The University of Southampton
About us

Enquirers privacy policy

The University’s Student Recruitment and International Relations (SRIR) work-stream engages in a broad range of activities that support the start of the student lifecycle. We value your privacy and we recognise the need to process your personal Data in a fair and lawful manner.

Data refers to the personal information that we hold about you from which you can be identified (either alone, or in combination with other information available to the University). A list of the types of Data we collect about people who have indicated a potential interest in studying with the University in the future, but have not yet made a formal application, is set out below.

Processing means doing anything with your Data, such as collecting, recording, or holding the Data, as well as disclosing, destroying, or using the Data in any way.

Until 24 May 2018 we shall process your personal data in accordance with the UK Data Protection Act 1998 (DPA). From 25 May 2018, we shall process your personal data in accordance with the EU General Data Protection Regulations (GDPR), as implemented through the UK Data Protection Act 2018 to supercede the DPA.

We keep this Privacy Notice under regular review and it may be amended from time to time. You can obtain a current version on the University’s website.

1. What we are processing

We may process the following types of Data about you:

(a)Biographical information such as name, title, birth date, age, and gender;
(b) Contact details and/or your parents’ contact details where they are provided to us, including address, email address, and phone number;
(c) Name of current institution of study, year, and level of study;
(d) Academic grades, for example, for GCSEs and A-levels;
(e) Information about proposed or current study including year of entry, level of study, and subjects of interest;
(f) Any identification numbers associated with you, either attributable by the University, or third party sources that share Data with us;
(g) Online identifiers;
(h) Any professional activities;
(i) Current interests and preferences;
(j) Attendance at University-run events to administer these events, including travel plans, dietary, and any health data provided in that context (such as disability and special needs requirements);
(k) Records of all contact we have with you;
(l) Whether you are a young carer;
(m) Any expressions of opinion, or indications of intentions, which the University may formulate about you in assessing your potential applicant status.

2. Where we recieve your data from

We obtain your personal data either directly from you or indirectly from third party sources with whom you have had direct contact, such as UCAS or reputable international agents. We will always look to ensure that the third party has the lawful authority to share this information with us and has collected it from you fairly.

3. Legal basis for processing

We must have a valid lawful basis in order to process your personal data. We will usually only process your Data where we have first obtained your consent to do so, or where the processing is necessary for the University to perform a task in the public interest. Occasionally in alternate, it may be necessary to process your Data either for the protection of your vital interests or to comply with legal obligations that the University is under (such as to protect your health and safety), or because the processing is necessary for pursuing the legitimate interests of the University in relation to tasks it carries out beyond its publicly-entrusted statutory functions (but only where we can ensure that your rights are adequately protected in the circumstances).

We will only process "sensitive personal data", such as about your ethnic origin, political opinions, religious or similar beliefs, trade union membership, health, sex life, criminal proceedings or convictions, where you have given your explicit consent, unless we are legally obliged to do so.

For any processing of Data that is based on your consent, you may withdraw your consent at any time by notifying us by e-mail to:

4. Why we are processing your data

We process your Data for the following purposes.

It helps enable you to:

(a) Attend events and Outreach activities that we hold;
(b) Register for a Southampton event, such as Open Days or Campus Tours;
(c) Order a publication/prospectus from us;
(d) Subscribe to receiving electronic marketing communications, such as online newsletters, of a type most appropriate to your interests;
(e) Enter into prize draws and competitions.

It helps enable us to:

(a) Provide you with a more personalised user experience on our website, software application, or any other electronic services we   might provide, through analysing the electronic behaviour of potential applicants (‘prospects’) with whom we come in contact;
(b) Mail you directly about invitations to events, services that maybe of interest to you, with your consent (when required);
(c) Track details of our communications with you and store your communication preferences, and consents (when required);
(d) Conduct surveys about our Services;
(e) Deal with complaints, grievances, appeals and disciplinary matters;
(f) Undertake automated and manual data analytics exercises to help make strategic decisions;
(g) Produce statistical returns such as for HESA and research and statistical analysis and adhere to statutory or other necessary obligations;
(h) Administer University codes of practice and policies.

5. Processing for limited purposes

We will only process your Data for the specific purpose or purposes that we tell you about, or if specifically permitted by the UK DPA or the Data Protection Act 2018 (depending on which is in force at the relevant time), and will only process your Data to the extent necessary for that specific purpose or purposes.

