GDPR: Data Protection Policy - Open Days
The Data Controller is Homerton College, Cambridge. Questions on this Statement should be addressed to the College’s Data Protection Officer, Homerton College, Cambridge, CB2 8PH. 01223 747180 - firstname.lastname@example.org
The scope of this policy covers website users
What data is processed, and why?
- Full Name *
- School/College Name (If appropriate)
- Email *
- Number_Attending *
- Dietary Requirements *
- Date of Open Day to Attend
- Course interest: *
- Please indicate which of our talks you would like to attend: *
Data is processed to allow users to book places on the various open days at Homerton College.
Where does the data come from?
Data is collected from the various Open days webforms on the Homerton Website.
Sharing with Third Parties
All data is processed by Homerton College and Homerton Conference Centre in reference to Buffet and dietary requirements and is not shared with 3rd parties.
WebForm data submitted is sent to the webform author (or someone they delegate) via email and a copy of the data is stored on the website, but is not publicly available. Access to the data stored on the website is password protected and restricted to administrator level users and can be made available to the author on request
Retention of data
Data is deleted when the webform is deleted. Unpublishing the form does not delete the data. Data reviews takes place once every 6 months to remove data no longer relevant or when informed by webform author.
Data is stored on the CMS.
Rights of the Data Subject
Those whose personal data is recorded by these means – the data subjects – have the right: to ask for access to, rectification or erasure of their personal information; to restrict processing (pending correction or deletion); to object to communications; and to ask for the transfer of their personal information electronically to a third party (data portability).
Some of these rights are not automatic, and we reserve the right to discuss with the data subject why we might not comply with a request from them to exercise such rights.
If data subjects have questions or concerns about their personal information, or how it used, they are invited to speak to the Data Protection Officer.