Door Access Privacy Notice

This Privacy Notice sets out how we use your personal data and your rights regarding that information.

Who will own my data?

The University of Liverpool

Why do you need my information?

To enable us to provide you with the authorised access for you to carry out your work/studies within the University where necessary.

What allows you to use my information?

We collect this information for health & safety purposes to monitor access to buildings, understand risks posed by capacity issues and to help monitor and effectively enforce how buildings are used during the COVID-19 pandemic.

Who will my information be shared with?

General information of a person’s access rights are shared with your own departmental authorised signatories and Heads of Department.

Any other information would be dependent on the reason for the request and may be shared with Heads of Department, authorised card access personnel, Human Resources, Head of Campus Support and in some cases local Police Authorities in relation to crime. Data may be used to identify unauthorised access to buildings due to Health & Safety and in relation to alarm activity as and when necessary.

How long will you keep this data for and why?

Your information and access is live until you leave the University or we are advised otherwise.  During your employment/studies, swipe access history is held for a period of 12 months, for Security and Health and Safety purposes.

How will my information be stored?

Information is stored within CSD on secure databases.

Will this information be used to take automated decisions about me?

No

Will my data be transferred abroad and why?

No

What rights do I have when it comes to my data?

Under the UK General Data Protection Regulation, you may have the following rights with regards to your personal data:

  • The Right to subject access – you have the right to see a copy of the personal data that the University holds about you and find out what it is used for.
  • The Right to rectification – you have the right to ask the University to correct or remove any inaccurate data that we hold about you.
  • The Right to erasure (right to be forgotten) you have the right to ask the University to remove data that we hold about you.
  • The Right to restriction – you have the right to ask for your information to be restricted (locked down) on University systems.
  • The Right to data portability – you have the right to ask for your data to be transferred back to you or to a new provider at your request.
  • The Right to object – you have the right to ask the University to stop using your personal data or to stop sending you marketing information, or complain about how your data is used.
  • The Right to prevent automated decision making – you have the right to ask the University to stop using your data to make automated decisions about you or to stop profiling your behaviour (where applicable).

Please note that not all rights apply in all situations. To find out more about your rights under the UK GDPR, please visit the Information Commissioner’s website.

To request a copy of your data or ask questions about how it is used, contact:

Dan Howarth, Data Protection Officer

  • Email: legal@liverpool.ac.uk
  • Post: Legal & Governance, University of Liverpool, Foundation Building, 765 Brownlow Hill, Liverpool L69 7ZX

Who can I complain to if I am unhappy about how my data is used?

You can complain directly to the University’s Data Protection Team by writing to:-

  • Dan Howarth, Data Protection Officer
  • By email: legal@liverpool.ac.uk
  • Post: Legal & Governance, University of Liverpool, Foundation Building, 765 Brownlow Hill, Liverpool L69 7ZX

You also have the right to complain to the Information Commissioner’s Office using the following details:

  • The Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
  • Telephone: 08456 30 60 60 or 01625 54 57 45
  • Website: ico.org.uk

Back to: Legal & Governance