Conferences and events
We use Eventbrite to manage our conferences and events, including event invitations, acceptances, contact details of invitees and delegates, dietary and access requirements.
If you prefer not to use Eventbrite for responding to a conference or event invitation, you may respond directly to us by contacting the event organiser using the details provided in the invitation.
We usually provide a list of delegates as part of the delegate pack for the conference or event. We will give you an opportunity to indicate if you do not wish your name, job title and institution or organisation to be included on the delegate list.
Our key policy events may have a member of staff taking informal photos of the event some of which may be published on our social media feeds. Photos will focus on speakers, but delegates may be captured incidentally. If you do not wish to be included in any photos please make this known to a member of staff at the beginning of the event.
People who respond to our consultations
People who call or email us
We may make a note of your contact details and information about the subject of your call so that we can deal with your enquiry. We do not electronically record or monitor telephone calls, other than when messages are left on an answerphone service. If your phone settings allow for caller line identification and broadcasting of your number this may be stored within our phone system (e.g. missed calls and address books).
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
Where enquiries are submitted to us we will only use and retain the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
People who make a disclosure or complaint, or make a request to us under information access legislation
When we receive a disclosure, complaint or request we make up a file containing the details of the disclosure, complaint or information access request. This normally contains the identity of the discloser, complainant or requester and any other individuals involved.
We will only use the personal information we collect to process the disclosure, complaint or information access request and to check on the level of service we provide.
We will keep personal information contained in the disclosure, complaint or information access request files in line with our retention policy. This means that information relating to a disclosure, complaint or information access request will be retained for five years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
If you are making a disclosure or complaint about a university or college we use discretion in investigating your concerns. However, we are not able to guarantee confidentiality. In most cases the concerns will already be known to the provider, and any conversation we have with the institution about your disclosure or complaint, will in all likelihood, lead to your identity being deduced. Anonymous disclosures are received from time to time. Our policy is normally not to take action in response to these.
From time to time we may be asked to share information with other organisations in the event of a complaint about OfS itself, for example to assist the Parliamentary and Health Service Ombudsman in their work. In these circumstances, we are usually obliged to provide the information by law.
Read more about our complaints procedures
We may compile and publish statistics showing information like the number of complaints or requests we receive, but not in a form which identifies anyone.
Job applicants, current and former OfS employees
When individuals apply to work for OfS, we will only use the information supplied to us to process their application and to monitor recruitment statistics. Where we need to disclose information to a third party, for example because we want to take up a reference or obtain a ‘disclosure’, we will not do so without informing them beforehand unless the disclosure is required by law.
Personal information about unsuccessful candidates will be held for one year after the recruitment exercise has been completed; it will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.
Once a person has taken up employment with OfS, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with OfS has ended, we will retain the file in accordance with the requirements of our retention schedule and legal obligations, and then delete it.
Visitors to our premises and onsite contractors
All visitors to our premises will be asked to sign in to our visitors' log and issued with a pass. Visitors must sign out and return the pass so that it can be shredded when they leave. Visitor details are retained on the log for one month and then destroyed. Visitors arriving by car will be asked to provide their car registration number so that they can be contacted in the event that they are blocking in other car park users.
CCTV is used for maintaining the security of property and premises and for preventing and investigating crime, it may also be used to monitor staff when carrying out work duties. For these reasons the information processed may include visual images, personal appearance and behaviours. This information may be about staff, customers and clients, offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance. Where necessary or required this information is shared with the data subjects themselves, employees and agents, services providers, police forces, security organisations and persons making an enquiry.
Queries or complaints about our use of your personal information
OfS tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of personal information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. You can email us or write to:
Private and Confidential
Data Protection and Information Manager
Office for Students
Lime Kiln Close
Access to personal information
OfS tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under data protection legislation.
Learn how to make a subject access request for your personal data
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate using the address details provided.
Disclosure of personal information
There are circumstances when we may disclose personal information without consent. For example, when we need to share personal information with:
- the organisation concerned in the investigation of a complaint and with other relevant bodies
- law enforcement agencies to prevent and detect crime
- other Government departments, agencies or non-departmental public bodies
- researchers or consultants acting on our behalf to produce anonymised statistics.