Data Protection, Privacy and Cookies
Here at the University of Salford we work hard to ensure that you get the very best experience, whether you are a visitor, a student, a staff-member, alumni or partner, without having to worry if your information is safe.
Outlined below is how & why we collect, use, & share your personal information, & your rights in relation to that data.
We know that there’s lots of information here, but we want you to be fully informed – we hope the following sections will answer any questions you have but if not, please do get in touch with us.
A bit about Us
The University of Salford is the “Data Controller” of your personal data & is subject to the data protection legislation & to the General Data Protection Regulation 2016 (“GDPR”). We are registered with the Information Commissioner’s Office (“ICO”) registration number Z469563X and our Data Protection Officer is Andrew Hartley.
We appreciate an individual’s right to privacy & in all situations we strive to achieve a balance between protecting that right & confirming that we have the correct information to ensure we can provide an exceptional experience for all.
Under the GDPR a number of new principles mean that individuals have greater rights concerning their information & how it is used (see Data Subject Rights) We have detailed an overview of these principles below & included the Privacy Statements for all groups of people who the University of Salford interact with.
The law on data protection sets out a number of different reasons for which an organisation may collect & process your personal data, including:
To ensure that we meet carry out our role as an institute of higher education & provide our Students with required level of service we need to collect & process relevant personal data.
For example, when we record your academic results & validate with your previous Further Education provider.
In specific situations, we can collect & process your data with your consent.
For example, if you are a Graduate and you tick a box to receive email enquiring if you wish to become a donor.
In certain circumstances, we need your personal data to comply with our contractual obligations.
For example, when you accept a place at the University we need to capture certain information in order to provide you with the place & service.
If the law requires us to, we may need to collect & process your data.
For example, certain government departments need us to collect and pass on statistical data.
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running the University which does not materially impact your rights, freedom or interests.
For example, after you graduate, we will send you email newsletters updating you on what is happening here at the University.
When collecting your personal data, we’ll always make clear which data is necessary in connection with a particular service.
When do we collect data?
- When you visit our website
- When you engage with us on social media
- If you join us as a Student or Staff member we need to capture data in order to enter into a contract with you
- If your image is captured on the CCTV that we deploy across our sites for safety & security
- When a donation or a purchase is made
- When an individual attends a clinic run by one of the University Schools
What sort of data do we collect?
Under the GDPR we are only permitted to collect the minimum amount of information needed to carry out a specific purpose, therefore depending on your relationship with us we collect different amounts of data.
Example, if you are making a decision about university choices & want some information sending to you we would only take your name & contact details (address & email) but if you are joining us as a member of Staff we would need more information, such as date of birth, gender, financial details.
If your relationship with us changes, we remove all unnecessary information that we hold on you. The University has produced a retention schedule to ensure that we only retain details that enable us to perform to perform our duties.
How Do We Use Your Information?
Different information is processed for different purposes, some of it is used to improve experience, such as Cookies on the website & other information helps us track performance, comply with legislation or help keep you informed of what is happening here at the University of Salford.
Detailed information about how we use information for different purposes can be found in the relevant Privacy Policies, but here are some examples:
- Website Cookies tell us which pages you find useful, & therefore how we can improve your experience online
- We collect & report upon sensitive personal data, such as gender, ethic origin & disability data in order to undertake equal opportunity monitoring
- We require financial data to administer financial activity, such as fees, scholarships & bursaries
- We take photographs in order to issue Access Passes
- Information captured during Research projects will be processed in order to develop our programmes & insight
How Long Do We Keep Your Data For?
Data is retained for as long as it is required to perform its purpose, or for as long as is required by law. At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis & business planning.
Who Do We Share Your Information With?
Sometimes we share your personal data with trusted third parties, in order to meet our contractual needs or to improve our services.
Here’s the policy we apply to those organisations to keep your data safe & protect your privacy:
- We provide only the information they need to perform their specific services
- They may only use your data for the exact purposes we specify in our contract with them
- We work closely with them to ensure that your privacy is respected & protected at all times
- If we stop using their services, all of your data held by them will either be deleted or rendered anonymous
Examples of the kind of third parties we work with are:
- IT companies who support our website & other business systems.
