Universities UK group includes Council of Deans of Health and Universities Wales. The Director of Operations has responsibility for data protection, and can be contacted by:Email DataProtection@universitiesuk.ac.ukPost Woburn House, 20 Tavistock Square, London, WC1H 9HQPhone 020 7419 4111 (office hours only)
This privacy notice applies to information we collect about:
Personal data we routinely collect includes:
For our employees we will also collect:
For our conference delegates we will also collect
We collect personal data through:
We will find contact data from several sources, for example on institution websites for individuals, other online resources, Companies House and we will also be given contact details from an individual’s colleagues to add to our mailing lists.We generally do not buy in data lists from third parties. If we felt this was necessary, we would conduct a data protection impact assessment.
We use the data to keep in touch with individuals interested in the higher education sector. This could include:
For the above groups, we will email news updates relating to their work and the wider higher education sector.For our named members and their PA’s, we will use data for administrative purposes to manage membership.In addition, Woburn House Conference Centre will keep in touch with clients through the management of their booking and to let them know of future services available and special offers from time to time.
You can unsubscribe from email communications at any time, using the unsubscribe button, or replying to emails with the instruction to be removed from a mailing list. As a data subject, individuals have a number of rights in relation to their personal data.
If an individual makes a subject access request, UUK will tell him/her:
UUK will also provide the individual with a copy of the personal data undergoing processing. This will normally be in electronic form if the individual has made a request electronically, unless he/she agrees otherwise. This will be provided within one month of the request being made to meet GDPR requirements.
To make a subject access request, the individual should send the request to
DataProtection@universitiesuk.ac.uk. In some cases, UUK may need to ask for proof of identification before the request can be processed. UUK will inform the individual if it needs to verify his/her identity and the documents it requires.If a subject access request is manifestly unfounded or excessive, UUK is not obliged to comply with it. Alternatively, UUK can agree to respond but will charge a fee, which will be based on the administrative cost of responding to the request. A subject access request is likely to be manifestly unfounded or excessive where it repeats a request to which UUK has already responded. If an individual submits a request that is unfounded or excessive, UUK will notify him/her that this is the case and whether or not it will respond to it.
Individuals have a number of other rights in relation to their personal data. They can require UUK to:
To ask UUK to take any of these steps, the individual should send the request to
The supervisory authority is the
Information Commissioner’s Office. Individuals can lodge a complaint directly with them.Details of how to report concerns are on the
ICO website. The helpline telephone number is 0303 123 1113.
Universities UK will use
legitimate interest for contacts and communications for the following groups:
For these groups the data held will be:
Universities UK believes that:
There is a genuine business reason (the legitimate interest) for processing this data, the purpose of UUK (incorporating Woburn House Conference Centre) is:
And for our income generating activities:
And has considered the
UUK considers the impact on the individual to be low (the balancing test):
safeguards in place:
Data is stored on premise in offices in London, Edinburgh and Cardiff. Where cloud hosted systems are in use, the data is stored in the EEA.
UUK has a policy on data and document retention. Retention periods are based on ICSA Guide to Document Retention (3rd Edition). If you have questions on our retention policy, email
Links to external websites are not our responsibility and that once a user clicks on a link to an external site it will be subject to that organisation’s privacy policies, not ours.
This policy was last updated in March 2018. It will be reviewed annually, or before if we introduce any changes to our data practices.