit consent, unless reliance on consent is prohibited by EU or Member State law;
  • Processing is necessary for carrying out obligations under employment, social security or social protection law, or a collective agreement;
  • Processing is necessary to protect your vital interests or those of another individual if you are physically or legally incapable of giving consent;
  • Processing is carried out by a not-for-profit body with a political, philosophical, religious or trade union aim provided the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes) and provided there is no disclosure to a third party without consent;
  • Processing relates to personal data which you have manifestly made public;
  • Processing is necessary for the establishment, exercise or defence of legal claims or where courts are acting in their judicial capacity;
  • Processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional;
  • Processing is necessary for reasons of substantial public interest on the basis of EU or Member State law which is proportionate and contains appropriate safeguards;
  • Processing is necessary for the public interest in the area of public health; and
  • Processing is necessary for archiving in the public interest, or scientific and historical research purposes or statistical purposes.

The Guild of Students processes personal information to enable us to provide a range of services to our members (students at the University of Birmingham) which may include: administering membership records; providing and organising activities for union members; promoting our services; maintaining accounts and records; providing housing and accommodation services such as letting, renting and leasing properties; and supporting and managing our employees and volunteers.

This privacy notice explains how and when University of Birmingham Guild of Students processes personal information. It applies to information we collect and process about:

  • Members
  • Enquirers, complainants
  • Volunteers
  • Trustees
  • Tenants
  • Landlords
  • Survey respondents
  • Suppliers and service providers
  • Individuals captured by CCTV images

We sometimes need to share the personal information we process with the individual themselves and also with other organisations. Where this is necessary we will always comply with all aspects of the DPA and where necessary we will ask for your consent. Usually this will require informing you and obtaining your consent. What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

We may share information with:

  • Current, past or prospective employers
  • The University of Birmingham
  • Suppliers and service providers
  • Employment and recruitment agencies
  • Family, associates and representatives of the person whose personal data we are processing
  • Educators and examining bodies
  • Financial organisations
  • Survey or research organisations
  • Business associates and professional advisors
  • Other voluntary and charitable organisations
  • Healthcare, social and welfare organisations
  • Pension providers
  • Law enforcement officials
  • Credit reference agencies
  • Debt collection agencies
  • Landlords
  • Trade union and employer associations
  • Professional bodies
  • Data processors
  • Central government

If you are a student at the University of Birmingham, when you register as a student (on completion of the University Registration process which includes giving data processing consent including sharing data with the Guild of Students), you will automatically become a member of the Guild of Students. You can view the Code of Practice pursuant to the requirements of the Education Act 1994 for more information about the University’s relationship with the Guild. The University then provides the Guild with your name, gender, date of birth, nationality, residency for fees (home/EU or overseas), student ID number, termtime addresses, home addresses, programme title and whether undergraduate or postgraduate, mode of study (full-time, part-time, distance learning etc), School, year, University email contact details and whether you have dependents.

When you register with the University, the personal information above is automatically shared with the Guild and your data is registered with the Guild of Students. The Guild will use this information to contact you and so that you can participate in a range of activities as a member of the Guild including: voting in elections and referenda, attending Guild meetings, joining student groups and societies and purchasing Guild products such as event tickets.

The Guild would also like to use your personal data to send you information about activities and events that may be of interest to you. The Guild will contact you separately to ask for your consent in relation to this and to enable you to update your communication preferences.

If you do not wish to be a member of the Guild, you should contact the President of the Guild via (president@guild.bham.ac.uk), in which case your data will be removed and you will cease to be a member of the Guild. This means that you will no longer be able to participate in activities associated with your membership such as those outlined above.

Your details will be held by University of Birmingham Guild of Students in its membership database/data management system, unless you have opted out of Guild membership (via the process outlined above). The details held are the details provided to the University of Birmingham within the registration process.

The Guild of Students cannot be held responsible for any inaccurate personal details provided to the University of Birmingham. Please let the University of Birmingham and the Guild know if your personal details change and these will be updated within our systems.