- Operational companies such as the Students Loan Company
- Direct marketing companies who help us manage our electronic communications with you
- Google Analytics to understand our website usage, this is subject to acceptance of Cookies on our websites. See our Cookies Notice, below, for details
- Clinical practices providing health & well-being services
How Can You Stop Us Using Your Data?
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time & withdraw that consent.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
In cases where we are processing your personal data on the basis of our contract with you, public task or for a legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have an overriding reason to continue processing your personal data, if this is the case we will advise you of the reason.
Our Privacy Statements
Here are all our Privacy statements, detailing how we collect & use your personal data depending on your relationship with the University of Salford. If you have any questions regarding the statements please get in touch with the person/department listed in the relevant Notice.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under a Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
The GDPR, building on previous data protection legislation, gives people the right to know what information is held about them & requires the University to ensure that personal information relating to living individuals is handled properly, held in confidence & is protected from inappropriate disclosure to third parties.
It provides a comprehensive & modern framework for data protection in the UK. and will give people more control over use of their data, provide new rights to move or delete personal data & impose stronger sanctions for malpractice.
Everyone who collects & manages personal information at the University of Salford must do so in a way that complies with the University's Policy on Data Protection, the 6 principles, and the new Individual Rights under GDPR.
Data Subject Rights
This section details the rights that every individual has in relation to their personal data that the University of Salford holds.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making & profiling.
Your Right of Access to Personal Information
Under Article 15 of the GDPR individuals have a right of access to their own personal data held by the University. A request for all such information is called a Subject Access Request or SAR.
Under the GDPR the individual is entitled to:
A description of the data
The recipients of the data shared
Information about any automated decisions that have been made
A copy of the data on request
All the above must be returned to the requesting individual within one month & at no cost.
If you would like to exercise your right of Access please submit a request using the SAR form.
If you wish to exercise any of your other rights then please email us at: FOI@salford.ac.uk.
More information about data & Information Governance within the University of Salford can be found at http://www.salford.ac.uk/about-us/corporate-information/information-governance.
The University uses various cookies across the website to help navigate the website. The University uses a mix of session, persistent and third-party cookies.
What is a cookie?
Please note that cookies can't harm your computer. We don't store personally identifiable information in cookies we create, but we do use encrypted information gathered from them to help improve your experience of the site. For example, they help us to identify & resolve errors, or to determine the most visited pages.
Types of Cookie
Session Cookies are cookies that expire at the end of a browser session. They allow users to be recognised within the website so that any changes or item or data selection is remembered from page to page. The cookie is then automatically deleted when the user leaves the website.
Persistent Cookies help websites remember user’s information and settings for when a user visits them in the future, thereby speeding up or enhancing a user’s experience of the services or functions offered.
When you visit our websites you may notice some Cookies that aren't related to the University. If you go on to a web page that contains embedded content, for example from YouTube, you may be sent Cookies from these websites. We don't control the setting of these Cookies, so please check the third-party websites for more information about their cookies & how to manage them.
How to manage my cookies
You can use your website browser to:
- Delete all cookies
- Block all cookies
- Allow all cookies
- Block third-party cookies
- Clear all cookies when you close the browser
- Open a 'private browsing' / 'incognito' session (allows you to browse the internet without storing local data)
- Install add-ons and plug-ins to extend browser functionality, for example Google have created a Google Analytics Opt-Out Browser Add-On for Chrome.
Click on your chosen browser below for instructions and guidance on how to manage your cookies via your browser. Please be aware that restricting cookies may impact on the functionality of our site.
If you use another browser, you can visit the browser developer website for guidance and instructions on managing cookies.
How to get in Touch With Us
Advice & guidance on aspects of data protection within the University of Salford is available from the Information Governance Team, they can be contacted email at: email@example.com.
Our postal address is:
Information Governance Officer
Quality and Enhancement Office
Crescent House, Ground Floor,
University of Salford,
If You Have a Complaint
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, please get in touch with the contact listed in the relevant Privacy Notice. If you wish to escalate any issue or complaint further please contact:
Data Protection Officer
Legal and Governance Directorate
Maxwell 6th floor
University of Salford
Additionally, you have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”)
You can contact them by calling 0303 123 1113 or go online to www.ico.org.uk/concerns (opens in a new window; please note we can't be responsible for the content of external websites)
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.