We are committed to protecting the privacy and security of your personal information. This notice describes how we collect and use your personal data submitted to us online, by email, on paper or face-to-face, in accordance with the General Data Protection Regulation (GDPR) and associated data protection legislation.
The University of Oxford is the “data controller" for the information that you provide to us. This means that we decide how to use it and are responsible for looking after it in accordance with the GDPR.
DATA PROTECTION OFFICER
The University’s Data Protection Officer can be contacted at email@example.com.
ACCESS TO YOUR DATA
Access to your personal data within the University will be provided to those staff who need to view it as part of their work.
WHERE WE STORE OR USE YOUR DATA
We may store the data we collect in hard copy or electronically. The data is stored on secure servers and/or in our premises within the UK. We may share your data with third parties or transfer your data outside the EAA under certain circumstances.
RETAINING YOUR DATA
We will only retain your data for as long as we need it to fulfil our purposes, including any relating to legal, accounting, or reporting requirements.
Full details on your rights to access and modify your personal data are available here.
You also have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO). A complaint to the ICO can be made by visiting their website https://ico.org.uk/make-a-complaint/ or by calling their helpline on 0303 123 1113