The following is a broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation to ask about your personal circumstances.

We process personal information to enable us to provide education and support services to our students and staff; provision of the Aston University Nursery; advertising and promoting the university and the services we offer; publication of the university magazine and alumni relations, undertaking research and fundraising; managing our accounts and records and providing commercial activities to our clients. We also process personal information for the use of CCTV systems to monitor and collect visual images for the purposes of security and the prevention and detection of crime.

We process information relevant to the above reasons/purposes. This may include:

• personal details
• family details
• lifestyle and social circumstances
• education details and student records
• education and employment details
• financial details
• disciplinary and attendance records
• vetting checks;
• goods or services provided
• visual images, personal appearance and behaviour
• information held in order to publish university publications

We also process sensitive classes of information that may include:

• racial or ethnic origin
• trade union membership
• religious or other similar beliefs
• physical or mental health details
• sexual life
• offences and alleged offences
• criminal proceedings, outcomes and sentences
• safeguarding concerns relating to children in the nursery

Who the information is processed about

We process personal information about:

• students
• employees, contracted personnel
• nursery pupils and their parents/guardians
• suppliers, professional advisers and consultants
• business contacts
• landlords, tenants
• complainants, enquirers
• donors and friends of the University
• authors, publishers and other creators
• persons who may be the subject of enquiry
• third parties participating in course work
• health, welfare and social organisations
• friends of the University
• individuals captured by CCTV images

We sometimes need to share the personal information we process with the individual themself and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

Where necessary or required we share information with:

• family, associates and representatives of the person whose personal data we are processing
• current, past or prospective employers
• healthcare, social and welfare organisations
• educators and examining bodies
• suppliers and service providers
• student union
• financial organisations
• debt collection and tracing agencies
• auditors
• police forces, security organisations
• courts and tribunals
• prison and probation services
• legal representatives
• local and central government
• consultants and professional advisers
• trade union and staff associations
• survey and research organisations
• press and the media
• voluntary and charitable organisations
• landlords

It may sometimes be necessary to transfer personal information overseas. When this is needed information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of the data protection act.