College website privacy statement
Like most website operators, this website collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. The College’s purpose in collecting non-personally identifying information is to better understand how visitors use this website.
This website also collects potentially personally-identifying information like Internet Protocol (IP) addresses. With the exclusion of staff and individuals with administrative privileges, the College does not use such information to identify its visitors.
Gathering of personally-identifying information
Certain visitors to this website choose to interact with this website in ways that require this website to gather personally-identifying information. The amount and type of information that this website gathers depends on the nature of the interaction.
For example, visitors may sign up to College mailing lists, register for an event or submit personal information as part of an application process.
Visitors can always refuse to supply personally-identifying information, with the understanding that it may prevent them from engaging in certain website-related activities.
The College always aims to minimise the amount of personally-identifying information to only that needed to deliver the services provided through the website and related systems used by us.
Storage of personally-identifying information
In most cases, personally-identifying information is stored on University of Edinburgh servers within the European Union (EU). We use strict procedures and security features to prevent unauthorised access.
We do not sell or rent your personal information to third parties without your consent. We take all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of personally-identifying and potentially personally-identifying information.
In some cases, personally-identifying information is stored with a third-party service. We use selected third-party services to enhance the quality, service and functionality of web services available to visitors.
The College uses Click4Assistance to provide live chat facilities on parts of our websites.
Information about individuals such as personal details, information about interactions with our staff and publicly available information are stored on Click4Assistance servers within the EU for the purposes of managing our interactions and relationships with individuals and organisations that choose to use the live chat facility.
The College uses dotdigital as our bulk email service to send email communications. Recipient lists, including email addresses, are stored on dotdigital servers in the EU for the purposes of email newsletter distribution.
If you would prefer that your data is not shared with dotdigital, you can opt out from further communications at any point by clicking on the unsubscribe link in the footer of emails sent by us via dotdigital.
The College of Arts, Humanities and Social Sciences provides access to a supported licence for the Mentimeter audience response system.
Information about you: how we use it and with whom we share it
The information you provide through the Mentimeter system will be used by the University to facilitate interaction in teaching or other events.
Responses to polls capture only very basic information about you (specifically, your device internet address) within the system because, as a student, it is necessary for the performance of your contract with us.
For staff, there is additional information such as your University email address. We do this because you have consented to use the system in your teaching or other official activity within the University and because the University has a legitimate interest in sharing this basic information with the supplier.
Information about you will be shared with Mentimeter only, and only for the purposes of facilitating this specific service. Mentimeter will not use your information for any other purpose and this is controlled by our privacy agreement and contract with Mentimeter.
We will hold the personal data you provided us in line with the University student information retention schedules.
If you have any questions
The College uses services provided by Microsoft through their Office 365 for Education service to capture data via online forms and other similar mechanisms.
All data are stored on servers in the EU and are encrypted in transit and at rest.
WAMS from Simitive Ltd is the College's online system for academic workload modelling, and is used to securely store and process selected personal and business data for academic staff.
What information is stored on WAMS?
WAMS utilises basic staff information for facilitating workload allocation, such as
- and subject area.
We also process PhD student information solely for supervision time allocation.
We also store basic grade information for the purposes of cost modelling.
No sensitive personal data or special category data is stored on WAMS.
Why does the University store personal data on WAMS?
The data are used solely for the purposes of facilitating academic workload allocation and modelling in a transparent, fair and consistent management tool.
WAMS will assist Heads of College, School and Subject Area and other senior managers to discharge their responsibility to staff in ensuring that workloads are appropriate.
Who has access to the personal data on WAMS?
Staff included in workload models can see and comment on their own personal data in WAMS. This is the primary purpose of the system.
There is also a function for staff to see the workloads of other staff in their department under the general headings mentioned above.
The default position is for this function to be switched off unless the department agrees otherwise.
In generating workload allocations, academic line managers have access to the system and the data, specifically Heads of School and Subject Areas. They have access only to information on staff within their Schools/Subjects.
School WAM co-ordinators have access to the system to support the process, as does the College WAM Lead.
The College BI team have access to College-wide information for the purposes of data upload and reporting.
No third party organisations other than Simitive Limited have access to the personal data in WAMS.
How are the data protected?
The College data is held in the EU and is subject to GDPR protection and legislation. A DPIA has been completed and approved for the use of the system.
The College has also reviewed the Simitive security policies and procedures and has deemed them appropriate for the data which are stored and process on WAMS.
How long is personal data stored on WAMS?
WAMS data are held in accordance with the relevant University data retention schedules for these types of data.