NCELP Mailing Lists – Privacy Notice
This Privacy Notice sets out how the National Centre for Excellence for Language Pedagogy (NCELP) at the University of York, uses and protects the information that you give us when you register for the NCELP newsletter or sign up to specific email updates about our activities.
For details of how the University uses personal information in other ways, please see the other University Privacy Notices.
For the purposes of this privacy notice, University of York is the Data Controller as defined in the General Data Protection Regulation. We are registered with the Information Commissioner’s Office. Our registration number is: Z4855807.
What data do we have?
We process the following categories of personal data:
- Identity Data such as your first name, last name, title, organisation that you work for
- Contact Data such as your e-mail address, address and telephone number
We also collect, use and share Aggregated Data such as statistical data for business purposes. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identify.
How do we use your data?
Under the General Data Protection Regulation (GDPR), the University has to identify a legal basis for processing personal data.
To register you for our newsletter or email updates about specific services and events that may be of interest to you, we will seek your consent to retain your contact details for that purpose. Your consent must be informed, explicit, and freely given – there will be no ‘pre-ticked’ boxes and you must expressly opt-in. You have the right to withdraw your consent at any time.
Who do we share your data with?
Your information will only be accessible to employees and agents of the University, or third parties that process data on behalf of the University (e.g. web mail providers). We may share Aggregated Data with the DfE, our funders – however this is purely for statistical purposes and will not be done in a manner which could identify you.
How do we keep your data secure?
The University takes information security seriously and has implemented appropriate technical and organisational measures to protect personal data and special category data. Access to information is restricted on a need-to-know basis and security arrangements are regularly reviewed to ensure their continued suitability. For further information see IT Services’ Security webpage.
Transfer of data internationally
In certain circumstances it is necessary to transfer your Personal Data (including Special Category Data) outside the European Economic Area. In respect of such transfers the University will comply with our obligations under Data Protection Law and ensure an adequate level of protection for all transferred data.
How long will we keep your data?
The University will keep your data as long as you still wish to receive the mailings that you have signed up for. If you choose to unsubscribe, your data will be deleted.
What rights do you have in relation to your data?
Under the General Data Protection Regulation (GDPR), you have a right of access to your data, a right to rectification, erasure (in certain circumstances), restriction, objection or portability (in certain circumstances). You also have a right to withdraw consent (where this applies).
If you want to exercise these rights, then you can do so by contacting us at email@example.com.
Questions or concerns
If you have any questions about this privacy notice or concerns about how your data is being processed, please contact the NCELP Administrators at firstname.lastname@example.org.
If you have further questions, the University’s Data Protection Officer can be contacted at email@example.com.
Right to complain
If you are unhappy with the way in which the University has handled your personal data, we ask you to contact us in the first instance, so that we can try to put things right. If you are unhappy with our response, you have a right to complain to the Information Commissioner’s Office (ICO). For information on reporting a concern to the ICO, see the ICO website.