Conferences and events
We use Eventbrite to manage our conferences and events, including event invitations, acceptances, contact details of invitees and delegates, dietary and access requirements.
If you prefer not to use Eventbrite for responding to a conference or event invitation, you may respond directly to us by contacting the event organiser using the details provided in the invitation.
We usually provide a list of delegates as part of the delegate pack for the conference or event. We will give you an opportunity to indicate if you do not wish your name, job title and institution or organisation to be included on the delegate list.
Our key policy events may have a member of staff taking informal photos of the event some of which may be published on our social media feeds. Photos will focus on speakers, but delegates may be captured incidentally. If you do not wish to be included in any photos please make this known to a member of staff at the beginning of the event.
People who respond to our consultations
People who call or email us
We may make a note of your contact details and information about the subject of your call so that we can deal with your enquiry. We do not electronically record or monitor telephone calls, other than when messages are left on an answerphone service. If your phone settings allow for caller line identification and broadcasting of your number this may be stored within our phone system (e.g. missed calls and address books).
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
Where enquiries are submitted to us we will only use and retain the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
People who make a disclosure or complaint, or make a request to us under information access legislation
When we receive a disclosure, complaint or request we make up a file containing the details of the disclosure, complaint or information access request. This normally contains the identity of the discloser, complainant or requester and any other individuals involved.
We will only use the personal information we collect to process the disclosure, complaint or information access request and to check on the level of service we provide.
We will keep personal information contained in the disclosure, complaint or information access request files in line with our retention policy. This means that information relating to a disclosure, complaint or information access request will be retained for five years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
If you are making a disclosure or complaint about a university or college we use discretion in investigating your concerns. However, we are not able to guarantee confidentiality. In most cases the concerns will already be known to the provider, and any conversation we have with the institution about your disclosure or complaint, will in all likelihood, lead to your identity being deduced. Anonymous disclosures are received from time to time. Our policy is normally not to take action in response to these.
From time to time we may be asked to share information with other organisations in the event of a complaint about OfS itself, for example to assist the Parliamentary and Health Service Ombudsman in their work. In these circumstances, we are usually obliged to provide the information by law.
Read more about our complaints procedures
We may compile and publish statistics showing information like the number of complaints or requests we receive, but not in a form which identifies anyone.
Job applicants, current and former OfS employees
We have a separate recruiting privacy notice which explains how we process personal data relating to job applicants.
Once a person has taken up employment with the OfS, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with the OfS has ended, we will retain the file in accordance with the requirements of our retention schedule and legal obligations, and then delete it.
Visitors to our premises and onsite contractors
All visitors to our premises will be asked to sign in to our visitors' log and issued with a pass. Visitors must sign out and return the pass so that it can be shredded when they leave. Visitor details are retained on the log for one month and then destroyed. Visitors arriving by car will be asked to provide their car registration number so that they can be contacted in the event that they are blocking in other car park users.
CCTV is used for maintaining the security of property and premises and for preventing and investigating crime, it may also be used to monitor staff when carrying out work duties. For these reasons the information processed may include visual images, personal appearance and behaviours. This information may be about staff, customers and clients, offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance. Where necessary or required this information is shared with the data subjects themselves, employees and agents, services providers, police forces, security organisations and persons making an enquiry.