Introduced by the European Union (EU), the General Data Protection Regulation (GDPR) is intended to help protect the personal information of EU individuals/data subjects (any individual who is physically located in an EU member state, which includes both EU citizens and non-EU citizens). The EU’s General Data Protection Regulation (GDPR) compliance date began May 25th, 2018.
This is a statement of the practices of the University of Notre Dame (USA) in England (henceforth referred to as “UNDE”), of 1-4 Suffolk Street, London, U.K. SW1Y 4HG, in connection with the use and capture of personal data, and the steps taken by UNDE to respect your privacy. UNDE is a UK-based charity body established by the University of Notre Dame (henceforth “Notre Dame”), in the USA. UNDE is registered with the Information Commissioner’s Office (since 2018) as a data controller (registration number: Z76950223).
This Privacy Notice explains how UNDE handles personal data to uphold its obligations relevant to the protection of personal privacy and to be in accord with current UK legislation. UNDE fully respects your right to privacy and actively seeks to preserve the privacy rights of those who share information with UNDE. Any personal information which is volunteered to UNDE will be treated with the highest standards of security and confidentiality, in accordance with U.K. and European Data Protection legislation. Personal data shall be processed in accordance with the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act of 2018.
This privacy notice explains the following:
- What personal data is collected
- How UNDE collects your personal data
- The purpose for (use of), and legal basis for collecting your personal data
- How UNDE stores and secures personal data
- When UNDE shares personal data, including details of third parties with whom UNDE shares personal data
- Your rights with regard to your personal data
You may also wish to download the Data Protection Procedural Guidelines For Personal Data Security Breaches.
Make a request
The GDPR provides a number of rights to EU individuals that include the following: the Right to be Informed, the Right to Rectification, and the Right to be Forgotten/Erasure. Any EU individuals who have/had a formal relationship with the University may leverage the online request form (linked below) for the following rights:
- Request for Information (obtain information about yourself) ;
- Right to Rectification (have your information corrected (where applicable by law)); OR
- Right to be Forgotten/Erasure (have your information removed / erased (where applicable by law))
Important Notice: By submitting your GDPR request, you have acknowledged that you are/were an EU resident at an EU member State at the time that you provided your information to UNDE or Notre Dame.
If you have questions or comments around these three specific rights, or any other rights provided by the GDPR, please email the Office of Information Security and Compliance at firstname.lastname@example.org.
Note: Information on this page and the policies related to the GDPR will be updated on an ongoing basis, as needed.