Privacy Notice

This privacy notice explains how the University of Brighton collects, uses and stores your personal information with particular reference to the part funded business engagement support that is being provided to beneficiaries, through a number of projects, on behalf of the European Structural and Investment Fund (ESIF) and in particular the European Regional Development Fund (ERDF).

Who we are

The University of Brighton (‘we’ or ’us’) is a ‘Data Controller’ for the purposes of the Data Protection Legislation (including the Data Protection Act 1998 and the General Data Protection Regulation 2018) and we are responsible for, and control, the processing of your personal information.

Your privacy

We are committed to protecting your privacy. This notice explains how the University collects and processes your personal information for the (fully or part funded) business engagement and support purposes.

Information we collect

We obtain personal information about you from the following sources:

  1. You provided your personal information through our website, i.e. when enquiring/expressing an interest in receiving support from our team as part of an ERDF funded project via the dedicated project website or webpages, or through the University of Brighton website.

  2. Personal and/or business information provided to us via project application forms and additional project forms which are required in order to provide the support as requested and agreed.

  3. Completed and/or returned surveys or response/feedback forms including by mail and via electronic means;

  4. Information provided to us when you have registered to attend an event;

  5. You provided personal information as part of discussions with any of our team or project/university representatives whether in person, via email, telephone or other online communications.

We occasionally may obtain personal information from a small number of third-party sources:

  1. If you have opted in to receiving marketing from our group of partners, or have consented to your information being shared with us by our partners. These partners, specific to the RISE project, include University of Sussex and West Sussex County Council.

We may process the following personal information about you:

  1. Your title and full name, your position within the business. Special Categories of personal data such as information about your gender and ethnic identity will only be processed where you have provided it yourself (with your consent), as a contractual requirement of taking part in any of our European Regional Development Funded (ERDF) projects.
  2. Your business details, including company address, company telephone/mobile number, business registration number, number of employees, financial turnover during the past financial reporting period, amount of state aid that you have benefited from in the past 3 years and your company email address

  3. Specified business information will be shared with the the managing authority – The Ministry of Housing, Communities and Local Government’ (MHCLG) in order to meet and satisfy our European Regional Development Fund (ERDF) contractual obligations.

  4. We may also share selected and strictly relevant data with any sub-contracted parties if it is required for them to provide services on behalf of the RISE project. Any third-parties that we provide information to will have a formal agreement that informs them that they have to abide by the University of Brighton data protection and GDPR requirements and that following the ending of any time-restricted contract, they will securely provide us with any data they have collected prior to securely destroying any data they may hold on you.

Cookies

The University of Brighton uses cookies to improve the content and experience of its website users, but these do not allow for us to identify you personally. More information on how to manage cookies can be found here

How we process and use your data

We collect limited and specified personal information to enable us to deliver business support services, to comply with our legal obligations from external funding bodies (ERDF/MHCLG) and to better understand our community so that we can better meet your needs and improve our services.

We may process your personal information for the following purposes:

  1. Administrative purposes

1.1 To verify your identity and establish eligibility to be able to provide you with an agreed business support service or allow your business to engage with one of our ERDF or other funded projects.

1.2 To keep a record of key communications between you, the business you represent and our project representatives to comply with our contractual obligations.

1.3 To process your registration.

Communications

We may, from time to time, contact you by email, post or telephone to pursue the purposes mentioned above and in particular for the following reasons:

2.1 To identify and advise you of other relevant business opportunities where there is mutual benefit to both parties – i.e. opportunities for collaboration;

2.2 To keep you up to date with relevant events and activities at the University of Brighton;

2.3 To share relevant news and achievements of the University and its staff/student body, including research and services;

2.4 Invite you to business events, which may be of interest to you;

2.5 To keep you up to date with other relevant information, which we think may be of interest to you.

2.6 You can unsubscribe from these communications at any time.

Who your information may be shared with

Your personal information is held within secure project records electronically.

We may disclose your personal data to other departments within the University of Brighton, third parties working in partnership with or on behalf of the University (for example, as part of a funded project or for evaluation purposes), and/or Government Agencies (MHCLG) and the European Commission (EC) or where required to do so by law in order to comply with our contractual obligations.

We do not transfer your personal information to third parties outside the EEA or to territories without adequate levels of protection. Where personal data is processed by a third party, we take reasonable steps to ensure that the data is processed strictly according to the instructions of the University, for the relevant purposes only, in accordance with our contractual retention obligations and is securely destroyed or returned upon completion/termination.

We ensure that third party processors are subject to legal obligations in respect of data protection and the duty of confidentiality.

We do not sell or rent any personal information or data supplied by you. We may compile aggregate statistics and provide them to third parties, but we do not include personal information that identifies individual users.

How long we retain your data

We will only retain your personal information in line with our contractual obligations. We are contractually obliged to maintain your personal information in our databases but you do have the right to request that any of your records are removed.  As this would effectively remove your business, along with the attendant outputs, from any project you may be involved in, you will then become ineligible for support. Accordingly, you will become responsible for reimbursing the funded project with the full cost of the support you had received.

What rights you have over your data

Data subjects have a number of rights – including the right to access and rectification.  More information can be found at https://www.brighton.ac.uk/about-us/statistics-and-legal/requesting-information/index.aspx , or contact the data compliance team 01273 642010, dataprotection@brighton.ac.uk.


Lawful basis for processing


The University of Brighton may rely on one or multiple grounds for processing your personal data including:


  1. You have provided consent for the processing;
  2. There is a contractual commitment to provide the services and, therefore, processing is necessary to meet those contractual obligations;
  3. The information is available to the public at large
  4. Public interest
  5. The processing is necessary for the purposes of legitimate interests of the University or other third parties and does not affect the fundamental rights and freedoms of the individuals concerned.

How to contact us

You can contact the RISE project team by emailing us at RISE@brighton.ac.uk

If you have any concerns regarding the way in which the university is processing your personal data, please contact the data protection team at  dataprotection@brighton.ac.uk or 01273 642010.  Additional Privacy information can be found at  Privacy notices and Record of Processing Activities (brighton.ac.uk)


Revisions to the Privacy Policy

We may revise this privacy policy at any time in response to changes in the law or other factors. We encourage you to periodically visit this page to review the most current policy, or obtain a copy by contacting us directly.

Privacy notices


Changes to this noticewe keep our privacy notices under regular review. This privacy notice was last updated in July 2021.

Other privacy notices

We do our utmost to protect your privacy. Please be aware that other privacy notices exist within the university in respect of data held, including but not limited, to activities in relation to your enquiries, application, current students, alumni and use of our website.