The following statement explains why and how the Regent's University London (Regent’s) Alumni Community team collects, processes and manages your data. This policy applies to all Regent’s services provided by the Aluminati Network Group Ltd.

Any changes to this statement will be posted here.

Any personal information collected will be processed and safeguarded in accordance with the Data Protection Act 2018 which incorporated the General Data Protection Regulation (EU 2016/670) (GDPR).

This Policy is subject to change to meet new legislative requirements, so please check this page occasionally to ensure that you’re happy with any changes.

Any questions regarding this Policy and our privacy practices should be sent by email to privacy@regents.ac.uk or in writing to Governance Office, Regent's University London, Inner Circle, Regent's Park, London, NW1 4NS.

Last updated: December 2022

Terms and Conditions

 

1. Who manages the data and what do we do with it?

Regent’s University London Limited (trading as Regent's University London) is the 'data controller' as defined by the Data Protection Act 2018. Personal information will only be collected and/or processed by Regent’s University London in accordance with the Act.

The Alumni Community team connects Regent’s with its alumni, volunteers, friends and other supporters. We organise events, send you publications and enable access to university benefits and resources. We do this in accordance with the University’s data protection policies, which you can find here.

For this, we use a secure database which tracks your interactions with Regent’s over time. Access to this database is restricted to members of staff who need to view the data to undertake their duties. This includes all members of the Alumni Community team, IT services and the Careers team. Data may be shared internally with other departments/staff who work closely with the alumni team including academic staff.

At the time of graduation, all relevant student data is duplicated from the student records system to the alumni database. The type of data transferred includes student names, education details (i.e. degree & years studied), contact addresses, telephone numbers and personal email address. While most of the data comes from you (e.g. via the student records system at graduation stage), we also add to it from public sources. We use research to update information held on you and your ability and willingness to volunteer with the University. You can update your communications preferences or simply opt out at any time by contacting us here.

2. Examples of how your data will be used

The following are examples of how your data will be used.

  • Sending you communications and updates about Regent’s
  • Inviting you to events (e.g. alumni reunions)
  • Promoting volunteering engagements (e.g. mentoring opportunities)
  • Offering you discounts and services (e.g. postgraduate or executive programmes)
  • For administrative purposes (e.g. processing your access card application)
  • Your data may also be shared with third parties to process data on our behalf. See third party data sharing for more details.

3. We consider that Regent’s has a strong and legitimate interest in keeping up our relationship with staff, alumni, volunteers and supporters.

The retention of your data is crucial in our efforts to build an engaged and interactive community, and to help safeguard its future. Legitimate interest provides the lawful basis we rely on for most of our activities set out in this privacy notice.

  • The Alumni Community team processes information in pursuit of our legitimate interest in: Staying in touch (e.g. via social media, publications, invitations).
  • Offering services and benefits (e.g. career support, Regent’s Clubs).
  • Building an engaged alumni community to support Regent’s educational mission and its strategic and operational aims (e.g. by advisory boards).

4. What data is held?

We retain education records on all former students in perpetuity. This way, you can get a transcript even after many years.

We may also retain other information, such as:

  • Personal information (e.g. name, titles, date of birth)
  • Contact details (e.g. postal and email addresses, phone numbers, instant messaging and social media accounts). We update these details whenever you inform us that your details have changed.
  • Your academic history at and beyond Regent’s (e.g. previous schools and postgraduate programmes)
  • Occupational information (e.g. your job sector and employer)
  • Hobbies and interests (e.g. to organise student / alumni sports events)
  • Your relationships with others within the Regent’s network
  • Media coverage of and content created by and about you, including social media postings
  • Photographs submitted to us for use in alumni community activities such as events, alumni publications, social media and other promotional materials.
  • Special category data: It may be necessary to collect sensitive information for a specific purpose such as event planning. The type of sensitive data may include information relating to disability, dietary requirements and/or information about your health e.g. any medical conditions. Please note that we will only collect, store, and use this sensitive information with your consent, for a specific purpose such as event planning.

We also keep records on:

  • Any communications we have exchanged with you
  • Your engagement with Regent’s at meetings, events, clubs, campus visits as well as volunteering and networking opportunities
  • Your use of University services (e.g. access card usage, our online careers platform, Handshake, and our online engagement platform, Re:connect. Operational data on engagement with such services (e.g. student support journal entries) may be retained for up to three years within our student services database after graduation and then deleted. Web analytics about your use of Regent’s online properties, such as:
  • IP address, location and browser type
  • Navigation data and referral source
  • Length of visit and page views.
  • Donation and wealth history such as:
    • Your history of donations made to Regent’s and previous Gift Aid declarations (this is required by HMRC)
    • Historical wealth and historical giving potential to Regent’s

The University is fully PCI-DSS compliant and does not store credit/debit card details. Bank details used for processing Direct Debits are stored by a trusted third-party, under the Direct Debit Guarantee scheme.

We will only retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting purposes.

5. Your rights

Your rights under the GDPR and data protections acts are protected, including your right to be forgotten.

