Skip to main content
Privacy Notice - Senior Members

Privacy Notice - Senior Members

How we use your personal information

This statement explains how Magdalene College (“the College”, “we” and “our”) handles and uses information we collect about our senior members (“you” and “your”). In broad terms, we use your data to manage your employment and/or membership with the College, including your role and the performance of it, how we support you as an employer, and how you are paid, as well as other statutory requirements.

The controller for your personal information is the Magdalene College, Cambridge CB3 0AG. The Data Protection Officer for the College is the Office of Intercollegiate Services Ltd [12B King’s Parade, Cambridge; 01223 768745; college.dpo@ois.cam.ac.uk]: OIS Ltd. should be contacted if you have any concerns about how the College is managing your personal information, or if you require advice on how to exercise your rights as outlined in this statement. The person within the College otherwise responsible for data protection at the time of issue, and the person who is responsible for monitoring compliance with relevant legislation in relation to the protection of personal information, is the Assistant Bursar, Mrs H Foord, assistant.bursar@magd.cam.ac.uk.

Unless otherwise stated, the legal basis for processing your personal data is that it is necessary for the performance of the employment contract or membership agreement we hold with you, or for statutory purposes (e.g. processing your stipend, tax and pension contributions).  

How your data is used by the College

Your data is used by us for a number of purposes, including:

A. supporting your employment and/or membership, and your performance in your role:

Personal data includes:

i) personal details, including name, contact details (phone, email, postal, both work and personal) and photograph;

ii) your current and any previous role descriptions;

iii) your current and any previous contracts of employment or membership agreements and related correspondence;

iv) any occupational health assessments and medical information you have provided, and related work requirements;

v)* your training and development qualifications, requests and requirements.

Those marked with an * relate to information provided by you. Other data and information is generated by us or, where self-evident, provided by a third party.

B. ensuring that you have the right to work for the College:

Personal data includes:

i) * your recruitment information (including your original application form and associated information submitted at that time);

i i)other data relating to your recruitment (including your offer of employment or membership and related correspondence, references we took up on your appointment or election, and any pre-employment assessment of you);

iii) * evidence of your right to work in the UK (e.g. copies of your passport)

C. paying and rewarding you for your work:

Personal data includes:

i) * your bank details;

ii) * details of your preferred pension scheme;

iii) your current and previous salary/stipend and other earnings (e.g. maternity pay, overtime), and the amounts you have paid in statutory taxes

iv) correspondence between you and the College, and between members and staff of the College, relating to your pay, pension, benefits and other remuneration.

In addition, we maintain records of your use or take-up of any benefit schemes provided by us (e.g. Fellows’ dining rights), which we collate and monitor to review the effectiveness of these benefits. The legal basis for this processing is that it is in our legitimate interest to ensure that any benefit schemes represent good value for money to both you and us, and to ensure that you do not overuse your entitlements.

D. administering HR-related processes, including records of absences and, where necessary, investigations or reviews into your conduct or performance:

Personal data includes:

i) * records of your induction programme and its completion;

ii) records, where they exist, of any investigation or review into your conduct or performance;

iii) records of absences from work (including but not limited to annual leave entitlement, sickness leave, parental leave and compassionate leave)

iv) correspondence between you and the College, and between members and staff of the College, regarding any matters relating to your employment and/or membership and any related issues (including but not limited to changes to duties, responsibilities and benefits, your retirement, resignation or exit from the College and personal and professional references provided by the College to you or a third party at your request).

E. maintaining an emergency contact point for you:

Personal data includes details of your preferred emergency contact, including their name, relationship to you and their contact details.*

F. publication of your personal information:

We would normally publish (on our website and elsewhere) your name, photograph (if you have provided one), your email and College contact phone number and basic biographical information relating to your College and University posts.

G. disclosing personal information about you to external organisations, as permitted or required by law.

If you have concerns or queries about any of these purposes, or how we communicate with you, please contact us at the address given below.

Data marked with an * relate to information provided by you, or created in discussion and agreement with you. Other data and information is generated by the College or, where self-evident, provided by a third party.

