Skip to main content Skip to navigation

Leadership and Management Development

Warwick-Connectr Privacy Policy

Who We Are We are

The University of Warwick (UoW) and we are the company responsible for the collection, use and disclosure of your personal information in connection with Connectr. The data controller entity for this platform is The University of Warwick (UoW). The processor for this Platform is MyKindaCrowd, trading as Connectr. As part of the Warwick Mentoring Connectr, employees will be required to disclose personal information on this platform – Connectr. We therefore wish to make you aware of your privacy rights.

About this Notice

We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal data, your rights in relation to your personal data and on how to contact us and supervisory authorities in the event that you have a query or complaint.

The University of Warwick (“UoW”) is committed to protecting the privacy and security of personal data. The purpose of this notice is to promote transparency in the use of personal data, and to outline how UoW collects and uses personal data during and after your working or visiting relationship with us, in accordance with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018 (“DPA 2018”).

The UoW collects, uses and is responsible for certain personal data about you. This is known as “processing”. When we do so we are regulated under the UK GDPR and DPA 2018 which applies across the UK and we are responsible as ‘data controller’ of that personal data for the purposes of those laws.

The purpose of this notice is to explain how the University of Warwick (“UoW”) will collect and use (process) your personal data, what rights you have in relation to that data and to provide transparency about the data collected about you.

The UoW is the data controller under the UK GDPR and DPA 2018 and we will process your personal data in accordance with the UK GDPR and DPA 2018 at all times. You, as a ‘data subject’, therefore have specific rights to the data that we hold, collect and process.

Throughout this notice, “University”, “we”, “our”, and “us” refer to the University of Warwick; “you” and “your” refer to employees, (current and former), workers (including agency).

If you would like this notice in another format (for example: audio, large print, braille), please contact us (see ‘How to contact us’ above).

The personal data we collect and use

The following are examples of personal data which may be collected, stored and used:

▪ Personal contact details such as name, date of birth, title, addresses, telephone numbers, and personal email addresses

▪ Employment records (including job titles, work history, working hours, training records and professional memberships)

We may also collect, store and use the following types of special category personal data:

▪ Information about your race or ethnicity, religious beliefs for equality, diversity and inclusion monitoring and institutional reporting

▪ Information about your health, including any medical condition, health and sickness records, and disability information.

How the University of Warwick obtains your personal data

Personal data of employees is collected through the Connectr application, directly from you.

Lawful bases for processing your personal data under the UK GDPR and DPA 2018

Personal data will only be processed when the law permits this to happen. Most commonly personal data will be processed in the following circumstances:

▪ Where you have given us your consent.

▪ Where UoW needs to comply with a legal obligation

▪ Where it is necessary for UoW’s legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Our interests are the effective and efficient operation of the University.

▪ To protect the vital interests of you or of another person

▪ In order to perform a task carried out in the public interest

Special category data

We may only process special category personal data in the following circumstances where, in addition to one of the above a lawful bases for processing, there exists one of the following grounds:

▪ Explicit consent – where you have given us explicit consent.

UoW will only use personal data for the purposes for which it was collected unless it is considered reasonably that it is needed for another purpose and the reason is compatible with the original purpose. If the University needs to use your personal data for an unrelated purpose, it will notify you and will explain the legal basis that permits it to do so. The University may process your personal data without your knowledge or consent, where this is permitted by law.

Data Sharing

UoW may share your personal data with third parties where required by law, where it is necessary to administer the working relationship with you or where there is another legitimate interest in so doing including, but not limited to, for joint appointments with other external organisations. Third parties with whom we may share your data include:

- MyKindaCrowd, trading as Connectr.

Transfers of data outside of the UK

If we have to transfer any of your personal data outside the UK we will let you know if the receiving country or organisation is deemed to have adequate data protection provision. Where a country or organisation does not have adequate protections we will put safeguards in place. Details of these safeguards can be provided to you upon request to Legal and Compliance Services.

Retention of your personal data

The UK GDPR and DPA 2018 require that personal data should be kept for no longer than is necessary for the purposes for which the personal data are processed (except in certain specific and limited instances).

The University’s Record Retention Schedule (RRS) is a tool that enables the University to transparently demonstrate how the organisation complies with its data protection obligations by making provision for the time periods for which common classes of record are retained by UoW.

Full details of the retention periods of records can be found by viewing the records management page and selecting the University’s Record Retention Schedule (RRS), which is kept up to date separately.

Data subject rights

Under the UK GDPR and DPA 2018 you have a number of important rights free of charge.

You have the right to:

▪ Be informed of how we collect and use your personal data;

▪ Access your personal data;

▪ Require us to correct any mistakes in the data we hold on you;

▪ Require the erasure of personal data concerning you in certain situations;

▪ Restrict our processing of your personal data in certain circumstances;

▪ Receive your personal data, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;

▪ Object in certain situations to our continued processing of your personal data or at any time to processing of your personal data for direct marketing; and

▪ Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you.

To exercise any of these rights please find out more here. If a subject access request is made and the request for access is manifestly unfounded or excessive, the University reserves the right to refuse to comply with the request in these circumstances.

Keeping your personal data secure

The UoW / Connectr keeps your personal data secure at all times using organisational, physical and technical measures.

Where appropriate, we also take measures such as anonymisation to ensure data cannot be used to identify you and/or encryption to ensure that the data cannot be accessed without the right security accesses and codes.

Where UoW engages a third party to process personal data it will do so on the basis of a written contract which conforms to the security requirement of the UK GDPR. UoW takes measures to enable data to be restored and accessed in a timely manner in the event of a physical or technical incident.

UoW also ensures that we have appropriate processes in place to test the effectiveness of our security measures.

How to contact us

We hope that our Data Protection Officer (DPO) can resolve any query, concern or complaint you raise about our use of your personal data on the contact details below:

The DPO can be contacted via e-mail at infocompliance@warwick.ac.uk

Or write to:

The Data Protection Officer

Legal and Compliance Services

University of Warwick

University House

Kirby Corner Road

CV4 8UW

The UK GDPR and DPA 2018 also gives you the right to lodge a complaint with the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: [0303 123 1113]