We are committed to letting you know what data we collect, why we collect it, and what we do with it. If you have any questions about how we use your personal information or comply with data protection legislation, please email us.
On this page:
1.0 Our principles regarding user privacy and data protection
2.0 Personal information collected by this website (and why we collect it)
3.0 Marketing emails
4.0 About this website’s server
5.0 Our third-party data processors
6.0 Other websites
7.0 Website data breaches
8.0 Requesting your personal data
9.0 Relevant legislation
10.0 Data controller
11.0 Data protection lead
12.0 Changes to our privacy policy
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We will process all personal data lawfully, fairly and in a transparent manner. The General Data Protection Regulation (GDPR) sets out six lawful grounds for processing personal data, of which this site relies on the following bases:
This website collects and uses personal information in the following ways, for the reasons specified:
Like most websites this site makes use of cookies, which are small amounts of textual data that are stored on the device (computer, mobile phone, tablet etc.) that you use to access our website. This data is used to enhance your experience of this site.
Cookies may be set and accessed by third-party data processors, including Google Analytics (Privacy policy). We use this data to monitor how many people are using our site and to better understand how they use the site, in order to improve the experience we provide. Although GA records information such as your geographical location, device, internet browser and operating system, none of this data personally identifies you to us.
Disabling cookies on your internet browser will stop this site from tracking any part of your visit to this website. Further information on how to enable and disable cookies is available from www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to do this. However, some of our website features may not function correctly as a result.
Clicking any link on our website is taken as implied consent to our placing cookies on your device, unless you have disabled them in your browser as described above.
We use personal information held about you:
Should you complete a contact form on our site, none of the data that you supply will be stored by this website or passed to/be processed by any of the third-party data processors. Data entered into other forms, such as subscription forms, may be passed to third-party processors as defined in Section 5.0.
From time to time you may receive marketing emails inviting you to events and sharing relevant information. As we are an international organisation, sometimes this will be based on the information we have on your location. We do so because we believe that keeping you informed is in the University’s legitimate interest.
You can always opt out of receiving emails by following the unsubscribe link, which can be found in the footer of every email.
This website is managed by University of Edinburgh. All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
We use Google (Privacy policy) as third-party service providers to process personal data on our behalf.
Our website contains many links to and from other websites. If you follow a link to any of these websites, please note that they will have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
This website is a member of the Twitter social network. It manages a presence on their platform and our website contains links to this network. Twitter also processes personal data, and you should check their privacy policy before sharing personal information.
In the event of an unlawful data breach of this website’s database or the database(s) of any of our third-party data processors, it will be assessed and if appropriate reported to any and all affected persons and relevant authorities without undue delay, and if feasible, within 72 hours of the discovery of the breach.
Individuals have the right to the personal data that an organisation such as University of Edinburgh holds on them. You can request your personal data by making a subject access request.
There is no fee for making a subject access request. This should be done by emailing us with the necessary information needed to deal with your request.
The right of access extends to all information held on an individual, and includes staff files, databases, interview notes and emails referring to the individual.
However, there are a number of exemptions which effectively allow personal data to be withheld. To consider and apply an exemption will be dependent on the purpose for which the personal data is being processed, and will be considered and undertaken on a case-by-case basis. There is more detailed guidance on exemptions available from the Information Commissioner’s Office.
The data controller (see section 10.0) is required to communicate to the data subject the information it holds in an intelligible form within 1 month or up to 2 months if the request is complex. This timeframe starts from the date the request is received by the data controller, or the data has been provided with sufficient information by the data subject to locate the information being requested.
This website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residence’s specific data protection and user privacy legislation you can contact our data protection lead (details of whom can be found in section 11.0) for clarification.
The data controller of this website is: University of Edinburgh
Dave Bell
Email: Dave.bell@ed.ac.uk
This privacy policy may change from time to time in line with legislation or industry
developments. Any changes we make will be posted on this page, and specific policy changes
and updates will be mentioned in the change log below.
Questions, comments and requests regarding how we use your personal information or
comply with data protection legislation, please email: Dave.bell@ed.ac.uk
2019-06-20 First issue