This privacy notice has been updated in line with the General Data Protection Regulation (GDPR).
1. Purpose of this notice
This Notice tells you how the University of Leeds (University) will collect and use your personal data when you access this website. The University is a “controller” of this personal data for the purposes of the data protection legislation.
It is important that you read this Notice together with any other privacy notice we provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Notice supplements the other notices and is not intended to override them.
2. Changes to this notice
We keep the information provided in this Notice under review. This Notice may be updated from time to time. If we make any substantial updates, we will draw these to your attention.
We will not use your personal data in any manner that is incompatible with the purpose for which the data were collected originally, unless we have obtained your consent to that additional use.
3. Anything you are not clear about
If there is anything you are unclear about, please contact our Data Protection Officer, who shall be happy to answer any queries you may have concerning this Notice or the way in which we process your personal data.
The Data Protection Officer's contact details are provided at the end of this notice.
4. Purpose of processing your data
Where we request personal data from you on our website you will be informed at that time of the purpose for which the data will be processed and how it will be processed, its legal basis for processing as well as any transfers to third parties.
5. Purpose of processing - automated collection of personal information
When you access our web pages certain information your browser provides, including your IP address at the time, browser type, and potentially the address of the page you last visited, will be automatically recorded by the University and our suppliers, Bomgar and ServiceNow. This data may be used to aid detection in the event of a security breach. The legal basis for this processing is necessity to pursue our legitimate interests to keep our website secure. The University retains this data in a form from which you may be identifiable for a period of up to one month.
See https://www.servicenow.com/service-privacy.html for ServiceNow’s Services Privacy Statement which details how ServiceNow obtain, use, share and protect your information.
6. Non-automated collection
Where you are required under this website to provide personal data this data will be used for the following purposes:
Validation of user access;
Progressing and resolving any IT issues reported to us (Incidents);
Providing IT services you have requested (Requests);
You can read more about the conditions governing use of remote connection tools to access computers by following the link in the Related Articles section.
7. Third-party access
Your personal data will be forwarded to the following third parties in connection with the purposes outlined under 5 and 6 above:
Bomgar and ServiceNow will retain information for the purposes of validating your account on the system and to aid in the purposes outlined under 6 above.
8. Data retention
The University’s policies on retaining data for prospective and current students, staff and job applicants are detailed in our data retention policy.
In other cases, for example, if you subscribe to news or events, any retention of data will be made clear at the point of collection.
Cookies are small text files that are placed on your device by websites that you visit.
These cookies help our website function
|Bomgar - bomgar.leeds.ac.uk
This cookie stores a unique ID assigned by the web server. It is used to manage your session. It expires when you close your browser.
Manage your cookies and privacy
This website only uses essential cookies to allow it to function. You can manage your privacy settings, including cookies, through your browser settings.
Further information about cookies can be found on the Information Commissioner's Office website.
9. Your duty to inform us of changes
It is important that the personal data the University holds about you is accurate and current. Please keep us informed if the personal data you have provided to us needs to be updated.
10. Your rights as a data subject
Under the GDPR, in certain circumstances, you have the right to:
11. Queries and complaints
If you have any queries or concerns relating to this privacy notice or the way your data is being processed through this website then please contact the University’s Data Protection Officer, David Wardle on firstname.lastname@example.org or by post to University of Leeds, 11.72 EC Stoner Building, Leeds LS2 9JT, UK.
The University’s main telephone number is +44 (0) 113 2431751.
The UK’s regulator for the DPA and GDPR is the Information Commissioner’s Office (ICO). The University is registered as a Data Controller with the ICO
Should you be dissatisfied with our handling of your concerns you have the right to complain to a supervisory authority. In the case of the UK this is the Information Commissioner’s Office and details can be found at https://ico.org.uk.