This statement is intended to be straightforward and easy to follow. Please contact infouniref.uk if you have any questions.
All users of uniref.
We hold the name and email address of all users. For students we also store your personal statement, your UCAS reference and the data that is acquired to generate your UCAS reference. If you log in using Google credentials, then Google will provide us with your name, email, Google ID, language preference and a url pointing to your Google profile picture.
In addition to the details above, we also record when you login to uniref, how many times you have logged in and when you last made a change to your personal profile. We securely record an encrypted form of your password.
Your email address is only used in order to login and for us to contact you regarding your access to the website. This enables us to provide you with password details on registration, or to allow us to send you the details for a password reset, if you request one. Login information is held to assist with understanding why login attempts occasionally fail. If you login using Google credentials, then we may choose to personalise your pages with your Google profile picture.
We hold your personal information from the time that your account is created, until the account is deleted three months after the account licence expires. We allow certain individuals in your school (generally teachers) access to your personal information if they have valid accounts on this system, but will never give your personal information to anyone outside your school unless required by law to do so. With the exception of the UCAS administrator's account, when the licence on an account has expired, that data becomes inaccessible and will be deleted after three months. The school may choose to retain that data by downloading it to its own secure storage before the licence expires, or may apply a new licence to the account to extend its life for an additional year.
Your personal information is securely held on a database within the webservice. Access to the database is restricted to those personnel who administer the webservice. The webservice is located in the secure Sentronex datacentre in Reading, UK. The data held by uniref will always remain within the UK.
When users login for the first time, they will be asked to consent to the use of their personal information in order to access the system. The page where consent is requested gives sufficient information to allow the user to choose whether or not to consent. The user may revoke their consent if they wish, by changing a setting on their profile page.
Access to the website will not be granted to any user who fails to give consent for uniref to use their personal information. A person who revokes their consent will lose their right of access to the website.
uniref is not involved in any aspect of direct marketing, so your personal information will only used for the purposes explained above.
There are eight rights that every person has over the use of their personal information. These are:
Please contact infouniref.uk if you wish to pursue your rights under any of these categories. In line with the latest legislation, subject access requests are free. Category 8 has no relevance to the website's use of your personal information. The consequence of exercising your rights under categories 4, 5, and 7 could mean that you might lose the use of uniref.