Data Protection Privacy Notice for ‘Addressing Health’

What is this privacy notice about?

This privacy notice explains how Addressing Health (“we”, “our”, “us”) collects, uses and shares your personal data (information) and your rights in relation to this data. The notice relates to our processing of personal data of website visitors, enquirers, applicants and others (“you”, “your”) who visit, contact or submit information to Addressing Health.

This privacy notice answers the following questions:

Kingston University is the data controller of your personal data and is subject to the General Data Protection Regulation (the “GDPR”) and the UK Data Protection Act 2018. As such, we are listed on the Information Commissioner’s Office (ICO).

You can find a copy of the University’s Data Protection Policy online along with copies of our other relevant information regulations.

We may update this privacy notice periodically and if we do we will publish this on our website.


What is the role of Addressing Health?

Addressing Health is the website for a Wellcome-funded project on the health of postal workers in the nineteenth and twentieth-century UK.


How do we collect your information?

Information provided by you

We collect your personal data in the following ways:

  • from you when you complete a form or otherwise provide contact details at an event or open day (for example, a business card);
  • when you sign up to receive our newsletter or other communications;
  • when you complete and submit a web enquiry form;
  • automatically from our website (see below);

What types of information do we collect about you?

We collect contact details, which may include:

  • your name
  • job title
  • company title
  • postal address
  • email address
  • telephone number

How will we use your information?

We use your personal information to contact you about events and other activities related to the Addressing Health project that may be of interest to you.

For how long do we keep your information?

Your information will be kept on our secure database until you notify us (using the contact details below) that you would like to be removed. In addition, we will review our database each year to ensure out of date or erroneous data is removed.

Information that is collected automatically

In addition to personal information you may provide when you visit our website the following information is received and stored by our web servers:

This data is known as web server logs. We use this information strictly to analyse how our website is used by our visitors and we may archive this information in an anonymous form for statistical purposes.

The cookies we use

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies we use and why.

Cookie Names Purpose
Google Analytics _ga _gat _gid These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited.
Wordfence wordfence_verifiedHuman wfvt_[#] A Wordfence security plug-in used to protect the Site against malicious attacks. Information about your general geographic location (used to remember your time zone, for example). These are known as session cookies and are deleted when you leave the site.
Session cookies   Used to check that the cookies consent bar has been accepted.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit About Cookies or All About Cookies www.allaboutcookies.org.

Find out how to manage cookies on popular browsers:

To find information relating to other browsers, visit the browser developer’s website.

To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.


What legal basis do we have for processing your information?

For information collected via cookies or information you send to us we rely upon your consent.


Who will we share your information with?

Other organisations

We use MailChimp to distribute our communications, you can review their privacy notice on their website. We will not share information collected via cookies or information you send to us unless you agree to this. For example, you may send us information relating to our research and that information will be processed in line with our research data management plan.

Information transferred overseas

Some of the personal data we process about you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). These processes include where the personal data is processed by our staff, contractors or suppliers who are based outside the EEA or who use storage facilities outside the EEA.

In these circumstances, your personal data will only be transferred on one of the following bases:

  • where the transfer is subject to one or more of the “appropriate safeguards” for international transfers prescribed by applicable law (for example, standard data protection clauses adopted by the European Commission);
  • a European Commission decision provides that the country or territory to which the transfer is made ensures an adequate level of data protection;
  • there exists another situation where the transfer is permitted under applicable law (for example, where we have your explicit consent).

For how long do we keep your information?

Your information will be kept on our secure database for the duration of the project or until you notify us (using the contact details below) that you would like to be removed.

Please refer to the section about cookie above, for more detail about how long individual cookies will retain information.


What are your rights?

Under the GDPR and when the new UK Data Protection Act comes into force, you have the following rights:

  • to access from us the personal data we hold about you;
  • to require us to correct the personal data we hold about you if it is incorrect;
  • to require us to erase your personal data;
  • to require us to restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);
  • to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format and the right to transmit that data to another controller;
  • to object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights;
  • to not be subject to a decision based solely on automated processing, including profiling, which has a legal effect on you.

Please note that the above rights are not absolute and we may be entitled to refuse requests where exceptions apply.

If you have given your consent and you wish to withdraw it, please contact our Data Protection Officer using the contact details set out below. Please note that where our processing of your personal data relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you.


Who can you contact about your information?

For general queries including requests to be removed from our mailing list please contact:

Douglas Brown Doug.Brown@kingston.ac.uk

All other data protection enquiries should be emailed to GDPR@kingston.ac.uk.

If you are not satisfied with how we are processing your personal data, you can make a complaint to the Information Commissioner.

You can find out more about your rights under data protection legislation from the Information Commissioner’s Office website.