You have the right to:

  • Ask for your data to be amended. You may ask us to change or update any incomplete or incorrect information we hold about you.
  • Request for your data to be erased. You can ask us to delete your data if you believe there is not a good enough reason for us to continue processing it.
  • Request access to your data (known as a subject access request). If you wish to submit a subject access request, please email governance@regents.ac.uk.
  • Opt out of communications. Should you no longer wish to receive communications from us, you can opt out by emailing alumni@regents.ac.uk.
  • Object to the processing of your personal data where data is processed for legitimate interests, to aid our public interest tasks or for direct marketing purposes.

6. Third party data sharing

We may share data with third party suppliers to provide services on our behalf. This includes email marketing services to send communications or web services (e.g. online forms) to update your details.

Your data may also be shared with third parties engaged in providing additional benefits to alumni (e.g. access to careers support via Handshake, and access to our online engagement platform, Re:connect).

We will only share data with external service providers on a confidential basis, where appropriate. They will only process your personal data in line with our policies.

We will not sell your data to a third party.

7. Re:connect online platform Service Provider

This service is operated under contract by Aluminati Network Group Ltd. (Aluminati) acting under instruction as our Data Processor under the Data Protection Acts 1998 and 2018. Aluminati will process personal data strictly for the purposes of operating this service.

Aluminati is registered with the Information Commissioner under membership number Z8393842.



Re:Connect Social Sign In: Privacy Notice

This privacy notice provides you with details of how we (Aluminati Network Group Ltd) collect, process and store your personal data when you access the Aluminate service (the ‘Service’) via this third-party application (‘App’).

LAWFUL BASIS AND PURPOSE OF PROCESSING

Aluminati processes your data in order to perform its contract, with the institution or organisation, to provide you with the Service. We will process your information for the following purposes;

  • To verify your details in order to provide you with access to the Service
  • To improve your onboarding experience onto the Service
  • To increase your accessibility to the Service

We will only use your personal data for the purposes listed above unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing. We may process your personal data without your knowledge or consent where this is required or permitted by law.

By accessing the Service through this App, you agree to the collection and use of information in accordance with this privacy policy.

If you are unhappy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (www.ico.org.uk) however we would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

Email: privacy@aluminati.net

Tel: 01638 676 232

WHAT PERSONAL DATA WE COLLECT

Personal data is any information capable of identifying an individual and does not include anonymised data. We may ask you to provide us with or automatically collect certain personally identifiable information that can be used to contact or identify you, including:

  • Identity & Contact Data may include your first name and last name
  • Contact Data may include your email address
  • Technical Data may include your cookie data, information such as your device's internet protocol address (e.g., IP address), browser type, browser version, the time and date of your visit, unique device identifiers and other diagnostic data

We do not collect any sensitive data about you including details about your race or ethnicity, religious beliefs, sexual orientation, political opinions, trade union membership, health, criminal convictions and offences.

YOUR RIGHTS

For data processed under the lawful basis of ‘performance of a contract’, you;

  • DO have the right to; be informed, request access, data portability, data rectification, restriction processing, erasure if there is no overriding ‘legitimate interest’ for continuing to process the data
  • DO NOT have the right to object

To exercise these rights please email privacy@aluminati.net. We will likely have to request information from you to confirm your identity in order to ensure we are following instructions from the actual data subject concerned. No fee is payable for the exercise of these rights unless the request is clearly unfounded, repetitive or excessive in which case we may also legally refuse your request.

For more information on individual rights under the GDPR, go to the following site: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr

You have the right to lodge a complaint to the supervisory authority (the Information Commissioners Office); if you believe we are processing your data unfairly.

DISCLOSURES OF YOUR PERSONAL DATA

We may have to share your personal data with third parties including:

  • Our service providers who provide IT, hosting and system administration services
  • Professional advisers including lawyers, bankers, auditors, insurers, financial advisers and corporate finance advisers who provide consultancy, banking, legal, insurance, accounting and financial services
  • HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances
  • Third parties to whom we sell, transfer, or merge parts of our business or our assets
  • We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

INTERNATIONAL TRANSFERS

We make active efforts to engage in service providers who are based within the European Economic Area (EEA). Where this is not possible, we may need to engage service providers resulting in your personal data being transferred outside the EEA. Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
  • Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe.

If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.

In addition to the above, your data may be temporarily transferred outside of the EEA during the course of our staff travelling abroad with personal data (for example meeting contact information and emails). There are appropriate safeguards in place to ensure the protection of your data - including encryption rendering the data unreadable in the case of loss or theft.

DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

DATA RETENTION

We will only retain personal data for as long as we need to fulfil the specified purposes we have collected it for as well as for satisfying legal, accounting, audit, or reporting requirements.

By law, for tax purposes, we have to keep certain data about our customers for six years after they cease being customers.

COOKIES & THIRD PARTY LINKS

We use cookies as described in the section above on how we use your data. If you choose to disable cookies in your browser certain parts of our service will cease to function.

Links from our website or other communications may link to third-party destinations over whom we have no control and do not take responsibility for their privacy statements or behaviours. Please read the privacy notice of these sites to understand their data policies.

Name and contact details of the data controller and data protection officer
Data Controller: Aluminati Network Group Ltd.
Address: Hyperion House, The Oaks, Newmarket, Suffolk, CB8 7XN
Data Protection Officer: Daniel Watts
Contact Details: privacy@aluminati.net