From 25 May 2018 the General Data Protection Regulation (GDPR) will replace the Data Protection Act and govern the way that organisations use personal data. Personal data is information relating to an identifiable living individual. GDPR gives you a right to be informed about how your personal data will be used. This Privacy Notice is one of the ways that we explain how we use your information.
Why are we processing your personal data?
The University undertakes research as part of its function for the community under its legal status. Data Protection laws allow us to use personal data for research with appropriate safeguards in place under the legal basis of public tasks that are in the public interest.
We will always tell you about the information we wish to collect from you and how we will use it. We will seek your consent for the collection and use of your data in specific research projects. For children, young people and other vulnerable groups the research ethics committee will agree an appropriate consent procedure to ensure participant rights are protected. Full details will be given to you in an information sheet.
Research in the University is governed by policies and procedures and all research undergoes ethical scrutiny to ensure that it is conducted in such a way as to protect your interests and is of a high standard. For more information please see the Research Ethics pages.
Where the University processes sensitive personal data/special categories of personal data, we do so because the processing is necessary for scientific or historical research purposes (Article 9(j)) of the GDPR.
Collecting and using personal data
All research projects are different and the information we collect will vary. However, researchers will only collect information that is essential for the purpose of the research.
Who do we share your data with?
To communicate our research to the public and the academic community your anonymised data is likely to form part of a research publication or conference presentation or public talk. Where researchers wish to use any information that would identify you, specific consent will be sought.
The privacy of your personal data is paramount and will not be disclosed unless there is a justified purpose for doing so. The University never sells personal data to third parties.
Storage and security
The University takes a robust approach to protecting the information it holds with dedicated storage areas for research data with controlled access. If you are participating in a particularly sensitive project the University puts into place additional layers of security.
Your information will not be kept for longer than is necessary and is usually kept in an anonymised format.
You should contact the Data Protection Officer (DPO@shu.ac.uk) if
- you have a query about how your data is used by the University
- you would like to report a data security breach (eg if you think your personal data has been lost or disclosed inappropriately)
- you would like to complain about how the University has used your personal data
You should contact the Head of Research Ethics, Professor Ann Macaskill (email@example.com), if
- you have concerns with how the research was undertaken or how you were treated
Our postal address is Sheffield Hallam University, Howard Street, Sheffield S1 1WB
Our telephone number is 0114 225 5555
You also have the right to raise concerns with the Information Commissioner. The Information Commissioner's Office (ICO) has a website with information and guidance for members of the public. The ICO operates a telephone helpline (0303 123 1113), live chat facility and email enquiry service.