As you then interact and take part in actives associated with your membership with the Guild, for example, by buying tickets, voting in elections and joining student groups, a record of your activity is held within the membership management data base (www.guildofstudents.com).

Some Guild services and activities collect personal information about you in other ways and require your consent to do so, and these are also outlined within this privacy notice.

The Guild may need to process some special data about you. We will generally ask you for consent to do this unless the law allows us to process this data without your consent, (for example if the processing is necessary to protect your vital interests and you are incapable of giving consent, or if the processing is necessary for us to defend a legal claim). This special data includes data about your ethnicity, sexual orientation, religious beliefs or health/disability data. We use special data to allow participation in elections, where self definition is required (e.g. to vote in the Women’s Officer election, we would ask for you to self-define within this category), to deliver support services to you, to ensure safety taking part in some Student Group activities and to provide help or put in place reasonable adjustments.

Your personal data is created, stored and transmitted securely in a variety of paper and electronic formats, including databases. Only those Guild of Student staff who need access for the purpose of delivering the relevant services will be able to access your personal data. Our use of your personal data will not be excessive.

a. Guild of Students.com

Guildofstudents.com also acts as a data management system to allow students (members) to participate in range of activities associated with your Guild membership – such as voting in elections and referenda, joining student groups and societies, purchasing Guild products such as event tickets, and attending Guild meetings.

Our Privacy Policy discloses the information practices for the University of Birmingham Guild of Students website (guildofstudents.com), including the type of information gathered, how the information is used, and our policy regarding sharing information with others/organisations.

By using guildofstudents.com, you agree to the terms of this Privacy Policy. A copy of the cookie policy for guildofstudents.com can be found in the privacy section on guildofstudents.com.

We gather both Personal Information and Anonymous Information from you when you visit guildofstudents.com. "Personal Information" means any information that may be used to identify you as an individual, and includes, from the personal information above: name (first and last); email address, and address. "Anonymous Information" means information that is not associated with or linked to your Personal Information; and does not permit or allow the identification of individual persons.

If you are not a University of Birmingham student, or if you are a University of Birmingham student but have not completed the University Registration process or have chosen not to join the Guild of Students, then if you purchase goods and services from us we shall process your personal information on the basis of the contract that you form with us through such purchase, rather than your consent to data processing.

The Guild of Students, via the site collects Personal Information and Anonymous Information, as described below.

Personal Information (collected from guildofstudents.com)

Personal Information is collected whilst using the site from you at the following points:

  • If you are not a University of Birmingham student and register to the Site as a ‘guest’ to purchase goods or services, we will record your contact information, username and password.
  • If you are a registered student at the University of Birmingham, you will use your University log credentials to access the site. Your password is not stored on the site/guildofstudents.com or by University of Birmingham Guild of Students in any form.
  • If you are due to become a registered University Student in 2017, but have not completed the University Registration process, you can register to the site as a ‘Fresher’ to purchase goods and services, we will record your contact details and some personal information (such as where you will be living/your Hall of Residence), your username and password. When you officially become a University of Birmingham student and complete the registration process your Fresher account will cease to exist, and your purchasing history data will be migrated to your registered student account. Your temporary password and username will be removed at this point and you will use your University log credentials to access the site.
  • If you make any purchases through the Site, the site will record your billing address,
    - However, it will not record your payment card details. This information is collected through Sage Pay, our online payment provider. No card payment details are stored through or on the Site directly.

Information (collected automatically via guildofstudent.com)

As you navigate the site, certain information will be collected automatically. This data helps us to improve the content of the Site and to customise the content or layout of the Site for you.

A cookie is an element of data that a website sends to your computer's hard drive while you are viewing a website. The University of Birmingham Guild of Students’ uses session cookies (which expire once you close your web browser). You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. You can also set your browser to turn off cookies. If you do so, however, some areas of the site may not function properly. For further information on our use of cookies please see our Cookie Policy.

