Privacy Notice

This Privacy Notice is designed to explain how and why information about individuals using the GCU website.

All of the personal information will be treated in accordance with the terms data protection legislation including the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). This means that confidentiality will be respected and that appropriate security measures will be taken to protect information. This notice is intended to meet the transparency requirement of the legislation and to ensure that people using the website know how their data will be processed.

Using your personal information

Who will process my information? 

Under Data Protection law the University is the ‘data controller’. This means that the University is responsible for how it uses and processes your information and complying with requests relating to your personal data.

Why do we collect and use your personal information?

The University collects, holds and uses information about you for a number of reasons including:

  • Taking steps to improve our website and to analyse use of our website without identifying you as an individual
  • Processing enquiries or applications made by you or on your behalf
  • Marketing to keep you informed of news, events or services which may be of interest to you, if you have opted to receive communications by post, email or other electronic means
  • To communicate information which we need to communicate to you

Keeping information updated

The University strives to ensure that your personal information is accurate and up to date. You are responsible for advising appropriate staff of changes to or inaccuracies in your information.

How long is the information kept?

The University will retain your information only for as long as necessary for the purposes described. Detailed information is available in the University Records Retention Schedules.

What information is collected and where do we obtain information from?

We collect information which you provide to us. When you visit our website our systems collect information about your device including your IP address, operating system and browser type.

Who is the information shared with?

Your information will be shared internally only with those individuals who require it in the course of their duties.

We will not disclose your information to third parties unless we are required to do so by law or you have given your consent, the exceptions to this are:

  • Complying with a legal obligation
  • To protect the safety, rights and property of the University
  • To protect against misuse or unauthorised use of the website

How is the information kept securely

Information is kept securely on University equipment in line with University information security and data protection policies. Access is restricted to only those staff or authorised agents who require it and on a ‘need to know’ basis.

Although we take steps to protect your information, the University cannot guarantee internet security and you should be aware that email can be an insecure form of communication.

Is the information transferred outside the European Union?

We may engage third parties to provide systems or services which are hosted outside of the European Union. Where we transfer data internationally we will ensure that appropriate safeguards are in place to protect your information and your privacy.

Your rights

You have the right to:

  • Find out what personal data we process about you and to request a copy of the data
  • Ask us to correct inaccurate or incomplete data
  • Withdraw consent to process your personal data, if you were asked for and provided consent.

If you think we are acting unfairly or unlawfully you can:

  • Object to the way we are using your data
  • Complain to the UK Information Commissioner’s Office.

Under certain conditions you also have the right to ask us to:

  • Restrict the use of your data 
  • Erase your information or tell us to stop using it to make decisions about you 
  • Provide you with a portable electronic copy of data you’ve given us.

Please contact us if you wish to exercise/enquire about any of these rights.

Contact details

Data Protection Officer
Department of Governance
Britannia Building
Glasgow Caledonian University
Cowcaddens Road, Glasgow
G4 0BA

Legal basis for using your information

The legal condition which enables the University to process personal information is found in the Article 6 of the General Data Protection Regulation (GDPR). In particular we rely on our public task and your consent.

Further information