Privacy notice: public engagement and community events
Please see below for the University's public engagement and community events privacy notice.
For more details please contact the Information Governance Manager.
This privacy notice tells you what to expect us to do with your personal data when you register and/or attend one of our community or public engagement events. Personal data (or personal information) is any information which relates to and identifies you. Data protection legislation (the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA)) set out how we should handle your personal data.
The University of Lancashire is the controller for the personal data we process, unless otherwise stated. We are registered with the Information Commissioner’s Office and our registration number is Z5512420.
There are many ways you can contact us, including by phone, email, social media and post. View our main contact details.
Email the University’s Information Governance Manager & Data Protection Officer. Further information and contact details can be found on our data protection web pages.
We will use the information you provide on the registration form and any other information you give us associated with your booking, as well as feedback you provide (whether or not you actually attended) after the event has finished.
We also use photographs and video footage of attendees enjoying our community events which will be taken by University staff or freelance photographers paid by the University, as well as members of the public who attend the event and use social media to tag our event.
We use your personal data to organise, manage, administer and evaluate our community events, and for marketing and publicity purposes. Further information about the main purposes for which we use your personal data is set out below:
Administration, communication and events
We use your information to register your booking, produce tickets and manage associated payments, and communicate with you about your booking, including sending reminders about the upcoming event and requesting feedback.
When we deliver events with external partners, we may share your data collected at registration or through our feedback collection with the external partners involved in the event. Our event advertising will usually identify any partners we are working with but if you have any questions about the specific event you are attending, please contact us using the details above.
University staff and freelance photographers paid by the University may take photographs and videos during the event. We will use photographs and video of attendees for marketing and publicity purposes, which will include using images and video on our website and social media channels, and in other types of online and hardcopy publications. Our photographers will be clearly visible and can be avoided if you don’t want to appear in our photographs. If you think you are in any of our photographs and have any concerns, please email us to discuss.
We also encourage attendees to take their own photographs and videos and upload them to their own social media accounts, tagged with our official event hashtags. We do not control these images but they may appear on our social media channels and pages if they are tagged with our official event hashtags.
If you tell us that you want to join our mailing list, we will send you information about upcoming events. You can opt out of our mailing list at any time by emailing us.
If an event we are hosting takes place on one of the University’s campuses, please note that we operate a CCTV system for security and crime prevention purposes, among other things, which includes the use of body worn video devices. The CCTV system covers University buildings (inside and outside) and public areas across our campuses. Your images are likely to be captured by the CCTV system while you are on, in, or near University premises.
CCTV footage will be used to maintain the security of the event and the University community, enhance public safety, prevent and detect crime and apprehend and prosecute offenders. CCTV footage may be used, where there is a lawful basis, in the investigation of complaints and allegations made under the University’s rules, regulations, procedures and codes of practice. Further information is available in our CCTV Privacy Notice.
We will use your information to ask you for feedback on the event, even if you registered but didn’t attend. Your feedback is used to help us to evaluate our community events and plan future events.
For some events, we will collect information such as ethnicity or your postcode for equality monitoring purposes, so we can see if we are meeting the equality and civic aims of our community events. We also use some of the information you provide in your feedback to build up a picture of the audiences at our community events so that we know which groups of people attend.
We will also use your information to ensure and monitor our compliance with legislation including laws relating to equality and health and safety.
The University relies on the following lawful bases from the UK GDPR to process information about you for the purposes set out in this notice:
Article 6(1)(c) UK GDPR, which allows us to process personal data when it is necessary to comply with a legal obligation. We are legally required to process some information for the purposes of complying with health and safety laws, for example.
Article 6(1)(e) UK GDPR, which allows us to process personal data when it is necessary to perform a task in the public interest. The Office for Students (which regulates the University) expects us to carry out activities within the local area to increase participation in higher education from under-represented groups. This is known as ‘widening participation’.
Some of our community events are part of our widening participation activities and we rely on this lawful basis to use personal data for the purposes of administering and evaluating them and to produce internal reports and statistics about these activities.
Where we use information about your ethnicity, religion or disability for these purposes, we also rely on Article 9(2)(g) UK GDPR and Schedule 1(8) DPA, which allow us to use special category data to monitor and promote equality of opportunity, which we do by evaluating whether our events are reaching different audiences and if it is not, we put in place steps to ensure this happens in future events.
Article 6(1)(f), which allows us to process personal data where it is in our, or someone else’s, legitimate interests to do so and it does not unduly prejudice your rights and freedoms. We rely on this condition to:
- Take photographs and video at the event and produce marketing and publicity materials to share images of what it is like to attend our events and to help promote our future events. . Photographers will be clearly visible and taking photos of crowds in public event spaces. If you have concerns, please contact us to discuss.
- Add you to our mailing list and send you information about upcoming events, if you ask us to. You can opt out of our mailing list at any time.
- Provide a security service and CCTV monitoring. It is in the interests of the University community and the general public to make the University a safe and secure place to live, study and visit.
We share your information with some external organisations, including suppliers who are processing personal data on our behalf to provide services to us. We only share your personal data with another person or organisation where the law allows us to and we consider it to be appropriate under the circumstances. The external parties we may share information with include the following:
- University insurers: information, including accident forms, is shared with our insurers to provide insurance cover and to enable us to make and defend insurance claims.
- Internal and external auditors: to provide assurance that the University is following its risk management, governance and internal control processes and to independently inspect our financial statements and records.
- Companies or organisations acting on our behalf: We use processors who are third parties who provide elements of services for us, such as the supplier of our ticketing platform. We have contracts in place with our processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will hold it securely and retain it for the period we instruct.
- Members of the public: when we use your images or videos for marketing and publicity purposes via our website, social media channels or other promotional methods.
- Event Partners: Photographs taken by the University during an event may be shared with our partners and sponsors for their own marketing purposes, which may include images and video on their website and social media channels, and in other types of online and hardcopy publications.
Images and video footage used in marketing and publicity materials will be available worldwide via the University website and social media channels, and other online publications.
We will keep your information for up to five years, following which we will either delete it or anonymise it so that it cannot be linked back to you.
If you join our mailing list, we will keep your information for as long as our mailing list is in operation or until you ask to be removed.
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information. Further information about each of these rights can be found on the Information Commissioner’s Office website. To make a request to exercise any of these rights, please email the Information Governance Manager & Data Protection Officer.
- Your right of access: You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process. For further information or to make a request, please see the data protection pages of our website.
- Your right to rectification: You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
- Your right to erasure: You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing: You have the right to ask us to restrict the processing of your information in certain circumstances.
- Your right to object to processing: You have the right to object to any processing we carry out, if we carry it out on the basis that it forms part of our public task or is in our legitimate interests. You also have the right to object to your personal data being used for direct marketing purposes.
- Your right to data portability: This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you. The right only applies if we are processing information because we have your consent or because it is necessary for your student contract, and the processing is automated.
We work to high standards when it comes to processing your personal information. If you have queries or concerns, please contact the Information Governance Manager & Data Protection Officer and we will respond.
If you remain dissatisfied, you can make a complaint about the way we process your personal information to the Information Commissioner’s Office, which is the UK supervisory authority for data protection. Further information can be found on the data protection pages of our website.