How else we might use your personal information (via guildofstudents.com)

We collect personal information from you in order to fulfil your requests. For example, we may use your personal information to process an online purchase or interact with a service or feature on the site. We may also use your personal information to send you information that you requested, or to confirm registrations, purchases, or to respond to your feedback.

We may use your email address to notify you of products or services that may interest you, such as events or activities - subject to your communications opt-in preferences. In addition we may notify you of recent updates to the site, or to provide you with latest news on University of Birmingham Guild of Students.

Anonymous records

We may create Anonymous Information records from guildofstudents.com activity and personal Information by excluding information (such as your name) that makes the information personally identifiable to you. We use this anonymous information to perform statistical analyses of users' aggregated behaviour so that we may enhance the content of our services and improve site navigation.

Internet traffic/monitoring

When someone visits guildofstudents.com, we collect standard internet log information and details of visitor behaviour patterns. We do this to measure data such as the number of visitors to the various parts of our Site. We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. We also use Google analytics, which provides anonymous information such as the type of devise you are using to access the site, and other information such as age range and interests, which Google collects from your internet activity. We use this information to improve the user experience, and to gather general statistics about the users of our services (not user specific).

Disclosure of Personal Information (from guildofstudents.com)

Your Personal Information will not be sold, traded, or rented to individuals or other entities. However, we may need to share your Personal Information with third parties to charge your credit card or deliver specific services to you such as support services. These third parties are required not to use your Personal Information other than to provide the services requested by University of Birmingham Guild of Students.

  • We may disclose your Personal Information if we believe in good faith that such disclosure is necessary to:
  • comply with any relevant legal obligations or;
  • protect and defend the rights or property of University of Birmingham Guild of Students or users of the site;

but only where this complies with the six Data Protection Principles and the rules of the DPA.

Other Websites

Guildofstudents.com contains links to other websites. We are not responsible for the content, accuracy or opinions expressed in such websites, and such websites are not investigated, monitored or checked for accuracy or completeness by the Guild of Students.

Inclusion of any linked website on or through guildofstudents.com or other Guild services does not imply approval or endorsement of the linked website by us. If you decide to leave a Guild website and access these third-party websites, you do so at your own risk.

b. Support Services

The Guild delivers a number of support services (Guild Advice, Student Mentors, Community Wardens, and Guild Lettings) where your consent or if you have one, then your contract with us or the University of Birmingham, is the lawful basis for the Guild to process your personal data. A summary of how each of these services use and process your personal data is provided below. Further details and information is available from the services directly.

Student Mentor Scheme

If you live in University Student Accommodation you agree to share your data with the Student Mentor Scheme and University of Birmingham’s Accommodation Services when you sign your accommodation contract with the University of Birmingham. The Student Mentor Scheme is delivered by the Guild of Students under a service level agreement with the University of Birmingham, Hospitality & Accommodation Services (HAS). For more information on the Student Mentor Scheme, click here.

When you use the Student Mentor Scheme (either directly or if you are referred from another service) and meet with an advisor for the first time you will be asked for consent to process your personal and in some cases special data. Notes will be taken from your meeting, and a ‘case’ created. The case notes are then uploaded onto our case management software, and the hard copy destroyed.

If you contact the Student Mentor Scheme via email, your email will be used to create a ’case’ and the correspondence recorded within the case management software. If you contact the Student Mentor Scheme by telephone, you will be asked for consent to process data, and notes taken from your conversation, which are then used to create a case.

Following your initial interaction with the scheme, every subsequent interaction will be recorded on to the case management software. This allows the Student Mentor Scheme to effectively support you that there is a record of your previous interactions each time you interact with the scheme.

Guild Lettings

Guild Lettings is a service for helping you find private accommodation and it’s is within our legitimate interests to processes your personal data in two ways when you use the service, dependent on whether you are seeking a ‘managed property’ or ‘Let Only’ property.

