Frequently Asked Questions
So, what exactly is personal data? Personal data means any information relating to an identified or identifiable natural person. Known as the ‘data subject’.
In other words, any information that clearly about a particular person. But how broadly does this apply?
The GDPR states that this applies where an individual can be identified directly or indirectly. Some of the followings are examples that can make an individual identifiable:
- Identification number;
- Location data; and
- An online identifier
A name is perhaps the most common means of identifying someone. However, whether any potential identifier, including whether a name identifies an individual depends on the context.
By itself, the name ‘John Smith’ may not always be personal data because there are many individuals with that name. However, if the name is combined with other information (such as an address, a place of work, or a telephone number) this is often sufficient to clearly identify one individual.
Special Category Data
GDPR special category data is personal information of data subjects (individuals) that is especially sensitive. Special category data includes the following:
- Race and ethnic origin
- Religious or philosophical beliefs
- Political opinions
- Trade union memberships
- Biometric data used to identify an individual
- Genetic data
- Health data
- Data related to sexual orientation
Due to these data elements being particularly sensitive, the College must have a legitimate and lawful reason for collecting, storing, transmitting, or processing these data.
The College will only collect and process data that is necessary and we are forbidden from processing data unlawfully. Examples of reasons why we ask for your data can vary from the College performing its public task, fulfilments of legal obligations and where an individual requires protection from harm. Legislation protects your data against being processed where there is no existing lawful basis to do so.
The College has many Privacy Notices for various Departments to help you understand, how and why we collect your information. Privacy Notice - SERC
The Information Commissioners Office (ICO) states that, UK GDPR provides the following rights for individuals, which the College is complaint with:
- The Right to be informed;
- The Right of access:
- The Right to rectification;
- The Right to erasure;
- The Right to restrict processing;
- The Right to data portability;
- The Right to object;
- Rights in relation to automated decision-making and profiling.
If you are unhappy with the College’s response to your Subject Access Request, please let us know by emailing email@example.com or addressing a letter to the Records Manager.
If you remain unhappy with the College’s response to your Subject Access Request, please contact the Information Commissioner at:
Information Commissioner’s Office
The College welcomes all means of support for our students however we must also comply with GDPR and the Data Protection Act (2018) which regulates how we process personal data, including any disclosures about our students. This applies to all student information, even if they are under the age of 18.
The College is unable to discuss student information with anyone unless the student has provided this consent on their student account or where an individual has legal responsibility for a vulnerable adult. During application and enrolment, the student is given opportunity to provide this consent and the name of the person to whom we can discuss their information with.
In an emergency e.g., where we have concerns about the life, health, and welfare of the student, we will make contact with the person identified as the ‘Emergency Contact’ on the student’s account.
While the College may not be able to discuss information with you, students can access their student profile from home, and this will contain their timetable, attendance register and various other aspects of their progress at the College.
Staff can answer any questions you may have about College processes e.g. EMA, Application process, Learning Support provision, and we have a suite of policies and procedures available on our website for your information.
You can access the College’s Data Proctection Policy via this link:
Further details regarding this document can be obtained by contacting the Data Protection Officer at the following:Data Protection Officer
SERC Bangor Campus
Castle Park Road
The Information Commissioner's Office
The FE Sector will continually refer to legislation and ICO guidance in regards to data protection.
Further information is available to the public on the ICO website: Guide to Data Protection | ICO.
We publish a range of information that is available to the public as part of our commitment to openness and transparency.
Our publication scheme commits us to make information available to the public as part of its normal business activities.