Your privacy and trust are important to us and this Privacy Notice provides essential information about how AMAP, as part of the University of Sunderland handles your personal information.
This notice is regularly reviewed and sometimes updated.
It is important that you check back often for updates to this notice.
Updates may be made at any time and you will always find the most up to date version here.
If we make significant changes we will contact you to inform you of this.
AMAP can be contacted using the following options:
Tel: +44 (0) 191 515 3888
Institute for Automotive & Manufacturing Advanced Practice
University of Sunderland
The Industry Centre
Sunderland Enterprise Park West
Tyne & Wear
What is personal data/personal information?
In simple terms, personal data is information which identifies and relates to you, either on its own or in conjunction with other information held by the University.
Sensitive personal data (or special categories of personal data, as it will be known under new EU legislation coming into force on 25 May 2018) is personal data which falls within one of these categories:
• personal data revealing racial or ethnic origin, political opinions
• religious or philosophical beliefs trade union membership genetic data, biometric data for the purpose of uniquely identifying a natural person,
• data concerning health data concerning a natural person’s sex life or sexual orientation shall be prohibited data relating to criminal convictions/criminal proceedings (this definition will change slightly under GDPR)
The types of personal information we collect
We collect identifiable information about you in order to create and maintain adequate records in relation to the various interactions you may have with AMAP. Whenever you provide personal data there should be a privacy notice, like this one, which tells you what the information will be used for. If we are ever collecting sensitive personal data, as defined above, additional safeguards will be in place around how we can use that data.
How we use personal information
AMAP uses your personal data for a variety of reasons. These include:
• Responding to enquiries
• Managing all aspects of education/research/knowledge exchange/consultancy services and facilities.
• Financial reasons, i.e. payments made to/by the University on our behalf
• Sending you information relating to special events, deals etc.
• Managing events. Information relating to guests/visitors including food requirements/allergies, medical conditions etc. may be retained.
The legal basis for this processing of your data is:
- Consent – mailing lists
- Contract management
As we are using your consent as the basis for our processing of your data, then you should be aware that you can withdraw your consent at any time.
If you do not provide and/or consent to our use of your personal data, then we will be unable to provide the services associated with the use of your data.
Our Legitimate Interests
These are those which allow us to deliver and manage all aspects of education, research, knowledge exchange and consultancy as appropriate to a university.
AMAP may wish to send you marketing information, regarding related services, special offers, etc.
We will only send these to you if you have previously provided us with your details, or if you have indicated that you consent to receiving such correspondence. You have the opportunity to unsubscribe at any time. An unsubscribe option will be available in every electronic communication. Alternatively you can write to:
AMAP via firstname.lastname@example.org
Where we store and process personal information
Electronic personal data is held on the University’s secure servers. Hard copy data will be stored securely to prevent unauthorised disclosure.
How we secure personal information
The University has robust Information Security policies in place to protect all the data it holds, including your personal data. You can read more about these policies and technical standards on the University website
On a day-to-day basis staff access to members’ personal data is restricted on a ‘need to know’ basis.
The University’s data protection policies and procedures make clear that all staff have a responsibility to ensure that they handle personal data appropriately and that suitable organisational security measures are in place.
Who we share data with
The University does not share your personal data with third parties. The only circumstances in which we may share your personal data are if:
• The University has engaged a third party to act on its behalf.
• We are legally required to do so.
• It is an emergency situation, e.g. regarding health/wellbeing
• It is otherwise lawful and legitimate for us to do so, e.g. in relation to requests from the Police.
How long will we keep your data
The identified retention period for your data covered by this privacy notice is 3 years. After which it will be reviewed, and if the purpose for which it is being processed is still valid, the retention period may be extended.
If however your data has served its purpose then it will be securely destroyed, sometimes data will be stored for longer periods e.g. for archiving purposes in the public interest, scientific or historical research purposes.
Your rights under the General Data Protection Regulations
You have a number of rights under the Act. These include the right to:
• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling.
For more information on your rights please see:
Right to access personal data
You have a right to request a copy of the information the University holds about you; this is known as a ’Subject Access Request’ (SAR). For more information see the University’s Data Protection web pages:
or contact: email@example.com
Right to complain
You have the right to make a complaint about how we are handling your data. In the first instance you may wish to let us know directly (firstname.lastname@example.org) to allow us to address your issue, or if there is still a concern contact the university’s central team via Legal and Governance via: email@example.com
If however you wish to do so, you can make a complaint about our handling of your data with the information commissioner’s office (https://www.gov.uk/data-protection/make-a-complaint)
Keeping your information up to date
You can update your details at any time by contacting:
Status of this Privacy Notice
This privacy notice is subject to change. Data protection legislation is changing in May 2018 when the new EU General Data Protection Regulation comes into force. You can find out more about the legislation on the ICO website https://ico.org.uk/
The University will advise you of any significant changes you need to be aware of, in relation to this privacy notice.
This Privacy Notice was last reviewed on 1st April 2018.