6. Cookies

Cookies may be used by the University to collect information for the purposes of managing and improving the services on the University Network, establishing your browsing actions and patterns, and preparing customised pages. You can refuse cookies. However, this refusal may have the consequence that you are unable to access certain parts of the University Network. For more information about cookies on our websites please visit the University of Southampton network terms and conditions.

We also collect data relating to the demographics and interests of our users via Google Adword, Google Analytics, and cookies set by Google advertising networks. This data is used in aggregated form to help improve the site and the University’s marketing efforts. Further information and instructions for opting out of visit Google Analytics tracking page.

7. Profiling

We will use some Data that we obtain to evaluate certain personal aspects about you in order to:

(a) Help us understand more about our electronic service users and prospects;
(b) Share data with reputable, specialist marketing agencies so they can help us understand more about our users and prospects, and how they interact with our brand, in a way that can be compared with competing education providers;
(c) Determine which communications messages you receive and their frequency, as appropriate, with your consent (when required).

8. Accurate data

We will keep the Data we store about you accurate and up to date as relevant to the purpose or purposes for which we process it. Data that is inaccurate or out of date will be destroyed. Please notify us if your personal details change or if data we hold about you is inaccurate.

9. Holding data

We create and hold your Data both electronically and on paper. We will only hold your information as long as is necessary as relevant to the purpose or purposes for which we process it.

10. Processing in line with your rights
You have the right to:

(a) Request access to any Data we hold about you;
(b) Prevent the processing of your Data for direct-marketing purposes;
(c) Ask to have inaccurate Data held about you amended;
(d) Prevent processing that is likely to cause unwarranted substantial damage or distress to you or anyone else;
(e) Object to any solely-automated decision that legally, or otherwise significantly, affects you and, if they were to be taken by the University, you would have the right to request us to reconsider any such decisions.

11. Data security

Staff working within the University have a legal duty to keep information about you confidential. There are strict codes of conduct in place to keep your Data safe. Staff abide by the DPA and the University Data Protection Policy, as well as the GDPR and the new Data Protection Act 2018 when they apply from 25 May 2018.

We endeavour to ensure that suitable measures are in place to prevent the unlawful or unauthorised processing of your Data and against the accidental loss of or damage to your Data. This includes:

(a) Storing data on a secure, specially designed, customer relationship management database;
(b) Training all our staff in data protection law and their legal responsibilities;
(c) Collaborating only with reputable companies for Data processing services, who comply with data protection rules and put in place appropriate non-disclosure agreements;
(d) Ensuring that alternative protection is in place if we work with trusted organisations based outside the European Economic Area (EEA) in countries that do not have comparable data protection laws to the UK.

12. Sharing your data

We may share your Data with third parties, including third party service providers (for specified purposes and in accordance with our instructions) and other bodies. For example, occasionally we may need to share your Data with third parties in order to comply with the University’s legal obligations, such as reporting to the Higher Education Funding Council for England (HEFCE), to make returns to the Higher Education Statics Agency, or to respond to lawful requests from other relevant educational providers.

Some data may also be shared with external parties as part of an existing contract, such as where you have employed an agent to act on your behalf.

We require third parties to take appropriate security measures to protect your Data and process it fairly in accordance with the law.
Exceptionally, we may disclose your Data to third parties where required to do so: to protect or defend the University’s rights, interests, or property, or those of third parties; act in urgent circumstances to protect the personal safety of University constituents, or the public; or protect against legal liability.

13. How do I access my data?

If you would like to access your personal Data, please make a request in writing to:
The Data Protection Officer

Legal Services
University of Southampton, Highfield
Southampton, SO171BJ

14. Unwanted communications

We will, from time to time, contact you by email, post, and telephone, with your consent (when required). If at any stage you are concerned about the content of these communications e.g. unwanted marketing information or wish to change how we communicate with you please contact us at: to unsubscribe. All electronic communication will be offered with an opt-out opportunity where required by EU and UK electronic privacy rules.

15. Further information

We also have additional policies and guidelines for students concerning particular activities. If you would like further information please also visit the University’s Publication Scheme.

If you are unhappy with the way that we have handled your information you can contact us at:

Address: Student and Academic Administration, University of Southampton, B37/3107, Highfield Campus, Southampton SO17 1BJ UK.
Telephone:  +44(0)23 8059 5000

Alternatively, you can contact the UK Information Commissioner’s Office.

The University of Southampton is the data controller and our registration number with the Information Commissioner’s Office is Z6801020.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.