Our privacy statement explains what types of personal information will be gathered when you visit our website(s) or use our digital services, and how this information will be used.
In this statement (the 'privacy statement'), 'NTU' and 'us', 'our' and 'we' means Nottingham Trent University.
This privacy statement sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. NTU is committed to protecting your privacy and developing technology that protects your personal information and also gives you a safe online experience. The website is operated by NTU.
If you are an applicant, current student, Alumni or member of staff at NTU, processing of your personal information will be governed by one of our privacy notices - admissions privacy notice, student privacy notice, Alumni, supporters and friends privacy notice, Student Accommodation privacy notice or employee privacy notice for staff.
if you are not an applicant, current student, member of Alumni or staff member, the processing your personal information will be governed by this privacy statement.
For the purpose of the Data Protection Legislation the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”) and the Data Protection Act 2018) we are the data controller. Nottingham Trent University is a higher education corporation, granted by Parliamentary Order under s124A(3) and (4) of the Education Reform Act 1988, with its principal place of business at 50 Shakespeare Street, Nottingham, NG1 4FQ
NTU can be contacted by:
Post: 50 Shakespeare Street, Nottingham, NG1 4FQ
Telephone: +44 (0)115 941 8418
Our nominated data protection officer assigned as the responsible person/compliance officer for this privacy statement and any related procedures or guidelines is:
Tracy Landon, Legal Services Manager and Data Protection Officer.
NTU encourages you to review the privacy statements of any websites you choose to navigate to from our website (or navigate from to our website) or digital services that we provide links to so that you can understand how those websites collect, use and share your information as well.
Any third party sites that you can access through the website are not covered by this privacy statement and we accept no responsibility or liability for these sites.
What information does NTU collect?
Information you give us
We collect information that you provide to us in the following ways:
- Thorough our digital services, which are the NTU website at www.ntu.ac.uk and any other NTU-authorised internet services, websites, products, social media, mobile phone apps and/or software applications that enable you to use, access, view, listen to and/or download NTU content or to interact with us online (or through any other digital means) on any device. We collect information that you provide to us by filling out forms on the website or by corresponding with us through the digital services. It includes information that you provide when you participate in discussion boards or other social media functions within the digital services, enter a competition, promotion or survey, and when you report a problem with the digital services.
- At events, for example lectures, student recruitment fairs/exhibitions, seminars, workshops, celebrations, trade fairs, placement fairs and shows.
- Any email correspondence you have with NTU.
- Any telephone calls you have with NTU.
- Any engagement you have with our corporate clients, partners, funders and business clients.
The information you give us may include: your name;your address;your email address; your phone number;your date of birth;your gender; your nationality, your job title, and your employer.
Automated collection of personal information
Information collected through cookies and session recordings is stored and used for aggregated and statistical reporting with the purpose of improving our services.
Information collected will include your IP address, browser type, and information relating to the page(s) you visited such as mouse events, key presses and text typed on web forms.
Information collected from third parties
We work with third parties, including:
- advertising networks
- business partners
- analytics providers
- credit reference agencies
- sub-contractors in technical, payment and delivery services
Sometimes we obtain personal data from these third parties. These third parties should explain to you in what circumstances your information will be shared with us.
We will notify you when we receive information about you from third parties, and explain the purposes for which we intend to use that information.
How we use your information
We will only process your personal information in accordance with this privacy statement and data protection legislation:
- Where you have freely given your consent for your information to be used for particular purposes.
For example, to provide advertising and marketing information to you, or to allow our partners and third parties to provide information of interest to you.
- If you are under the age of 16, we will obtain consent from your parent or guardian before processing your personal information.
- When it is necessary to perform a contract with you, including the operation and delivery of any services you have requested.
- When it is necessary to perform tasks carried out in the public interest, and to pursue legitimate interests - this includes use of your personal information to improve the services we offer as a higher education corporation. Such activities include:
- Progressive profiling: we may use your data to provide you with personalised communication.
- Analyse web behaviour: we may use your data to analyse marketing activities, understand audiences and personalise content.
- Targeting advertising: we collect data automatically to tailor advertising, e.g. retargeting users who visit our website(s)
- Internal data matching: we may merge data we collect to identify users and map them to our CRM platforms for the purposes of personalising content, analysing behaviour and improving marketing activities.
- External data matching: we may match customer lists with online platforms (e.g. through applications such as Facebook Custom Audiences and Google Customer Match) to target and tailor advertising, understand audiences and analyse marketing activities.
Where we wish to use your personal information for a different purpose, we will notify you and, where appropriate, seek your consent to that activity.