Managed Property

 

If you are seeking a ‘managed property’ you will be asked to supply your name and email so that Guild Lettings can arrange viewings for you. If you do not find a property within 12 months your personal data will be destroyed and removed from Guild Lettings records. If you find a property, you will be asked to complete an online application form and pay a deposit. You will be asked to provide a photocopy of your driving licence, passport, visa student ID and proof of address and complete ‘guarantor’ paperwork. A hard and electronic record of this data will be kept and processed. You will then be asked to sign a ‘tenancy agreement’ which will include the name, phone number, email and address of all tenants within the property and the landlord.

Your deposit will be registered with the ‘Deposit Protection Scheme’ (DPS) and your name, address, phone number and email address provided shared with the DPS. Your name, phone number, email and address will also be shared with ‘The Maintenance Team’ who are contracted to provide maintenance services within managed properties; and may be passed to relevant utility companies (gas, electric, water, internet, and local authorities (Birmingham City Council for the purposes of Council Tax).

All tenancy agreement and personal data is also stored electrically within the Lettings Management software.

Let Only Property

If you are seeking a ‘let only’ you will be asked to supply your name and email so that Guild Lettings can arrange viewings for you. If you do not find a property within 12 months your personal data will be destroyed and removed from Guild Lettings records.

If you find a property, you will be asked to complete an online application form and pay a deposit. You will be asked to provide a photocopy of your driving licence, passport, visa student ID and proof of address and complete ‘guarantor’ paperwork. A hard and electronic record of this data will be kept and processed. You will then be asked to sign a‘tenancy agreement’ which will include the name, phone number, email and address of all tenants within the property and the landlord.

Your contact details, application, ID and the ‘guarantor’ paperwork will/may be shared with the landlord or the property, and may passed to relevant utility companies (gas, electric, water, internet, and local authorities (Birmingham City Council for the purposes of Council Tax).

All tenancy agreement and personal data is also stored electrically within the Lettings Management software.

Guild Advice

When you visit, contact or access services provided by Guild Advice, you will be asked to provide consent so that Guild Advice can collect and process your personal and special data in order to provide advice and deliver support services to you. This information will also be used to inform anonymous statistical information for analysis and used to improve the Guild Advice service to students.

In order to provide you with the most comprehensive service and ensure all possible enquiries have been made in order to advise and support you with your case, Guild Advice may request your further consent to share your personal information and information related to your enquiry or case with a third party or parties. For example, it may be relevant to your case that Guild Advice contact a University of Birmingham support service or department or an external service or organisation on your behalf to provide you with additional advice, guidance and support. Only on receipt of your express written consent will Guild Advice act on your behalf and discuss any matters related to you or your case with a third party.

Upon receiving your written consent, Guild Advice will record and process your personal (and in some cases special) data in accordance with your consent. All personal data and subsequent enquiry or case notes are recorded in hard copy and then uploaded on to our ‘Advice Pro’, case management software. Any supporting evidence you provide will also be scanned and uploaded on to Advice Pro. Following your initial interaction with Guild Advice, every subsequent interaction will be recorded on to the Advice Pro case management software. Your data is generally only accessible by staff members within Guild Advice. However, on some occasions, your data is accessible to Guild Full Time Officers, for example, where representation is required (for example, within a University hearing).

On the rare occasion that a student visiting Guild Advice is unable to provide consent, action may be taken to protect vital interests.

You have the right to withdraw your consent to share your data at any point. Please contact your appointed Advisor or the Guild Advice Manager for further information.

Community Wardens

The Community Warden Scheme is delivered by the Guild of Students in partnership (under a service level agreement) with the University of Birmingham. The scheme works within the local community to promote and support community cohesion, improve and deliver environmental and crime prevention initiatives. For more information on the Community Warden Scheme, click here.

Students and non-student local residents are able to report community issues to the scheme via phone, email or in person. When you report an issue, you will be asked for consent to process your personal data and the information you provide. When you report an issue a ‘case’ will be created and a summary of the issue recorded and action required; a contact log will also be created and will summarize discussions and issues raised. This allows us to effectively progress your case and means you don’t have to repeat your concerns each time you interact with the scheme. This information may be shared with members of Community Warden Staff, in hard copy or electronic format, with any hard copies destroyed after use.

