Privacy Policy

CEMET Privacy Notice

The Centre of Excellence in Mobile and Emerging Technologies (CEMET) at the University of South Wales is the data controller with regard to this personal information, and it is committed to protecting the rights of individuals in line with the Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR). The University of South Wales has a Data Protection Officer who can be contacted through dataprotection@southwales.ac.uk.

What information do we collect?

CEMET collects the following information:

Name

Contact details

Demographic information

The following ‘Special Category’ personal information may be collected on business owners:

Information around any disability

Information around ethnicity

Why we collect this information?

CEMET collects personal data to satisfy a number of requirements:

Programme administration (public interest).

To fulfill the reporting requirements of the European Commission for European Social Fund projects (public interest/substantial public interest).

To monitor and report on the number of people taking part in programme and the number of people from different groups being supported (e.g. different ages, genders and ethnicity)(public interest/substantial public interest).

To provide further information in relation to events and news (with consent).

For audit purposes (public interest).

With your consent, when you register for the CEMET mailing list we will use your information to communicate relevant events and news that may be of interest to you.

What is our legal basis for processing?

In processing personal data, CEMET relies upon the following legal basis as appropriate:

Who are the recipients or categories of recipients?

Where necessary personal information will be shared internally within the faculties and departments across the University. Such sharing will be subject to confidentiality protocols and access restrictions.

This section outlines the major organisations to which we may disclose data:

The Welsh Government and other public bodies, to carry out the funding, planning, monitoring and inspection of learning, and to produce statistical publications.

Approved social research organisations, to carry out research, analysis or equal opportunities monitoring.

To link your records data from this form to other data sources for the purpose of evaluating the impact the project has had on the people who took part.

Research organisations will only contact a sample of individuals. If you are contacted to take part in any research/evaluation about your experience on the programme the purpose of the interview or survey will be explained to you and you will be given the option to say yes or no. Your contact details will only be used for approved research purposes and in accordance with the Data Protection Act. The research organisations will delete your contact details once research is complete.

The University may also use third party companies as data processors to carry out certain administrative functions on behalf of the University. If so, a written contract will be put in place to ensure that any personal data disclosed will be held in accordance with the data protection laws.

Transfers to third countries and the safeguards in place

Personal data, where possible will be processed within the European Economic Area. However, in certain circumstances there may be a necessity to transfer your data outside the EU.

In certain circumstances, the University may use the services of a third party to process data on its behalf. Any organisation processing personal data on our behalf will be bound by obligations to process personal data in accordance with data protection legislation.

Where a processor is based in the US, data may be transferred to them if they are part of the Privacy Shield framework and are thus compliant with data protection requirements.

Retention of data

All data held about USW activities and all personal data will be stored securely and appropriately in line with European funding obligations.

Security of data

Data Protection legislation requires us to keep your information secure. This means that your confidentiality will be respected, and all appropriate measures will be taken to prevent unauthorised access and disclosure. Only members of staff who need access to relevant parts or all of your information will be authorised to do so. Information about you in electronic form will be subject to password and other security restrictions, while paper files will be stored in secure areas with controlled access.

Some processing may be undertaken on the University’s behalf by an organisation contracted for that purpose. Organisations processing personal data on the University’s behalf will be bound by an obligation to process personal data in accordance with Data Protection legislation.

Your rights

Where the University is relying on consent to process personal data, individuals have the right to withdraw their consent and can do so by contacting: CEMET@SouthWales.ac.uk

You have a right to access your personal information, to object to the processing of your personal information, to rectify, to erase, to restrict and to port your personal information.

Please visit the University Data Protection webpages for further information in relation to your rights.

Any requests or objections should be made in writing to the University Data Protection Officer:-

University Secretary’s Office,

University of South Wales,

Pontypridd,

CF37 1DL,

Email: dataprotection@southwales.ac.uk

If you are unhappy with the way in which your personal data has been processed you may in the first instance contact the University Data Protection Officer using the contact details above.

If you remain dissatisfied then you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at:

Information Commissioner’s Office,

Wycliffe House,

Water Lane,

Wilmslow,

Cheshire,

SK9 5AF

www.ico.org.uk