LRC Privacy Notice
Introduction
SERC is a “data controller” for the purposes of Data Protection legislation. This means that we are responsible for deciding how we hold and use personal information about you. This privacy notice explains how we hold and use any personal information we collect about you before, during and after your working relationship with us.
The College will process all personal data in compliance with the Data Protection Act 2018 for the purpose of providing you with the opportunity to borrow books and other resources from the SERC LRCs and for the use of PCs in the LRCs. We will never ask for information that is unnecessary to deliver this service.
SERC is the Data Controller registered with the Information Commissioner Office (ICO) and is responsible under the Data Protection Act 2018 for the personal data that you submit to us.
The Data Protection Officer for the College is Sian Harvey.
Lawful Basis for Processing
Personal Data
As a FE College our main lawful basis for processing your personal data in the LRC are as follows
- Article 6.1(e) - processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
On occasions we may be required to process your personal data for other reasons however we will only do so where a Lawful Basis applies.
Categories of Personal Data
Personal data captured may include:
- Name
- Contact details: Address, Email, telephone number
- Books on loan / past books on loan
Information may be obtained directly from the individual.
The College will only collect the necessary information required for the purposes detailed in this Privacy Notice and without it the College may not be able to fulfil its obligations.
How do we Collect Personal Data?
We collect personal information about clients using the LRC through disclosures from you and the EBS system (student database).
Who will have access to my information, or who will you share it with?
We will share personal information with third parties or internal staff where there is a lawful basis to do so.
We have Data Processing Agreements in place with third party service providers which require them to respect the security of your data and to treat it in accordance with the law.
For full details on our Privacy Notice and your Rights, please view our Privacy Notice