Community Warden Staff may also record report activity which is identified on visits (following up reported incidents outlined above) and from patrols. This data may include, for example, a street name and house number and a summary of the issue identified – for example, bulky waste; and is recorded as a ‘case’ and shared with Community Warden Staff team members.

Anonymous statistics and monitoring data from the Community Warden scheme will be shared with the University and some other third parties such as the City Council. In some cases specific case information and personal data will be shared with third parties such as the University of Birmingham, should further support be required to resolve the case; and West Midlands Police, if, as a complainant, your query needs additional support to resolve or if action is required for law enforcement purposes.

c. Job applicants and current and former Trustees and volunteers of the University of Birmingham Guild of Students and Guild Services Limited

When individuals apply to work or be a trustee or volunteer at University of Birmingham Guild of Students, or Guild Services Limited we will only use the information they supply to us to process their application and to monitor recruitment statistics. We will collect this information because of our legitimate interests and also (if you are applying to be an employee) because if your application is successful we may enter into an employment contract with you. We may also be collecting your special data (for example your health data) if you consent to this and (if you are applying to be an employee) in order to carry out our obligations under employment law.

Where we want to disclose information to a third-party, for example, where we want to take up a reference or carry out a Disclosure and Barring Service Check, we will not do so without informing applicants beforehand.

Personal Information about unsuccessful candidates will be held for 6 months after the recruitment exercise has been completed; it will then be destroyed or deleted. We retain depersonalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.

We will keep information on volunteers while they are volunteering for us and for a period of three year after this ends. A summary of their volunteering will be kept for a period of three years after their volunteering ends in case they ask us to provide a reference for them during this period.

Information on Trustees and Directors will be retained for the life of the company, as required by Companies House and Charity Commission records.

d. Communications & Marketing

The University of Birmingham Guild of Students will only send you information directly to your University of Birmingham email address that is deemed relevant to your membership of the Guild of Students. When first contacted by the Guild (following completion of University of Birmingham online registration) you are able to update your communication preferences – which includes additional information you would like to receive about wider events and activities which may be of interest to you – and thereby provide consent to be contacted with relevant promotions, offers or information that you have expressed an interest in (in addition to information directly linked to your membership of the Guild).

If at any point you do not wish to receive further updates and wish to opt out go to guildofstudents.com/profile/ or if you are logged in, go to the ‘Profile’ icon within the left hand menu and modify your preferences or contact details.

Opt-out

You may opt-out from receiving promotional or marketing emails by notifying us at the address specified at the bottom of any unwanted email. Emails may be sent to you from University of Birmingham Guild of Students or from its societies, clubs or other student groups affiliated to University of Birmingham Guild of Students (if you have joined a group and are therefore a member of that group). If you unsubscribe from a University of Birmingham Guild of Students email, you may still receive emails from these affiliated groups and vice versa.

In some cases the opt-out facility is not available unless you have opted out of Guild of Students’ membership completely. These instances include: transactional or relationship messages, such as those that are necessary to provide you with confirmation of a completed transaction (such as a purchase, request, or change in your user profile at guildofstudent.com); emails providing notification of changes of terms of service; or those providing information related to your membership such as notice for General meetings, elections, or referenda.

e. CCTV – Crime Prevention & Guild Venues

CCTV is used in the Guild for maintaining the security of property and premises and for preventing and investigating crime. It is also a condition of the Guild’s license. It is therefore in the Guild’s legitimate interests to operate CCTV on its premises. The information processed may include visual images, personal appearance and behaviours. This information may be about staff, students, customers, and clients, offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance. Where necessary or required this information is shared with the data subjects themselves, employees and other Guild staff, service providers, police forces, security organisations, and persons making an enquiry.

A copy of the Guild of Students’ CCTV policy can be found here.

