Kingston University Data Protection Privacy Notice for the International Network of Universities

What is this privacy notice about?

Kingston University holds the Coordination of the International Network of Universities (INU) and manages the INU website. This privacy notice explains how Kingston University (“we”, “our”, “us”) collects, uses and shares your personal data (information) and your rights in relation to this data. The notice relates to our processing of personal data of INU website visitors, enquirers, applicants and others (“you”, “your”) who contact or submit information to the INU via Kingston University.

This privacy notice answers the following questions:

This privacy notice supplements the other notices/policies and is not intended to override them. For further information about how Kingston University processes personal data please refer to the Information Regulations section of the Kingston University website.

Your personal data will be processed in line with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

Kingston University is registered with the Information Commissioner’s Office (ICO) under registration number Z7456228. The entry can be found in the online ICO register of fee payers.

 

What is the role of the INU?

The INU is an international network of universities that actively seek international partnerships and experiences, create innovative programming and delivery methods, and embrace the internationalisation movement. We maintain records of the participants of our activities to help foster this community for the mutual benefit of all members of the community as well as the member institutions.

 

How do we collect your information?

Information provided by you

We collect your personal data in a number of ways:

  • from the information you provide to us via online forms when applying or registering for an activity organised by INU (for example, when you express your interest in participating at the INU courses or initiatives for staff exchange);
  • when you submit queries to us via email.

 

Google Analytics

This website uses Google Analytics Demographics and Interest Reporting, a web analytics service provided by Google, Inc. which uses cookies to help us analyse how this site is used.

Below are some examples of data collected automatically through Google Analytics from all users:

  • the Internet protocol (IP) address;
  • computer and connection information such as browser type and version, operating system, and platform;
  • Uniform Resource Locator (URL) click stream data, including date and time, and content viewed or searched for on the site.

The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

 

WordFence

WordFence is a WordPress security plugin. It uses the following cookies:

  • “Live Traffic” cookie: to determine if someone is a human or a bot, to identify repeat visitors and to display this in the Live Traffic feed;
  • Country Blocking: may be used to bypass country blocking;
  • Session cookie: this remembers if someone is a logged in to prevent them from getting blocked by accident while working in WordPress admin.

 

What types of information do we collect about you?

We collect the following types of personal data about you:

  • information from cookies as described above;
  • name and contact details;
  • gender (if you provide this information);
  • applications including CVs;
  • information relating to current employment and interests.

 

How will we use your information?

Your data will be used for the purposes of dealing with your enquiries or application, as well as sending your relevant information to the organisers of the activities.

The information you provide to us in your application is used only for the purposes of the activity you are intending to join.

 

What legal basis do we have for processing your information?

We rely on consent to process your enquiries and applications. This includes your consent to transfer information overseas to the partner institutions that you have indicated an interest in.

 

Who will we share your information with?

We may disclose limited personal data to INU member institutions for the purposes of INU and to facilitate the organisation of courses, events and meetings.

Some of the personal data we process about you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). This includes where the personal data is processed by other INU institutions who are based outside the EEA or who use storage facilities outside the EEA.

In these circumstances, your personal data will be transferred on one of the following bases:

  • a European Commission decision provides that the country or territory to which the transfer is made ensures an adequate level of data protection;
  • where the transfer is subject to one or more of the “appropriate safeguards” for international transfers prescribed by applicable law;
  • you consent to the transfer through your preference to attend a specific institution or event overseas.

 

For how long do we keep your information?

We will retain the information you submit for two years after the application cycle for unsuccessful applicants and the activity duration plus two years for successful candidates. This is in line with the Kingston University retention schedule, which is accessible on our website. Where your data is transferred to other INU organizations please refer to their privacy policies and retention schedules. Where the Presidency changes the details of successful applicants only will be passed on to the new lead university.

 

How do you make sure my information remains accurate?

It is important that the personal information we hold about you remains accurate. Please tell us as soon as possible about any changes to the information we hold about you. This is particularly important for your contact details.

 

What are your rights?

Under the GDPR and the Data Protection Act 2018, you have the following rights:

  • to access from us the personal data we hold about you;
  • to require us to correct the personal data we hold about you if it is incorrect;
  • to require us to erase your personal data;
  • to require us to restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);
  • to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format and the right to transmit that data to another controller;
  • to object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights;
  • to not be subject to a decision based solely on automated processing, including profiling, which has a legal effect on you.

Please note that the above rights are not absolute and we may be entitled to refuse requests where exceptions apply.

If you have given your consent and you wish to withdraw it, please contact the INU coordinator team in the first instance. Alternatively you can contact the Kingston University Data Protection Officer using the contact details set out below. Please note that where our processing of your personal data relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you.

 

Who can you contact about your information?

If you wish to request access to the personal data we hold about you please use the Subject Access Request Form available online. For any other queries about this privacy notice or how we process your personal data you can contact our Data Protection Officer by email: DPO@kingston.ac.uk or by post: Data Protection Officer, Vice Chancellor’s Office, River House, 53–57 High Street, Kingston upon Thames, Surrey KT1 1LQ.

If you are not satisfied with how we are processing your personal data, you can make a complaint to the Information Commissioner.

You can find out more about your rights under data protection legislation from the Information Commissioner’s Office website.