Transparency is a key element of data protection legislation and this Privacy Notice is designed to inform you:
- how and why the University uses your personal data,
- what your rights are in relation to the use of your personal data, and,
- how to contact us so that you can exercise those rights.
Data Subject Rights
Data protection legislation gives you the following rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erase
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
For more information about these rights please further information on our website and the Contact Us section at the end of this Privacy Notice.
This privacy notice applies to the point at which an award is made at Graduation. Following this the provisions of the Alumni & Supporter Relations Privacy Notice applies.
Why are we processing your personal data?
It is necessary for the University to process your personal data in order to meet our public tasks (Awarding of Degrees and other academic awards such as honorary awards and, to withdraw, for good cause, such degrees and awards)
- Processing suggestions of someone suitable to receive an Honorary Award from the University
- Establishing the eligibility of the nominator (person making the nomination)
- Communicating any additional information that might be needed to process the nomination
- Verification of the nominee to be a recipient of an Honorary Degree by the University
- Determining information that is already publicly available data about the nominee
- Communication with the nominee to confirm arrangements for graduation ceremonies where the award will be presented
- Working with agents and media for publicity purposes in the period up to graduation ceremonies
- Data that enables the University to monitor in anonymised form the equality characteristics of the cohorts of award holders
Which Personal Data do we Collect and Use?
In order to provide our services we need to collect and use your personal data. Below is a list of what this may include:
* Denotes information which may contain data classified as sensitive personal data/special categories of personal data under the GDPR and as such is subject to a greater level of control and protection.
^ Denotes information which you provide on a voluntary basis or where you are given the option of “prefer not to say” or "information refused".
- Contact details (including contact details for any agent or assistant)
- Information provided by the nominator to support the nomination
- Biographical information to be included in public announcement of the award (see below)
- Photos for publicity purposes
- Nomination form submitted by the nominator
- Due diligence process which is undertaken using resources in the public domain
- Other forms of communication with yourself or your agents
This privacy notice covers the period between the opening of nominations for Honorary Awards and the award presentation. Once an award is conferred the alumni and supporters privacy notice applies.
Who do we share your data with?
You should be aware that in order to provide our services we may need to share your personal or sensitive personal data within the organisation or outside Sheffield Hallam University. The privacy of your personal data is paramount and will not be disclosed unless there is a justified purpose for doing so. The University NEVER sells personal data to third parties.
Your data may be shared with:
- University staff who need the information for administrative duties including the processing of the nomination form and marketing
- Legal Advisors where you have given your consent or in the event of an emergency where the disclosure of personal data is considered in your best interests or pertinent to your safety and well-being. Please see statement to family members.
- Regulators, such as the OfS, where we may be required to share information under regulatory notices or other obligations
- Internal or external auditors where the information is directly pertinent to their specific activities
- Public and media outlets where announcements around the award will include a biography that will be pre-agreed with you ahead of publication
The University takes a robust approach to protecting the information it holds. This includes the installation and use of technical measures including firewalls and intrusion detection and prevention tools on the University network and segregation of different types of device; the use of tools on University computers to detect and remove malicious software and regular assessment of the technical security of University systems. University staff monitor systems and respond to suspicious activity.
Alongside these technical measures there are comprehensive and effective policies and processes in place to ensure that users and administrators of University information are aware of their obligations and responsibilities for the data they have access to. By default, people are only granted access to the information they require to perform their duties. Training is provided to new staff joining the University and existing staff have training and expert advice available if needed.
Nomination forms are retained by the University in alignment with the retention schedule that relates to the business of governance committees.
Please contact the Data Protection Officer if
- you would like to request copies of your personal data held by the University (a subject access request)
- you would like to exercise your other rights (e.g. to have inaccurate data rectified, to restrict or object to processing)
- you have a query about how your data is used by the University
- you would like to report a data security breach (e.g. if you think your personal data has been lost or disclosed inappropriately)
- you would like to complain about how the University has used your personal data
Data Protection Officer
Telephone: 0114 225 5555
Queries can also be directed to the data processing teams:
Further Information and Support
Please see more information about how the University uses personal data.
The Information Commissioner is the regulator for GDPR. The Information Commissioner's Office (ICO) has a website with information and guidance for members of the public.
The Information Commissioner's Office operates a telephone helpline, live chat facility and email enquiry service. You can also report concerns online. For more information please see the Contact Us page of their website.