Student Privacy Notice


Policy Statement

The School is committed to protecting student privacy and complies with the Data Protection Act 2018. We process personal information for admissions, teaching, and operational purposes, ensuring fairness, transparency, and confidentiality. Our Student Privacy Notice details data collection, usage, access, retention, and post-graduation handling. For more information, please refer to our Data Protection Policy.

Principles

  • Transparency: Clearly communicating the types of data collected, and the purposes for which it is used.
  • Consent: Obtaining informed consent for the collection and use of personal data, where appropriate.
  • Control: Empowering students with control over their own personal information.
  • Security: Ensuring robust measures are in place to protect personal data from unauthorised access.
  • Legality: Complying with all relevant data protection laws and regulations.
  • Minimisation: Collecting only data that is necessary and relevant for the School’s functions.
  • Retention: Retaining personal data for no longer than necessary and disposing of it securely.
  • Accuracy: Maintaining accurate and up-to-date student records and providing mechanisms to correct inaccuracies.
  • Access: Allowing students the right to access their personal data held by the School.
  • Accountability: Holding the School accountable for its data protection practices.
  • Training: Providing training to ensure that staff understand their responsibilities under data protection law.
  • Review: Regularly reviewing policies and practices to align with evolving data protection standards.

Regulatory Context

This Policy has been developed in line with the applicable laws, regulations, regulatory advice, and sector best practices, including the following:

Authority Name Url
UK Government Consumer Rights Act 2015
A UK law that consolidates consumer rights, covering contracts for goods, services, digital content, and providing remedies for faulty goods and services.
UK Government Data Protection Act 2018
Legislation aimed at controlling the processing of personal data, laying down principles with respect to the processing of personal data, and the rights of data subjects
Office for Students (OfS) Regulatory framework for higher education in England
This framework outlines OfS' primary aim to ensure positive outcomes for students, including access, success, and progress in higher education. It covers quality academic experience, progress into employment, and value for money.
Quality Assurance Agency (QAA) The Quality Code
This code represents a shared understanding of quality practice across the UK higher education sector, protecting public and student interests and championing the UK's reputation for quality.
Competition and Markets Authority (CMA) Higher education: consumer law advice for providers
Advice to help higher education providers understand their responsibilities under consumer protection law, especially regarding undergraduate students.
Information Commissioner's Office (ICO) Guide for higher education institutions
Provides guidance for higher education providers on their obligations under data protection law.

Data Collection Overview

Title
Advice
Data

During your time with the School, we will collect and store personal data, including special categories such as racial or ethnic origin, religious beliefs, physical or mental health, and sexual orientation. You may also provide information on criminal convictions. The data we hold may include:

  • Personal Details: Name, contact information (address, email, telephone number), date of birth, country of domicile, nationality, and right to study in the UK. For overseas students, passport and visa details are also collected.
  • Educational and Employment History: Schools attended, modules completed, dates of study, and examination results.
  • Contact Information: Details for contacting you and your emergency contact.
  • Family and Personal Circumstances: Information relevant to assessing bursary eligibility and providing academic and non-academic support, including study skills, wellbeing, and counselling services.
  • Academic Engagement: Attendance, participation in studies, assessment feedback, qualifications awarded, and online learning activities.
  • Programme Details: Enrolments, selected modules, and timetables.
  • Financial Information: For managing fees, loans, grants, and financial support, including bank details for payments (e.g., bursaries).
  • Service Usage: Interaction with School services such as the Library and Careers services.
  • Digital and Communication Data: Log data from School email and services, including email marketing interactions. Telephone call logs are maintained but not linked to student records.
  • Visual Data: Photographs and video recordings for identification, study administration, assessments, examinations, and graduation ceremonies.
  • Safety and Security: CCTV footage and data related to breaches of School regulations, as well as personal data required under the UK GDPR for crime prevention and safety.
  • Health and Disabilities: Information used to provide support, make adjustments for study, assessment, and examinations.
  • Equal Opportunities Monitoring: Data on racial or ethnic origin, religious beliefs, health, and gender identity for monitoring and statutory compliance.
  • Criminal Convictions: Information may be used to restrict access to services if necessary for safety.

You can view some of your data through the ‘personal’ tab on Student Central.

This policy ensures transparency about the types of personal data collected, the purposes for which it is used, and how it is managed. It supports compliance with data protection regulations and provides clarity on how students' information is handled.

Purpose of Data Collection

Title
Advice
Collection of Personal Information

We collect personal information to support your education and enhance our services and facilities. This data also aids in delivering student services, including disability support and assistance for international students. We collect personal data in the following ways:

  • Initial Contact: When you contact us, we create and update your record with information provided during reservations, registrations, and throughout your studies, including participation in learning activities, attendance, assessments, and use of services such as disability and employability support.
  • Pre-Admission: From interactions before you join, such as expressing interest, ordering a prospectus, or sharing details at an open day.
  • Application Process: Through application forms submitted via UCAS and other admissions procedures.
  • Communication: From telephone, email, or website interactions for enquiries or concerns.
  • Ongoing Interactions: As you interact with us during your studies for various purposes outlined below.

