USW Conference & Events Services (C&ES) is a commercial arm of the University of South Wales (USW), focused on conferences, events support and venue management, predominately to external business customers, B2B not B2C. USW C&ES (“Our”, “We”, “Us”) is the data controller and is committed to protecting the rights of individuals in line with the Data Protection Act 2018 (DPA) and the new General Data Protection Regulation (GDPR). The University of South Wales has a Data Protection Officer who can be contacted through [email protected].
2. What data do we hold?
When individuals book facilities and services with the C&ES Team the University has to collect, store, use and otherwise process personal data for any purposes connected with the event delivery, health and safety and for other reasons deemed necessary for the performance of the contract with the institution.
The University may collect and hold the following personal information from you:
- Your name
- Home or work address
- Contact telephone number
- Email address
- IP address
- Social Media IDs in the public domain.
- Payment information where appropriate
- Basic personal details including photographic images, vehicle registration details and CCTV footage during an event.
- Where necessary next of kin contact details for use in an emergency.
- Personal requirements relating to a booking
3. Why we collect this data?
Personal information will be used for the purposes listed below:
- To make bookings and for associated administrative purposes (Legal basis – Processing is necessary for the performance of a contract).
- To ensure the health, safety and security of delegates during the time they are on campus.
- To provide further information on news and forthcoming events
Where a booking has been made with the University of South Wales’ C&ES team, we need to process personal data in order to deliver the service to you. This information may also be used for the provision of support services, to carry out research and statistical analysis, to provide operational information, to promote our services and to ensure the safety and security of our delegates/clients. Should we need to share your data as part of an event (e.g. with the organiser when we receive registrations directly or with other delegates as part of a delegate pack) we will advise and seek permission in advance. We may also carry out customer research via online questionnaires providing the opportunity for the data to be personalised or anonymised. This enables us to continually improve our service to meet and exceed expectations. With your consent we will use images, videos, testimonials and event case studies on our website and social media channels.
Where an individual has made an enquiry USW C&ES processes the information on an online booking & CRM system as it is necessary to prepare a proposal / contract. Where an individual has indicated that they would like to receive further information from the University, this information is processed with their consent. We also use legitimate interest as a means of staying in touch with prospective customers, namely to business contacts using business emails. USW C&ES hold basic contact details of professionals working in businesses who could have an interest in the services and facilities available within the Conference Centre and University. This information is processed on the basis that it is necessary for the legitimate interests of USW C&ES and that the processing could be of mutual benefit.
4. Who are the recipients of your data?
Personal; data may also be disclosed when legally required or where there is a legitimate interest, either for the University or the data subject, taking into account any prejudice or harm that may be caused to the data subject. We will not share your Personal Data with any third parties for their own marketing purposes.
5. How do we protect your data?
Data Protection legislation requires the University to keep your information secure. This means that your confidentiality will be respected, and all appropriate measures will be taken to prevent unauthorised access and disclosure. Only members of our team who need access to relevant parts or all of your information will be authorised to do so. Information about you in electronic form will be subject to password and other security restrictions, while paper files will be sorted in secure areas with controlled access.
6. How do we keep your data?
Data Protection legislation requires us to keep your information secure. This means that your confidentiality will be respected, and all appropriate measures will be taken to prevent unauthorised access and disclosure. Some processing may be undertaken on the University’s behalf by an organisation contracted for that purpose. Organisations processing personal data on the University’s behalf will be bound by an obligation to process personal data in accordance with data protection legislation.
We retain customer’s (where a booking has been made) personal information for the current year plus six years after it is collected, in order to comply with the University of South Wales’ Finance Services’ retention schedule for financial accounting, and with the Limitation Act 1980. After this period, all customer data is anonymised. Further information on the University of South Wales’ retention schedule. For prospective customers who make enquiries but not bookings with us, we will hold the personal data for 12 months.
7. Transfers to third countries
Personal data, where possible will be processed within the European Economic Area. However, in certain circumstances there may be a necessity to transfer your data outside the EU. Where a processor is based in the US, data may be transferred to them if they are part of the EU-US Privacy Shield framework and are thus compliant with data protection requirements.
8. Your rights and preferences:
To find out more about the rights you have under the current Data Protection legislation and how you can exercise them, please see our web pages. If you have any questions relating to your booking or want to update your details with the University of South Wales’ C&ES Team, please contact [email protected].
9. Further information:
Further information can be found in relation to individual rights on the University Data Protection web pages. Any requests or objections should be made in writing to the University Data Protection Officer:
University Secretary’s Office,
University of South Wales,
Pontypridd, CF37 1DL
Email: [email protected]
Where individuals are unhappy with the way in which their personal data has been processed, they may in the first instance contact the University’s Data Protection Officer using the contact details above.
In the event that any complaint is not resolved then the issue may be taken to the Information Commissioner for a decision. The Information Commissioner can be contacted at:
Information Commissioner’s Office,
10. Amendments and Feedback:
This Privacy Notice will be maintained and reviewed with any changes updated on our website and communicated to you as appropriate. This Privacy Notice was last updated in May 2018. Please contact the USW C&ES Manager at [email protected] with any specific C&ES feedback.