Privacy Notice OXFORD IMMUNOLOGY WEBSITE RESEARCHER DIRECTORY AND MAILING LIST
We (the University of Oxford) process data about you for our Oxford Immunology website researcher directory and mailing list. We are the ‘data controller’ for your personal information, which means we decide how to use it and are responsible for looking after it in accordance with the General Data Protection Regulation and associated data protection legislation.
HOW WE USE YOUR DATA
We process your data:
- To provide information for a searchable Immunology researcher directory published on our website:
Information processed for this purpose includes, but is not limited to first and last name, email address, division/department, unit/centre/institute, role, Oxford employee type, individual University of Oxford staff webpage and photo.
- To send you communication by email as part of an Oxford Immunology mailing list:
Information processed for this purpose includes your name and University email address. You may opt out of the mailing list at any time using the contact details below.
- We will process SSO username for data linkage and keep a record of whether each staff member wants to be included on the mailing list and website directory – these are for database management purposes will not be made publicly available.
This processing is necessary to meet our legitimate interests in providing the Researcher Directory, sending communications and managing the Immunology community of researchers in Oxford.
WHO HAS ACCESS TO YOUR DATA?
Access to your data within the University will be provided to those who need to view it as part of their work in carrying out the purposes described above.
We may share your data with companies who provide services to us, such as providing mailing list software. These companies are required to take appropriate security measures to protect your data in line with our policies. We do not allow them to use your data for their own purposes. We permit them to process your data only for specified purposes and in accordance with our instructions.
Where we share your data with a third party, we will seek to share the minimum amount necessary.
RETAINING YOUR DATA
If you choose to unsubscribe from the mailing list or ask to be removed from the directory, we will retain your data for 2 year(s).
Your data will be held securely in accordance with the University’s policies and procedures. Further information is available on the University’s Information Security website.
WHERE WE STORE AND USE YOUR DATA
We store and use your data on University premises. Electronic data may be transferred to, and stored at, a destination outside the UK, for example, when we communicate with you using a cloud-based service provider that operates outside the UK.
Such transfers will only take place if one of the following applies:
- the country receiving the data is considered by the UK to provide an adequate level of data protection;
- the organisation receiving the data is covered by an arrangement recognised by the UK as providing an adequate standard of data protection;
- the transfer is governed by approved contractual clauses;
- the transfer has your consent;
- the transfer is necessary for the performance of a contract with you or to take steps requested by you prior to entering into that contract; or
- the transfer is necessary for the performance of a contract with another person, which is in your interests.
If you wish to raise any queries or concerns about our use of your data, please contact us at firstname.lastname@example.org.