We know your privacy means a lot to you, and as an individual you put a lot of trust in us when it comes to your personal information. As a group of companies, CampusLife promises:
- to apply all the safeguards we need to protect your data – physically and digitally
- to collect only the information that we need to provide our service to you
- to only allow highly trained members of the team access to your data. Even then, they only see what they absolutely need to
- to only share your data with third parties if you’ve told us we can, have to by law or have let you know previously that we need to.
This notice explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice and any other similar notice we may provide to you from time to time when we collect or process personal information about you. The most recent version of this notice will always be available on our websites.
Who collects the Information?
CampusLife (‘Company’) is a ‘data controller’ and gathers and uses certain information about you. This information is also used by our affiliated entities and group companies, namely CampusLife Student, CampusLife Residential and CampusLife Business (our ‘group companies’) and so, in this notice, references to ‘we’ or ‘us’ mean the Company and our group companies.
Data protection principles
We will comply with the data protection principles when gathering and using personal information, as set out in our privacy statement and data protection policy .
We may collect the following information from you either directly when you register to use our services and/or from your use of our services and websites: Name and contact details (email address, telephone number, postal address) and payment details.
Security question and answer information
Computer addresses such as IP address, and where appropriate your device’s MAC address. Computer information related to your use of our websites using cookies or other anonymous identifiers (geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation). Any inbound or outbound email correspondence with a sales employee of ours will be tracked and stored in our CRM (HubSpot).
How we collect information
We may collect this information directly from you using online registration forms or telephone calls. We may also collect some information indirectly by your use of our services and websites. We will also collect your email address, name, email subject line, and body text involved in any correspondence with any of our sales employees.
Why we collect the information and how we use it
We will typically use this information for the following purposes (other purposes that may apply would be explained as applicable): For the performance of a contract with you, or to take steps to enter into a contract; For compliance with a legal obligation. For the purposes of our legitimate interests or those of trusted third parties, but only if these are not overridden by your interests, rights or freedoms. Improving our systems and services. Enriching our understanding of your business' needs in relation to services sold by us. We will always ensure that our information collection and processing are proportionate. We will always notify you of any material changes to information we collect or to the purposes that we will collect and process it. The latest policy will always be available on our websites.
How we may share information
We will also need to share some of the above categories of personal information with other parties, the recipient of the information will be bound by confidentiality obligations, as well as our own security requirements. External processing – we may share some personal information to other trusted businesses or persons to process information, based on our instructions and in compliance with this notice and other security measures. Legal reasons – we may share personal information where disclosing this information will meet any applicable laws, regulations or legal processes. We may also disclose this information where detecting, preventing or addressing fraudulent activities and other types of security issues. Where relevant, this information may be shared with regulatory bodies, credit reference agencies and law enforcement. Potential buyers of some or all of our business or on a restructuring. Where possible, personal information will be anonymised.
Where your information may be held
Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. Information may be transferred internationally to other countries around the world, including countries that do not have data protection laws equivalent to those in the UK, for the reasons described above. We have security measures in place to seek to ensure that there is appropriate security for information we hold.
How long we keep your information
We keep your information during and after your contract for no longer than is necessary for the purposes for which the personal information is processed. Normally this means that we delete your data within 12 months of the end of your contract unless we are obliged to retain your data for longer based on legal obligations, dispute resolution, or enforcing our agreements. Where we need to hold information for longer, we will only hold what is necessary based on our obligations.
Your right to correct, access and request erasure of your information
Please contact our Data Protection Officer (DPO), whose contact details can be found below if you would like to request access to or correct information that we hold relating to you (in accordance with applicable law and subject to identity verification), or if you have any questions with about this notice. You also have the right to object to processing of your personal information, or to ask us to restrict processing your information as well as requesting portability of your data. You also have the right to ask our Data Protection Officer for information that we hold and process about you to be erased (the ‘right to be forgotten’) in certain circumstances. Our Data Protection Office will provide you with further information about the right to be forgotten if you ask for it.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. We never ask you for login details or any security information via email.
How to complain
We trust that our Data Protection Officer can resolve any query or concern that you may raise about the use of your information. If not, please contact the Information Commisioner at ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.
Data Protection Officer Contact
Email: firstname.lastname@example.org Address: North Lane House, North Lane, Leeds, LS63HG
When corresponding with our sales employees via email, HubSpot (our CRM) will protect the contents of these emails by encrypting data while exchanging it using top security measures to prevent unauthorised or unintended access to its network. You can read more about how HubSpot safeguards your data on HubSpot's security page. If you have any questions with regards to HubSpot's use of your data, please contact them directly at email@example.com. As part of our use of HubSpot, HubSpot transfer information to either Ireland or the United States, and allow access to that information, the purposes of which can be read in HubSpot's policy. HubSpot take appropriate safeguards to require that your Personal Information will remain protected. When any information is shared, HubSpot make use of standard contractual data protection clauses, which have been approved by the European Commission, and rely on the EU-U.S. and Swiss-U.S. Privacy Shield Framework to safeguard the transfer of information we collect from the European Economic Area and Switzerland.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser. We may use both “session” cookies and “persistent” cookies on the website. Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
Google AdWords tracking cookies As part of its digital advertising, CampusLife uses Google AdWords to remarket content to website visitors once they have viewed a CampusLife web page and exit the site. To this end, a tracking cookie will be used to serve adverts to you on other websites based on your usage of the CampusLife website. To opt out of Google's cookies please visit Google's Ads Settings. Alternatively, please visit the Network Advertising Initiative opt-out page.