Who we share information with
We may share personal information with our trusted partners and third parties who provide services including:
- statistical analysis
- correspondence (emails, text messages, postal services)
- marketing activities
All third parties are prohibited from using your personal information except when providing these services to NTU, are required to keep your information confidential, and must handle your information in accordance with the Data Protection Legislation.
Marketing and advertising partners
We may share information with third parties for marketing and advertising purposes. This may include activating Google Analytics Advertising Features, and creating customer audiences via Facebook, Twitter, Snapchat and Google.
We use the following Google Analytics features:
- Create Remarketing Audiences - based on specific behaviour, demographic and interest data
- Create Segments - based on demographic and interest data
We may disclose your personal information if required by law. For example, to comply with a court order, or to enforce our terms and conditions (including our website disclaimer) and other agreements, or to protect your safety and security, including if you use our digital services. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
How we keep information secure
We take every step to protect your personal information which we hold:
- Your personal information is only accessible by NTU staff who need to process and manage that data.
- The collection, storage and processing of your personal information will be adequate and relevant for the purposes required. It will not be excessive or go further than is necessary for the purposes.
- All information you provide to us is stored on secure servers. However, it must be acknowledge by you that no system can be guaranteed to be 100% secure.
- We cannot guarantee the security of your personal information transmitted to/through our digital services. Any transmission is at your own risk.
- We do not disclose special categories of personal information such as race, religion or political affiliations without your specific consent, unless we need to do so for legal purposes. You will be notified if this is the case.
You are responsible for keeping passwords confidential. We ask that you do not share your password with anyone, and that you make sure personal information is not stored on shared computers or connected networks.
Where we store personal information
Your personal information may be transferred by us or our trusted partners out of the European Economic Area (the “EEA”). Our partners process data for analysis or marketing purposes, including a marketing automation hub where the email address of recipients will be logged and a record of email delivery, opening, click-throughs and bounce-backs will be kept. Our partner uses Microsoft’s Windows Azure data centres located primarily in the UK, Dublin (Republic of Ireland) and Amsterdam (The Netherlands), but may also store data in the Virginia (USA) and New South Wales (Australia). The data is encrypted both at rest and in transit whilst stored or processed within the partners system.
Your personal information may be shared with record matching and customer targeting partners, including Google, Facebook, Snapchat and LinkedIn. Some of these partners process personal data in Canada and the United States of America.
NTU ensures that your personal information transferred to countries outside of the EEA is adequately protection by transferring the personal information on terms of the standard data protection clauses adopted by the European Commission.
How long we store information for
We will not store your personal information for longer than is necessary. NTU will ensure that our trusted partners and selected third parties with whom we share your personal information in accordance with this privacy statement will delete your personal information when they no longer require it.
How to access your information
Under the Data Processing Legislation:
- You have the right to request us to stop processing your personal information in accordance with this privacy statement at any time.
- You have the right to ask us not to process your personal information for marketing purposes (including profiling). We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data or by logging into the website and updating your profile. You can also contact us using the details set out in this privacy statement.
- If you become aware of any inaccuracies in your personal information that we process on your behalf, or such personal information is incomplete, you have a right to request that such inaccuracies be rectified. On receiving your request we will either action such request or explain why we have decided not to action such request.
- If it is no longer necessary for us to retain your personal information (e.g. you no longer require access to any services or applications on our website), or if you have withdrawn consent for our processing of your personal information, or where it is established that we did not have the right to process your personal information, in accordance with the GDPR, you may have your personal information erased.
- You may also have a right under the GDPR to object to us processing your personal information or to request a restriction on the ways in which we may process your personal information in certain circumstances.
- You have the right under the GDPR to request that we provide to you, or to another data controller on your behalf, a copy of any of your personal information which we have received from you so that may reuse such personal information for your own purposes across different services.
- You have the right to complain to the Information Commissioner (http://www.ico.gov.uk/) if you have any concerns in respect of the handling of your personal information by NTU.
- You have also the right to access information held about you. Your right of access can be exercised in accordance with the Data Protection Legislation. You can submit a data access request at any time by contacting us using the details set out in this privacy statement.
If you would like to exercise any of the above rights, please contact us using the details set out in this privacy statement.
Conditions of use
This privacy statement, its subject matter and its formation (including any non-contractual disputes or claims) is governed by the laws of England and Wales, where NTU was established, and is designed to be accessed and is deemed to be made in England. You consent to the exclusive jurisdiction of the English courts in all disputes arising out of or relating to the use of any of our services (including the Digital Services) and this privacy statement.
This privacy statement may be updated and amended from time to time, and for this reason you should re-read this privacy statement when you revisit any of our services (including the digital services). If any material changes are made to this privacy statement, we will notify you by placing a prominent notice on our website.
In relation to NTU’s use of CCTV, please refer to our Code of Practice on the Operation of CCTV.