If you use the Guild’s venues (for example on a club night such as Fab n Fresh), and are involved in an incident or removed from the premises for licencing purposes, an ‘incident form’ will be produced. You may be asked be asked to produce your University ID card, and to provide additional personal data such as your contact details. Data recorded may outline the details of the incident and contain further personal or special data.

Incident forms are processed by the HR & Administration department and only shared with those staff and Guild Officers who need to have access to the information. Incident forms are hard copy documents, which are then scanned into an electronic format and destroyed. This information may then be used to inform a membership (or student group) disciplinary, and sanctions imposed.

Please note, the Guild is a membership organisation and as such, you can be asked to provide proof of your membership and your University ID card at any point before you enter and during your time within the Guild of Students building. Failure to comply may result in your removal from the building or refusal of entrance.

f. Undertaking Research

Personal information is also processed in order to undertake research. For this reason the information processed may include name, contact details, family details, lifestyle and social circumstances, financial details, goods and services. Special data may be processed including physical or mental health details, racial or ethnic origin and religious or other beliefs. This information is about survey respondents. Where necessary or required this information may be shared with third party research organisations and companies whom we are working with to deliver the research [who will be subject to a data sharing agreement with the Guild].

We may email you for research purposes relating to your membership of University of Birmingham Guild of Students based on anonymous information you have already provided through completion of questionnaires or polls; we may also email you to ask you to take part in research activity such as completing surveys, and inviting you to attend focus groups. This information is only gathered for reasons associated with improving services to our members and anonymous data/information is only accessed by employees of University of Birmingham Guild of Students.

Sometimes we may commission a specialist company or consultants to carry out research to help us improve our services to you. In this case we may share your personal data so that the company or consultants can contact you to ask if you wish to take part. If you do not, then your details are deleted from their database. Your personal data is not used by them for any other purpose. We enter into data processor agreements with our data sharing partners (data processors) to make sure that they comply with their data protection obligations to us and to you.

g. Award Schemes

We may also use your personal data to nominate, enrol or enter you in any relevant competitions or award schemes and publicise your name in such schemes. You will always be informed of your nomination or entry and have the right to withdraw and have your name removed from publication.

The University of Birmingham Guild of Students’ has a data sharing agreement with the University of Birmingham.

This agreement permits the transfer of your personal information listed previously from the University of Birmingham to the University of Birmingham Guild of Students, so that you can participate in a range of activities as a member of the Guild including: voting in elections and referenda, attending Guild meetings, joining student groups and societies and purchasing Guild products such as event tickets.

You can opt out of this agreement and Guild membership by contacting the President of the Guild via (president@guild.bham.ac.uk), in which case your data will be removed and you will cease to be a member of the Guild. This means that you will no longer be able to participate in activities associated with your membership such as those outlined above.

We may, on request, provide anonymous data to the University relating to extra-curricular activities such as the number of volunteers, student group members or the percentage of members voting in an election. This data is not personally identifiable to you.

We will on occasion wish to provide personal Information to the University of Birmingham. This includes activities you may have taken part in with University of Birmingham Guild of Students that should be transferred onto your University transcript. We will always ask your permission and seek your consent before we share your Personal Information in this way. For more information on enhanced transcripts, click here:

https://www.guildofstudents.com/enhancedtranscript/

Data may also be shared between the Guild and University between partnership services such as Student Reps, Student Mentors, Community Wardens, and Resident’s Associations; and occasionally to implement measures and sanctions arising in relation to misconduct or disciplinary proceedings.

Where possible we will only keep your information for the period of your membership of the Guild and will then delete it.

a. Membership data/personal information

Membership data/personal information held within the Guild’s data management system (guildofstudents.com) will be held for 8 years from the leaving date of the student.

b. Support Service user data/personal information

Support Service user data will be retained for 6 years from the last time the service was used/accessed or contract ended so that we can deal with any complaints or claims raised.

c. Volunteer & Trustee data information

Personal data on volunteers will be retained for 3 years from when the individual stops volunteering for the Guild. Information on Trustees and Directors will be retained for the life of the company, as required by Companies House and Charity Commission records.

d. CCTV images

CCTV images will be kept for one month, unless a request is made to keep images for longer, with good reason (for example because a crime or complaint is still being investigated), and the DPO and/or the CEO agrees to such request.