We would not monitor social media sites for any personal data relating to you, unless we believed there was a legitimate interest for us to do so (e.g. monitoring compliance with an agreed plan, such as a homeworking agreement) and only if we inform you we might do this in advance. Consequently, we do not routinely screen your social media profiles but, if aspects of these are brought to our attention and give rise to concerns about your conduct, we may need to consider them. Our social media guidelines are available at: https://www.magd.cam.ac.uk/social-media-policy

We also operate CCTV on our sites, which will capture footage. Our CCTV Code of Practice can be viewed at: https://www.magd.cam.ac.uk/cctv-code-of -practic

 

For certain posts, we may use the Disclosure and Barring Services (DBS) and Disclosure Scotland to help assess your suitability for certain positions of trust. If this is the case, we will make this clear to you in separate correspondence. Certificate and status check information is only used for this specific purpose, and we comply fully with the DBS code of Practice regarding the correct use, handling, storage, retention and destruction of certificates and certificate information. We recognise that it is a criminal offence to pass this information on to anyone who is not entitled to receive it.

Who we share your data with

We share relevant personal data with relevant government agencies (e.g. HMRC) and your pension provider. Information is not shared with other third parties without your written consent, other than your name, role and employment contact details which are made publically available. Generally, personal data is not shared outside of the European Economic Area.

If your post has required a “resident market test” (needed if the post is open to applicants from outside the European Union), the College will retain your application records for the duration of the sponsored post and twelve months thereafter.

The College uses the University Card Services system and all senior members will be registered with this scheme. Basic personal data relating to your position is shared with the University in order to operate the scheme effectively.

The University is a separate legal entity to the College and has its own statement about your personal information and its procedures, which you can view at: https://www.information-compliance.admin.cam.ac.uk/data-protection/staff-data. We share your personal information where necessary and appropriate across the collegiate University. The University and its partners (including all of the Colleges) have a data sharing protocol to govern the sharing of information of senior members of the College. The parties may share any of above categories of personal information, and the agreement can be viewed in full at https://www.ois.cam.ac.uk/policies-and-protocols/data-sharing-protocols. Any transmission of information between partners is managed through agreed processes that comply with UK data protection legislation.

Please also note the University’s people search function may also be widened to be accessible to the general public by changing the settings at http://www.lookup.cam.ac.uk/self: its default setting is otherwise access to all members of the University and all Colleges: we share this because we believe it helps significantly in building community relations and networks and helps others get in touch with you easily.

How long we keep your information for

We hold all information for the duration of your employment or membership and for no more than twelve months after the end of your employment or cessation of your membership. After that time, we retain a small subset of personal data for up to seven years after your relationship with the College ends:

i) *personal details, including name and your preferred personal contact details (if we still have these);

ii) your previous salaries and other earnings, pensions and the amounts you have paid in statutory taxes;

iii) records, where they exist, of any investigation or review into your conduct or performance;

iv) your reasons for leaving and any related correspondence;

v) any references we have written subsequent to your employment with us;

vi) any benefit schemes provided by us such as Fellows’ dining rights.

Those marked with an * relate to information provided by you, or created in discussion and agreement with you.

We reserve the right to retain the personal data longer than the periods stated above, where it becomes apparent that there is a need to do so – for example, in the event of a major health or personal injury incident, records may need to be kept for up to forty years.

We then store in a permanent archive:

i) your full name and title;

ii) your job title(s) or College affiliation(s) and the corresponding dates of employment/membership;

iii) any benefits retained following the cessation of your membership – eg Fellows’ dining rights.

Your rights

You have the right: to ask us for access to, rectification or erasure of your data; to restrict processing (pending correction or deletion); and to ask for the transfer of your data electronically to a third party (data portability). Some of these rights are not automatic, and we reserve the right to discuss with you why we might not comply with a request from you to exercise them.

Failure to provide the information reasonably requested of you may result in disciplinary action taken by the College, which could ultimately lead to your dismissal from employment.

You retain the right at all times to lodge a complaint about our management of your personal data with the Information Commissioner’s Office at https://ico.org.uk/concerns/

 

H Foord
Last updated: 17 May 2018
Approved by: Governing Body
Date: 17 May 2018

Related Documents