GDPR

GDPR

The General Data Protection Regulation (GDPR) that was passed in 2016 becomes enforceable on 25 May 2018. The legislation strengthens the use of data and its security in order to enhance your privacy rights. This page attempts to provide a brief overview of some of the processes UNIQ adopts to ensure your data is used appropriately.

Your Data

When you make an application to UNIQ you enter an agreement with the University of Oxford and UNIQ to use your data for the purposes of activity selection and reporting. The exact agreement you entered into is determined by the year you made an application, as this changes depending on the circumstances at the time, and how we wish to use the data.

Data Retention

Under principle 5 of the Information Standards Principles, we only store data where it is a) required for the selection of applicants to a UNIQ activity, or b) to enable us to accurately track applicants for research purposes. The length of time we retain data for depends on its use for selection or research. We hold no data longer than 10 years, and the majority of an applicants data is removed completely within 5 years or less. We review our data retention policies every four months.

Compliance

In order for UNIQ to ensure it is in compliance with the GDPR we have closely looked at all agreements digitally signed by applicants since we began operations in 2010. In cases where we may wish to contact specific applicants in the future, and believe there is ambiguity in our wording to allow us to do this, we will contact them to gain consent to store their email.