Skip to main content
Privacy for visitors and correspondents – Bath Spa University

How we process your data is governed by the General Data Protection Regulation and associated data protection legislation.

This notice is for correspondents, visitors of the University, and members of the public who use our facilities. The information also applies to those students and staff on campus.

What data do we collect?

Data collected in the provision of these services includes:

  • Your contact details
  • Your company details
  • Vehicle registration
  • CCTV footage.

Personal information will be retained whenever necessary for the legitimate interests of the Vice-Chancellor, Chancelry Department or University. This information will be kept, safely and securely, for however long is deemed necessary, for the current and future relationship between the user and the University and/or Vice-Chancellor.

Regular reviews of personal information will take place, and where data is deemed irrelevant for continuing relationship purposes, it will be destroyed in a secure and safe manner.

We'll use all reasonable efforts to ensure that your personal data is not disclosed to regional/national institutions and authorities, unless required by law and or other regulations.

How do we use your data and why?

The Vice-Chancellor’s Office and wider Chancelry department of Bath Spa University considers the privacy of its contacts to be a serious issue. All personal data and correspondence received within the Chancelry department is dealt with in a professional and confidential manner.

Information received will only be processed if necessary for the performance of a specific task, response or action. The Chancelry department routinely collects personal data whenever a user chooses to contact us.

The Estates department is responsible for managing the security and safety of individuals at our sites, and the administration of parking permits.

We process data to help support your current and future relationship with the Vice-Chancellor, wider Chancelry department and University. We only process data for specified purposes, justified in accordance with Data Protection Law.

We also use data to keep in touch with individuals interested in the Higher Education sector, specifically Bath Spa University.  This could include people working in other universities and higher education institutions, or organisations connected to higher education, in addition to those working in politics, business, media, and policy.

The table below gives some examples of data and the various purposes for which we process personal data and the justification for this.

Data we hold

Data subject: visitors to the Chancelry department, for commercial, community or similar purposes.

Data processed: name and contact details.

Legal justification: processing is necessary for our legitimate interest in regulating access to the Vice-Chancellor and wider Chancelry, and managing safety at all University campuses/ premises.

Data subject: members of the general public visiting the University for a specific Chancelry event.

Data processed: name and contact details, and any further information required for your attendance at the event, such as dietary requirements. 

Legal justification: contractual necessity – without the personal data we may not be able to provide the event to you.

Data subject: correspondence and communication with the Vice-Chancellor and/ or wider Chancelry department (either via post, email, or other means).

Data processed: name and contact details.

Legal justification: processing is necessary to enable the performance of a specific task, response, or action (legitimate interest).

Data subject: CCTV footage

Data processed: images and video

Legal justification: footage is processed under Legal Obligation, and Legitimate Interest of the University to facilitate the provision of personal security of all residents and visitors to site, and security of the property.

Data subject: automatic number plate recognition (ANPR) records

Data processed: vehicle details.

Legal justification: parking control and security of residents and visitors to site is processed under Legal Obligation, and Legitimate Interests of the University to facilitate the provision of personal security of all residents and visitors to the site and security of the property.

Data subject: security incident logs

Data processed: details of incident, name, contact details.

Legal justification: Legal Obligation under Health and Safety and to retain an overview of the well-being of residents and visitors to the site.

Data subject: car parking permit records

Data processed: names, vehicle details, employment or student status.

Legal justification: parking control and facilitating car parking provision to permit holders under the contractual obligation entered into when applying for the permit.

Data subject: access records

Data processed: your student or staff ID card details, and information relating to your student or staff status.

Legal justification: records of access rights retained to facilitate access to buildings/ rooms necessary for staff or students under our Contractual Obligation to you, and to enable the security of people on site and property.

Where we share data

Security and CCTV

The University engages a third party external security company for security personnel and management. The company have access to Bath Spa University systems for the specified purposes of reviewing security footage as and when is deemed necessary; this will include access to your images taken as a result of CCTV or Bodycam footage. 

In addition, security perssonal will proivde data to us on occasion where an incident has occurred. This data will be details of the incident, and names and contact details of those involved.

Edit section | Website feedback to