Click here to download a copy

Document Administration

Document Title: Privacy Policy

Document Category: Policy

Version Number: 1.1

Status: Approved

Reason for development: Update and review

Scope: This policy applies to staff, students, and relevant data subjects

Author / developer: Head of Quality and Regulatory Compliance/Head of IT

Owner: Registrar and University Secretary

Assessment: (where relevant)

Tick relevant assessmentsTick if not applicable
Equality Assessment (mandatory)X
Information Governance
Academic Governance

Consultation: (where relevant)

Tick if relevant
Staff Trade Unions via HR
Students via Bishop Grosseteste University Students’ Union
Any relevant external statutory bodies

Authorised by (Board): Senate

Date first version authorised: 26 March 2018

Date current version authorised: 28 August 2020

Date current version effective from: 28 August 2020

Review due: August 2023

Document location: University Website

Document dissemination / communications plan:

Emailed to key staff, the Students’ Union, Student Advice, the University website. The policy shall be well publicised and made easily available to students and employees of Bishop Grosseteste University and anyone using our services.

Document control: All printed versions of this document are classified as uncontrolled. A controlled version is available from the University website.

Alternative format: If you require this document in an alternative format, please contact

*Please note, this document remains valid until formally revoked or replaced by the University

1. Introduction and General Terms

Bishop Grosseteste University (hereafter BGU) is committed to protecting your personal information when you are using our services. We want our services to be safe and enjoyable environments and this Privacy and Cookies Policy relates to our use of any personal information we collect from you via the following online services:

• any BGU website that links to this Privacy and Cookies Policy;

• social media or official BGU content on other websites.

It also relates to our use of any personal information you provide to us by phone, SMS, email, in letters and other correspondence and in person.

In order to provide you with the full range of BGU services, we sometimes need to collect information about you.

BGU is committed to safeguarding your personal information. Whenever you provide such information, we are legally obliged to use your information in line with all applicable laws concerning the protection of personal information, including the Data Protection Act 2018 and GDPR (these laws are referred to collectively in this Privacy and Cookies Policy as the "data protection laws").

BGU websites may contain hyperlinks to websites owned and operated by third parties. These third party websites have their own privacy policies, and are also likely to use cookies, and we therefore urge you to review them. They will govern the use of personal information you submit when visiting these websites, which may also be collected by cookies. We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.

2. What information will BGU collect about me?

When you participate in, access or sign up to any of BGU’s services, activities or online content, such as course enquiries, requesting a prospectus and enrolment we may receive personal information about you. This can consist of information such as your name, email address, postal address, telephone or mobile number, gender or date of birth and also information about protected characteristics as defined by the Equality Act. We will always be clear about what information we are collecting and why.

3. How will BGU use the information it collects about me?

We will use your personal information for a number of purposes including the following:

  • to provide our services and to deal with your requests and enquiries;
  • to provide you with the most user-friendly online navigation experience;
  • to contact you about services that may be relevant to your original enquiry;
  • to comply with certain legal and regulatory requirements as part of the services provided to you;
  • to provide references upon request;
  • to assist with health related track and trace services.

4. When will BGU contact me?

BGU may contact you:

  • in relation to any service, activity or online content you have signed up for, in order to ensure that BGU can deliver the services, e.g. to verify your submitted details to ensure we can contact you successfully;
  • in relation to any correspondence we receive from you or any comment or complaint you make about BGU products or services;
  • to invite you to participate in surveys about BGU services (participation is always voluntary);
  • to update you on any changes to the BGU’s policies and practices; and
  • for marketing purposes, as set out in section 5.

We will never contact you to ask for your BGU network account password. Please be cautious if you receive any emails or calls from people asking for this information.

5. Will I be contacted for marketing purposes?

BGU will only send you marketing emails or contact you where you have agreed to this.

We may use information which we hold about you to show you relevant advertising on third party sites. This could involve showing you an advertising message relating to courses that you have shown an interest in. If you don’t want to be shown targeted advertising messages some third party sites allow you to request not to see messages from specific advertisers on that site in future.

6. Will BGU share my personal information with anyone else?

We will keep your information within BGU except where disclosure is required or permitted by law (for example to government bodies and law enforcement agencies, including for child protection reasons) or as described in this section and section 9.

