We use your data for a number of purposes connected with your studies, including, but not limited, to the provision of:
- teaching, academic assessment and supervision;
- welfare and pastoral support including ensuring the health and safety of students, staff and others;
- funding and financial support;
- support services (such as careers, language development and sport);
- research related administration to support our equality responsibilities, quality assurance and planning processes;
- the administration of University procedures including in relation to discipline, complaints, appeals, academic integrity, fitness to practise, fitness to teach, fitness to study, applications for dispensations, extensions and/or suspension;
- supporting the provision of facilities and services e.g. access to IT facilities, libraries, accommodation etc.; and
- understanding the educational and wider student experience and evaluating the University’s projects and activities in relation to admissions, outreach, teaching and learning and the student experience.
We set out below those circumstances where it is necessary for us to use your data. (These circumstances are not mutually exclusive; we may use the same information under more than one heading.)
F1. Because we have a contract with you
We need to process your data in order to meet our obligations or exercise rights under our contract with you. Information processed for this purpose includes, but is not limited to, the data listed in section D. We also need to process your data under this heading where the University is working with a third party in order to offer you services, for example, those offered by the Oxford University Student Union, sponsors (such as research councils) or scholarship benefactors. See section H for further information on the sharing of data with third parties.
F2. Where it is necessary to meet a task in the public interest
As indicated above, we need to process your data for the purpose of teaching and related activities, such as academic assessment and supervision. This may include processing data within the Virtual Learning Environment CANVAS (VLE). Information provided to regulatory bodies, including the General Medical Council and the OIA, is also provided for this purpose. Teaching is a task that we perform in the public interest in order to fulfil our responsibility as a charity for promoting the advancement of learning. Information processed under this heading includes, but is not limited to, the data listed in section D.
F3. Where we need to comply with a legal obligation
Information processed for this purpose includes, but is not limited to, information relating to the monitoring of equal opportunities and information provided to regulatory bodies including the General Medical Council and the OIA. We are also required by law to provide data to the Higher Education Statistics Agency (HESA) which shares information with public authorities that are required to carry out their statutory and/or public functions.
In addition, in circumstances of a pandemic, epidemic or local health emergency we may share limited information about students (e.g. names and addresses living at particular properties and other contact details) with the Colleges, Police, Public Health England, the NHS, Oxfordshire County Council or Oxford City Council where required or necessary for the purposes of reducing the risk of infection or assisting such bodies with enforcement of statutory regulations or other legal requirements connected to preservation of public health, and preventing or deterring activities which breach such regulations or legal requirements.
F4. Where it is necessary to meet our legitimate interests
We need to process your data in order to meet our legitimate interests relating to student administration, alumni relations, business continuity or similar activities; or to meet the legitimate interests of others. Examples include, but are not limited to, the following:
- if you do not object, we share your contact details with the Oxford University Student Union. We do this to facilitate the operation of the student union as a representative body, which in turn helps the University to consult on student matters;
- we share the addresses of students living in private accommodation with Oxford City Council to enable the Council to exempt those students from Council Tax;
- we pass your home address to the University’s colleges to assist with their outreach projects;
- we use email addresses of overseas offer holders to invite them to make use of internationally based student societies to offer pre-arrival support;
- we may use email addresses to contact students to invite them to make use of opportunities related to their studies, and other university-related activities;
- we use your phone and email address for system authentication and access
- we pass your contact details to the University’s Alumni Office and Development Office so that they can contact you about their activities before you leave the University; and
- we use your data held within our student records systems for system testing, training and support purposes, allowing us to provide support to users across the University and to maintain effective upkeep of our records systems.
F5. Where we have your consent
There may be situations where we ask for your consent to process your data e.g. where we ask you to volunteer information about yourself for a survey or where we ask for your permission to share sensitive information.For example, the University’s Astrophoria Foundation Year Scheme aims to increase opportunities for access for students who, historically, have been underrepresented at the University, and, to monitor and improve the scheme, the University collects data (from applicants and students) including information on your racial or ethnic origin, health/disabilities (including any assessments by DAS), previous education, socio-economic background and academic progress at University.
F6. Where it is necessary in order to protect your vital interests or the vital interests of another person
There may be circumstances in which it is necessary for us to process your data to protect an interest which is essential for your life or that of another person or where the processing serves important grounds of public interest and your vital interests for example, humanitarian purposes which may include monitoring epidemics and their spread or in emergencies where there is a risk of serious harm or death to yourself or others.
If you fail to provide personal information under F1 or F3 above
If you fail to provide certain information when requested under the circumstances described in F1 and F3 above, we may not be able to meet our contractual obligations to you or comply with our other legal obligations.
Change of purpose
We will only process your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related reason and that reason is compatible with the original purpose. If we need to use your data for an unrelated purpose, we will seek your consent to use it for that new purpose.
Please note that we may process your data without your knowledge or consent, where this is required or permitted by law.