We safeguard the personal information you send to us with certain physical, electronic, and managerial procedures within the Guild and within our systems. The Guild’s central IT infrastructure is managed by the University of Birmingham, and subject to related policies and procedures.

We also store your personal information behind our firewall and utilise appropriate security measures in our physical facilities to prevent loss or unauthorised use of special information. We limit access to personal information in electronic databases to those persons, including University of Birmingham Guild of Students employees, in our organisation who have a need for such access.

While we make every effort to protect your personal information when it is in our care, we urge you also to take every precaution to protect your personal information when you are online. We suggest that you change your passwords often, use ‘strong’ passwords that include a combination of letters and numbers, and use a secure browser. For any students who are committee members, or issued with a Guild of Students email address, you will be subject to the Guild’s Data Security Policy and regularly required to update your password.

Products and services are available which can help give you privacy protection while navigating the internet. While we do not anticipate breaches in security, if one occurs, we will use all reasonable efforts to correct the problems that led to the breach and we will report it to the Information Commissioner as required under data protection law, and those directly affected.

You have the right to request:

  • Access to the personal data we hold about you, free of charge in the majority of cases.
  • The correction of your personal data when incorrect, out of date or incomplete.
  • That we erase your personal data where we were not allowed to process it or it is no longer necessary to process it for the purpose for which it was collected or once the purpose for which we hold the data has come to an end (such as the end of our student data retention period).
  • That we stop data processing where we are relying on a legitimate interest and you think that your rights and interests outweigh our own and you wish us to stop.
  • For example, when you withdraw consent, or object and we have no legitimate overriding interest, or
  • That we stop using your personal data for direct marketing (for example, via email).
  • While you are requesting that your personal data is corrected or erased or are contesting the lawfulness of our processing, you can apply for its use to be restricted while the application is made.
  • hat we stop any consent-based processing of your personal data after you withdraw that consent.

You have the right to request a copy of any information about you that the Guild of Students holds at any time, and also to have that information corrected if it is inaccurate.

If we do hold information about you we will:

  • give you a description of it;
  • tell you why we are holding it;
  • tell you who it could be disclosed to; and
  • let you have a copy of the information in an intelligible form.

This information will be provided to you within one month.

To ask for your information and make a subject access request, please contact:

Data Protection Officer, University of Birmingham Guild of Students, Edgbaston Park Road, Edgbaston, Birmingham, B15 2TU;

Or email: subjectaccessrequest@guild.bham.ac.uk

To ask for your information to be amended, please update your online account via guildofstudents.com, or email: data@guild.bham.ac.uk

If there is a circumstance where we choose not to or are unable to action your request we will explain to you the reasons for our refusal.

Your right to withdraw consent:

Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.

You have the right to stop the use of your personal data for direct marketing activity through all channels. We will always comply with your request.

For clarity, this Privacy Notice does not provide exhaustive detail of all aspects of University of Birmingham Guild of Students’ collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to: data@guild.bham.ac.uk

We are committed to dealing with your data lawfully.

If you have a query, question or would like to speak to our Data Protection Officer, please contact: dataprotectionofficer@guild.bham.ac.uk

If you have any questions or complaints about how we handle your personal data please contact: complaints@guild.bham.ac.uk

You also have the right to complain to the Information Commissioner if you think there is a problem with how we handle your data. For further guidance on matters relating to Data Protection and Privacy, please refer to Information Commissioner’s Office by calling 0303 123 1113 or online via www.ico.org.uk/concerns

 

Contact Us

0121 415 9990

enquiries@guild.bham.ac.uk

@guildofstudents

facebook.com/guildofstudents

Meet your officer team

Every year, a team of Officers are elected by YOU to help you get the best out of Birmingham. Each officer leads a different part of the Union on your behalf – click on their faces to find out what they do and how to get in touch…

Latest Student Deals