We may share your information with (external) organisations which provide services on our behalf. In such situations, we will have a Data Sharing Agreement in place with the organisation providing the service.

We are required, through certain regulatory compliances to share your data with other organisations such as HESA and OFS.

We may share your information internally or with relevant external partners, for the purposes of protecting public health on or off campus.

We may share your personal information internally (i.e. with other BGU departments), for example, we share some personal data with IT Services to enable creation of network and e-mail accounts upon enrolment.

7. Offensive or inappropriate content on BGU websites

If you post or send content which may reasonably be deemed to be offensive, inappropriate or objectionable anywhere on or to BGU websites, BGU may remove such content.

Where BGU reasonably believes that you are or may be in breach of any applicable laws, for example on hate speech, BGU may disclose your personal information to relevant third parties, including to law enforcement agencies or your internet provider. BGU would only do so in circumstances where such disclosure is permitted under applicable laws, including data protection law.

8. What if I am a user aged under 18?

If you are aged under 18, please get your parent/guardian's permission before you provide any personal information to BGU.

9. How long will BGU keep my information?

  • We'll normally only keep your data for as long as necessary to provide you with the services you're using.
  • Once you graduate your BGU account and data is archived and subsequently removed. You will receive an e-mail when we are ready to perform this.

10. Can I delete my data?

You can make a request to delete your data in writing to the Data Protection Officer, details of which can be found on our website.

Please be aware that the provision of certain BGU services, such as being enrolled with us, are dependent on having the required data available and deleting this data would mean we would no longer be able to provide this service to you.

11. Can I find out what personal information BGU holds about me?

Under the Data Protection Act and GDPR you have the right to request a copy of the personal information BGU holds about you and to have any inaccuracies corrected. (We will charge a nominal fee for information requests and will require you to prove your identity with 2 pieces of approved identification). We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information about you on our files. Please address requests to the Data Protection Officer, details of which can be found on our website.

The approved identification consists of:

  • Passport
  • Driving licence
  • Birth certificate
  • Utility bill (from last 3 months)
  • Current vehicle registration document
  • Bank statement (from last 3 months)
  • Rent book (from last 3 months)

12. Web browser cookies

a) What is a Cookie?

A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer, tablet or mobile phone (all referred to here as a "device") web browser from a website's computer and is stored on your device's hard drive. Each website can send its own cookie to your web browser if your browser's preferences allow it. Many websites do this whenever a user visits their website in order to track online traffic flows. Similar technologies are also often used within emails to understand whether the email has been read or if any links have been clicked. If you continue without changing your settings, we’ll assume that you are happy to receive all cookies on the BGU website. However, you can change your cookie settings at any time.

It is important to note that if you change your settings and block certain cookies, you will not be able to take full advantage of some features of BGU’s services.

On BGU websites, cookies record information about your online preferences and allow us to tailor our websites to your interests.

During the course of any visit to a BGU website, the pages you see, along with a cookie, are downloaded to your device. Many websites do this, because cookies enable website publishers to do useful things like find out whether the device (and probably its user) has visited the website before. This is done on a repeat visit by checking to see, and finding, the cookie left there on the last visit.

b) How does BGU use cookies?

Information supplied by cookies can help us to understand the profile of our visitors and help us to provide you with a better user experience.

c) Third party cookies in embedded content on BGU pages

Please note that during your visits to BGU websites you may notice some cookies that are not related to the services BGU provides.

We sometimes embed content from social media and other third party websites. As a result, when you visit a page containing such content, you may be presented with cookies from these websites and these third party cookies may track your use of the BGU website. BGU does not control the dissemination of these cookies and you should check the relevant third party's website for more information.

Where BGU embeds content from social media and other third party websites, some websites may use Google Analytics to collect data about user behaviour for their own purposes. BGU does not control this. For more information, see the Google webpage “How Google uses data when you use our partners’ sites or apps”.

d) Other information collected from web browsers

Your web browser may also provide BGU with information about your device, such as an IP address and details about the browser that you are using.

13. Do Not Track (DNT) browser setting

DNT is a feature offered by some browsers which, when enabled, sends a signal to websites to request that your browsing is not tracked, such as by third party ad networks, social networks and analytic companies. This website does not currently respond to DNT requests.