Data Protection

Subject Access Requests must be made to the Data Protection Officer in writing. You are invited to use our standard form for this purpose, but you do not have to; an ordinary letter will do.

Please note the following:

• Normally, you may make the request only about personal data held by the University of Wales that is about you . If you need to make a request about someone else’s data, you must provide their written, signed consent. 
   
• The University will require you to establish your identity. There is no fixed way of doing this but you may be asked to provide some corroborating personal information or some further documentation such as a passport. 
   
• Information will not be released over the telephone. 
   
• The Act allows for the information to be withheld in certain circumstances. Where the University decides to withhold information, you will be informed in writing as to why this has happened. You may query that decision by contacting the University’s Data Protection Officer at the address given below. 
   
• The Act allows for a fee to be charged for fulfilling a Subject Access Request and the University’s fee for this service is £10. A personal cheque made out to The University of Wales should be sent with any request.

The Data Protection Officer 
The University of Wales 
University Registry 
King Edward VII Avenue 
CARDIFF 
CF10 3NS

This is a privacy statement disclosing our information gathering, use and dissemination practices for the University of Wales website. Our homepage is at www.wales.ac.uk. If you have any queries about this statement, you may contact us at:

Webmaster, The Registry, King Edward VII Avenue, Cathays Park, Cardiff, CF10 3NS 
or webmaster@wales.ac.uk

DATA COLLECTION 

Personal data 

All personal data is collected and stored in line with the Data Protection Act 1998.

We collect the following data:

• Click stream data (the type of computer and browsing software you use, the address of the website from which you linked, etc)
• HTTP protocol elements (your server address and top level domain name (eg .com, .gov etc), date and time of visit, etc)
• Search terms

This data will be used for the following purposes:

• Completion and support of the current activity.
• Website and system administration.
• Research and development.

This data is collected from all web users. Web access logs are used for statistical purposes only (eg to measure the use/performance of the site) except in the event of a security breach when they could be used for the purpose of tracing the breach. No information gathered from web logs is given or sold to any third party.

Any personal information that you provide to us will only be used for the purpose stated at the time we request it. This information will not be disclosed to a third party except where authorised by you or as otherwise permitted by the Data Protection Act.

Cookies

Cookies are a technology which can be used to provide you with tailored information from a website; they can facilitate communication and interaction with the site. You may stop or restrict the placement of cookies on your computer by adjusting your web browser preferences, but this may interfere with some of the functionality of the site.

At the user’s option, we will collect the following data:

• HTTP cookies

Cookies will be used for the following purposes:

• Research and development.
• User targeting.

This data will be used by ourselves and our agents. Cookies are used to track visitors to our site.

E-mail and online forms

We collect the following information:

• Physical contact information
• Online contact information
• Demographic data
• Preference data

This data will be used for the following purposes:

• Completion and support of the current activity.
• Contacting visitors for marketing of services or products.

In all cases, we will only use this information for the stated purpose for which it was provided. A number of online forms are provided on this site. The pages containing these forms should include a statement on how data submitted to them will be processed.

The data is collected so that we can send you news and other information which is relevant to your needs and interests.

Opting out

If you have any concerns regarding the data that we hold about you, please contact us at the address above.

STUDENT INFORMATION RECEIVED

Prior to their registration, the University may receive and process information from some students concerning the process of matriculation in the University. This is a process where students are required to demonstrate certain prior qualifications.

The University receives and processes personal information about students following schemes of study leading to one or more of its awards from the Institution at which the student is studying. This information is collected for registration and examination purposes and normally comprises an electronic transfer of data. The University relies on its Institutions to establish the accuracy of the information but processes are in place to correct inaccuracies when they are identified.

The University also receives and processes information directly from students and from persons requested by them to provide information in some circumstances. For instance, a student may request a medical report be sent in support of an appeal.

Information may be provided by members of staff of an Institution concerning examination or assessment or in relation to a student’s own request for special variations where permitted by University Regulations or Standing Orders. Other information may be passed to the University in the case of appeals or requests for aegrotat award or similar standard processes.

STUDENT INFORMATION DISCLOSURES

The University will disclose to a student’s Institution any information necessary for normal administration arising from their being registered for an award of the University.

The University normally places details of the qualifications obtained by students in pursuit of its awards into the public domain. This means that the University will, on request and without further reference to the student concerned, provide information stating whether or not a particular student has obtained a specific award from the University.

Persons wishing to request that their qualifications be withheld from disclosure in these circumstances should contact the University’s Data Protection Officer by writing to

The Data Protection Officer  
The University of Wales 
University Registry 
King Edward VII Avenue 
CARDIFF CF10 3NS

Telephone: (029) 2037 6999 
Fax: (029) 2037 6980 
Email: compliance@wales.ac.uk  

The University may also disclose personal information when it considers it to be in the best interests of the person concerned, or to a third-party where life and death issues are involved, and at other times as permitted by the Data Protection Act 1998.

The Unversity may also refuse to disclose personal information where the Act provides for an exemption to the requirement to make a disclosure but may exercise its discretion in these matters.

TRANSFERS OF PERSONAL DATA OVERSEAS

The transfer of data beyond the territories of the European Economic Area takes place between the University and its collaborative centres. The transfer takes place in performance of a contract between the University and the Institution concerned. Registration for a scheme of study leading to an award of the University requires that a student consent to such transfers taking place.