In accordance with Data Protection Legislation and the Privacy Electronic Communications Regulations, this privacy notice will:
inform you as to how we look after your personal data when you visit our websites;
tell you about your privacy rights;
tell you how the law protects you.
This is a general web privacy policy which applies to the many Imperial websites we manage. Some sites are managed by parts of the College individually and will carry their own privacy notices or provide additional information relating to their activities, which will supersede or supplement this privacy notice.
What do we collect?
Whilst you do not require an account to access the University websites, there may be occasions where data is requested / collected as part of an action / activity, for example;
to register for an event
to request information such as via the ordering of a prospectus
to subscribe to newsletter or club
to communicate with the College
to understand how you use our websites, and how our websites perform when you use them.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
Identity data – includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender and your Internet Protocol (IP) address.
Contact data -includes billing address, postal address, email address and telephone numbers.
Transaction data -includes details about payments to and from you and other details of products and services you have purchased from us.
Technical data – includes your Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Profile data – includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses].
Usage data – information on how you use the site, using cookies and page tagging techniques
Email data – your email address and subscription preferences when you sign up to any email alerts, newsletters and other Imperial mailing lists.
This data can be viewed by authorised people at Imperial, and trusted partners to:
Improve functionality, security and accessibility
improve the site by monitoring how you use it e.g. pages you visit on the site and browser versions used
gather feedback to improve our services
help us respond to your feedback, if you’ve asked us to
send email alerts or newsletters to users who request them
allow you to access Imperial services and make transactions
How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
When you request us to do something for you or because of you
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.
To understand the behaviour of visitors to the site. This would include:
The number of visitors to different areas
The types of information being searched for via the sites search engine
To identify any anomalies in site usage
To evaluate the popularity of news articles
How long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.