Jisc may process your personal data because:
We need it to provide you with a service you’ve requested
If you don’t provide us with the required personal data, we’ll try to provide the service, but it may be impossible.
We’ll keep your data whilst it’s needed to deliver the service, and for an additional three months in case you have any further queries.
If another organisation helps us to provide the service, we’ll also make your data available to them. If this involves transferring information to a country not recognised as providing equivalent protection, we’ll use additional safeguards approved by UK or EU regulators.
We require all organisations we work with to keep information as safe as we do.
We need it to identify problems or ways to make the service better
We’ll keep your personal data for up to six months after you use the service; after that, unless we need it for a particular investigation, we’ll delete it.
Sometimes we use automated processing to detect and respond to problems more quickly: if you’re individually affected by this processing, you can ask us to review its results.
If there are attacks on our services, or other criminal activity, we may share information with the police.
All these uses are checked to make sure they create a benefit, rather than a risk, for individuals. If you have particular circumstances that may increase your risk you may contact our data protection officer (see below) to ask for a review of that assessment.
You’ve asked us to, for example by setting up a profile page or joining one of our research projects
We’ll keep your personal data until you ask us to change or delete it, or for at least three years after you last use the service.
We’re operating a service provided to you by someone else (eg, your university or college)
We’ll keep your personal data for as long as the provider needs us to.
To ask about your personal data, or to exercise any of your rights, you should contact them. We’ll help them respond, but the law prohibits us from responding directly to you.
Individual Jisc services may have their own privacy notices with further information about how they use your personal data.
By law you have certain rights over your personal data that we hold: to receive a copy of the data, to ask us to correct any errors, or to delete it once we no longer need it. To contact us regarding those rights, or anything else in this privacy notice, please write to our data protection officer, Mark Barrett, by email (firstname.lastname@example.org) or at our registered postal address below.
If you don’t feel we’ve dealt with your request appropriately, you can appeal to the Information Commissioner’s Office (ICO). Jisc’s ICO registration number is Z9546606.