We may also receive information from third parties, such as:

  • HESA and Educational Institutions: To verify your qualifications or check previous HESA returns.
  • Funding Providers: Basic information from UK funding authorities or agencies, such as loans or grants, and details from organisations covering your fees.

This policy clarifies how and why we collect personal information, ensuring transparency and compliance with data protection standards. It also explains the sources of information to support student services and administrative functions effectively.

Data Access and Authorisation

Title
Advice
Disclosure of Personal Information

The School may share personal information with external organisations to fulfil legal obligations, manage operations, or at your request. External organisations may include:

  • Higher Education Statistics Agency (HESA): For processing personal data. Details available at: HESA Data Protection Notices
  • Government Departments: Such as Home Office (including UK Visas and Immigration), Foreign and Commonwealth Office, Department of Health, and Department of Education.
  • Executive Agencies and Non-Departmental Public Bodies: Including HM Revenue and Customs and the Health and Safety Executive.
  • Office for Students (OfS).
  • Universities and Colleges Admissions Service (UCAS).
  • Office for Fair Access (OFFA).
  • Office of the Independent Adjudicator (OIA).
  • Student Experience Surveys: Including Student Experience Survey (SES), National Student Survey (NSS), Postgraduate Taught Experience Survey (PTES), Postgraduate Research Experience Survey (PRES), and Graduate Outcomes survey.
  • Anti-Plagiarism Software Providers.
  • Student Loans Company (SLC) and Other Loan Providers: Such as US Federal Loans, Canadian Loans, and Channel Islands Government.
  • Accrediting Organisations: Such as BCS, for qualification confirmation and programme accreditation.
  • Local Authorities: For Council Tax administration and electoral registration.
  • Law Enforcement Agencies/Multi-Agency Safeguarding Hub (MASH).
  • Insurers: For accidents.
  • Internal and External Auditors.
  • Sponsors or International Agents: Where a contract exists.
  • External Learning or Training Placement Providers.
  • Current or Potential Employers: For references and progress/attendance details, with your permission.
  • Library Services: Including access to online resources and dyslexia support.
  • Graduation Service Providers.
  • Student Trip and Exchange Programme Service Providers.
  • Student Support Service Providers.
  • Student Accommodation Providers.
  • IT Service Providers.
  • Parents/Guardians: For students under 18 years old.
  • Crime Prevention or Detection Agencies: Such as the police, Department for Work and Pensions, and Trading Standards.
  • Banks and Employers: For confirming student status or providing references, at your request.
  • Debt Collection Agencies: If money owed is not recovered.
  • Third-Party Software Systems: For managing applicant and student data functions.

We do not usually share additional personal information without your consent, except in cases of vital interest (e.g., emergencies). Anonymised or aggregated data may be shared for purposes like equality benchmarking with organisations such as Stonewall and Advance Higher Education.

This policy ensures transparency regarding how and why personal data may be shared with external organisations. It supports legal and operational requirements while maintaining student privacy and providing clarity on data usage.

Application of Collected Data

Title
Advice
Secure Handling and Use of Personal Information

The School securely collects, stores, and processes your personal information in various paper and electronic formats, accessible only to authorised staff and trusted contractors with a legitimate business need. Your data is used for:

  • Academic Administration: Supporting your education through admission, registration, programme management, placements, progress tracking, awards, assessments, examinations, attendance, and research.
  • Financial Administration: Managing fees, scholarships, bursaries, and sponsor-related funding.
  • Facility Use: Overseeing access to buildings, catering, computing services, libraries, careers services, health and wellbeing services, and graduation events.
  • Disciplinary and Appeals Management: Handling complaints, investigations, and disciplinary proceedings related to student and academic misconduct.
  • Regulatory Processes: Supporting extension requests, extenuating circumstances, intermission applications, and student surveys.
  • Statutory Reporting: Fulfilling legal obligations and monitoring equality responsibilities.
  • Health and Safety: Ensuring student wellbeing, safeguarding, and crime prevention.
  • Regulation Compliance: Monitoring adherence to School regulations.
  • Management Reporting: Conducting research and statistical analysis for reporting purposes.
  • Visa Compliance: Verifying study rights and visa terms.
  • Academic Records: Providing transcripts and award certificates.
  • CCTV Administration: Managing the School’s CCTV system.
  • Communication: Contacting you regarding studies, administration, support, and updates about the School.

Special categories of data, such as race, ethnicity, and medical information, are handled with strict data protection measures overseen by the Data Protection Officer.

