Privacy notice

Academic and Corporate Governance/University Executive Office Privacy Notice

Updated on 14 May 2020

Information concerning the use of personal data relating in the Directorates of Academic and Corporate Governance and University Executive Office

On this page

How we use your information

The Directorate of Academic and Corporate Governance is responsible for the key governance aspects of University activity including servicing major committees; maintaining academic quality; the provision of in- house legal services; institutional issues concerning discipline, complaints and appeals (including hearing individual cases); the provision of an early dispute resolution services; and the development of educational partnerships.

These activities can and do involve the processing of personal information about staff, students and other stakeholders. The processing of personal data normally follows engagement with an aspect of the Directorate’s work.

The Court and Senate Offices process personal information concerning members of University committees, including lay members, further to their participation. This includes processing information to establish registers of interests and to monitor protected characteristics further to the Public Sector Equality Duty.

Legal Services process personal data further to the provision of advice to the University, when supporting legal proceedings or when establishing or defending legal claims.

The management of discipline, complaints or appeals will involve the disclosure and review of personal data concerning the case under consideration. Personal data in these areas is also processed so that anonymised monitoring information can be published by the University.

Early dispute resolution (edr) processes data further to the provision of mediation services for staff and students concerning issues and cases under consideration.

The Educational Partnerships Development Unit process the personal data of staff and business contacts in partner institutions, further to the establishment and management of relationships with other organisations.

The University Executive Office provides strategic leadership and executive support to the University. It includes the offices of the Principal, Vice Principals and University Secretary, the Business Transformation team, Strategic Planning, the Academic and Health Science Partnership (NHS Liaison) and the University Chaplaincy.

Senior officers of the University process personal data further to the duties and responsibilities. Within those areas, they will process special categories of personal data when called upon to make significant decisions on the strategic direction and operation of the University.

Business Transformation is developing and deploying new approaches to the University’s data and implementing new business systems. Their systems will carry personal data when deployed, although stewardship for those systems will normally reside with the relevant area of the University (for example, Finance).

Strategic planning process personal data, normally in aggregate, to inform the University’s decision making and planning processes. During data analysis, personal data will be reviewed and accessed by this specialist team.

NHS Liaison, operating in collaboration with NHS Tayside through the Academic Health Science Partnership in Tayside, processes the personal data of staff, students and external contacts to further the development and management of partnerships and project collaborations.

The University’s Chaplaincy process personal data and special categories of personal data further to the pastoral support services they provide to the University community and the events held by them.

Personal data

Personal data will include identifiers such as name, email address, correspondence address and date of birth. Depending on the process it may include data such as professional or academic references, reports on performance, role or other pecuniary interests, or other aspects of individual circumstances.

This information may be provided by individuals or may be sourced from University systems such as the HR system or the student records system, or maybe provided by agents or representatives on behalf of data subjects.

Sensitive (special categories) of personal data

Special categories of personal data may be processed for planning and management purposes, by the Chaplaincy further to their support services, to demonstrate mitigating circumstances, for equality monitoring purposes, in connection with specific aspects where legal advice is required or further to disciplinary issues, complaints or appeals, on in the provision of mediation services. The special categories of personal data will vary according to individual circumstances.

Data controller

The data controller for personal data used in this Directorate is normally the University of Dundee. Data will be processed using the University’s business systems. The University has contracts with providers for their cloud services to safeguard your data.

Data will also be stored in other key University systems such as the human resources system, the finance system and the student records system. Data in the human resources system and the finance system is stored on the University’s servers. The finance system will move to a cloud-based provider (TechnologyOne) during 2018. The University has contractual controls in place to safeguard data in this system.

Lawful processing

The lawful grounds for processing personal data within Academic and Corporate Governance and the University Executive Office are normally:

  • the data subject has given explicit consent to the processing of those personal data for one or more specified purposes;
  • processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract;
  • processing is necessary for compliance with a legal obligation to which the controller is subject;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

The lawful grounds for processing special categories of personal data within Academic and Corporate Governance and the University Executive Office are normally:

  • the data subject has given explicit consent to the processing of those personal data for one or more specified purposes;
  • processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law;
  • processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a political, philosophical, religious or trade union aim and on condition that the processing relates solely to the members or to former members of the body or to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects;
  • the processing relates to personal data which are manifestly made public by the data subject;
  • processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity;
  • processing is necessary for reasons of substantial public interest;
  • processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1).

Your rights

The University respects your rights and preferences in relation to your data. If you wish to update, access, erase, limit or complain about the use of your information please email dataprotection@dundee.ac.uk. You may also wish to contact the Information Commissioner’s Office.

Enquiries

Data Protection

dataprotection@dundee.ac.uk