This rule ensures transparency in how personal data is managed and used, providing clarity on its secure handling and the specific purposes it serves, including protection of sensitive information.

Data Storage and Security

Title
Advice
Access and Storage of Personal Data

Your personal data is stored within our student administration systems and is accessible only to authorised School staff.

This ensures that your information is securely managed and only available to those who need it to perform their duties, protecting your privacy and maintaining the integrity of your data.

Data Retention

Title
Advice
Retention and Use of Personal Data

We may retain your personal data for up to 6 years after your association with the School ends. A core record of your data will be kept indefinitely to provide references and verify your study with us. Automated decision-making, including profiling, will not be used on your personal data.

This retention period ensures we can fulfil future verification and reference requests while complying with data protection regulations. Retaining core records indefinitely supports alumni needs, and avoiding automated decision-making safeguards individual rights.

Amendments to Privacy Guidelines

Title
Advice
Review of Privacy Notices

We regularly review our privacy notices. The most recent update was in June 2021.

Regular reviews ensure that our privacy notices remain accurate and compliant with current data protection laws, reflecting any changes in how we process personal data.

Additional Privacy Statements

Title
Advice
Protection of Your Privacy

We are committed to protecting your privacy. Please note that additional privacy notices cover data related to staff, enquiries, applications, current students, alumni, and website use. These notices are available on our website.

Multiple privacy notices ensure that all aspects of data handling within the School are covered, providing clear and specific information about how different types of data are managed.

Graduation Process and Academic Records

Title
Advice
Graduation Information and Data Use

Before your graduation, we will request additional details to arrange your attendance, your guests' attendance, and to process your award certificate. This information, along with graduation details, will be available on our website. Photographers and videographers will be present at the ceremony, including a live stream of graduates crossing the stage, which may be shared on social media and used for marketing. Your name, award, programme, and ceremony details will be shared with our gowning supplier for gown hire arrangements.

To celebrate your achievements, all eligible graduates' names (excluding classifications) will be printed in the ceremony booklet and listed at the end of the graduation film, both live-streamed and available for download. Names will be listed by award, programme, and alphabetically.

Your ceremony invitation will include full terms and conditions, along with an option to opt into sharing your name with our graduation commemorative merchandise suppliers.

These procedures ensure smooth graduation arrangements and allow us to celebrate and publicise your achievements while providing the necessary details for gown hire and commemorative merchandise. The inclusion of names in graduation materials honours all graduates and enables easy identification during the ceremony.

Post-Graduation Data Utilisation

Title
Advice
Retention and Use of Personal Data Post-Study

After completing your studies, the School retains a core record of your academic achievements indefinitely to verify your qualifications and for statistical and historical research. Upon successful completion, your contact and personal details are shared with our Philanthropy and Alumni Engagement Department for alumni activities, including communications about events, benefits, services, and fundraising efforts. Limited personal data may also be shared with contractors for fundraising analysis. You can adjust your communication preferences at any time by contacting alumni@lsi.ac.uk.

Additionally, during and after your studies, you may be invited to participate in surveys such as the National Student Survey (NSS), Graduate Outcomes Survey, and Postgraduate Research Experience Survey (PRES). Your contact details will be shared with the Office for Students (OfS) and the Higher Education Statistics Agency (HESA) for survey purposes and will be deleted after the survey closes. These bodies may retain your details for future public interest surveys, subject to your legal rights.

Retaining your core academic records ensures the School can confirm your qualifications and contribute to research. Sharing your details with the Alumni Engagement Department supports ongoing alumni relations and fundraising. Survey participation helps improve education quality and track graduate outcomes, while data retention by public bodies supports broader research and policy development.

Metrics and KPIs

The following metrics will be measured and regularly reviewed as key performance indicators for the School to ensure the effectiveness of this policy and associated operations.

Title
Data Breach Incident Rate
Reduce the number of data breach incidents involving student information to zero per academic year by implementing stringent data protection measures.
This KPI is critical as it directly measures the effectiveness of data protection practices and compliance with the Data Protection Act 2018.
Data Retention Audit Accuracy
Conduct bi-annual audits with a 95% accuracy rate to ensure student data is retained and disposed of according to the Data Retention Policy.
This KPI ensures compliance with retention policies, reducing the risk of unnecessary data retention and potential legal issues.
Incident Resolution Time for Data Breaches
Resolve 95% of data breach incidents involving student information within 72 hours of discovery, reviewed quarterly.
Swift incident resolution minimises potential harm to students and reduces the impact of data breaches.
Student Data Access Compliance
Achieve 100% compliance in processing student data access requests within the required period each academic year..
Ensures timely and lawful responses to student data requests, fostering transparency and trust in the institution.
Policy: Student Privacy Notice