UWS Clearing


Website Privacy Notice

The University is committed to looking after any information that you make available to us when you visit our website. We aim to be clear about what we will do with your data. This website privacy notice explains when and why we collect personal information about you and how we will use this information. It also explains how we keep your information secure as well as the rights you have in relation to the information we hold about you.

The sections below set out the main information we need to give to you.

The website privacy notice will be regularly reviewed to make sure it contains the most up-to-date information. Check back regularly for the most up-to-date version.

This website privacy notice relates to how we use the information you provide when you visit this website. There are times when we have separate privacy notices which deal with other circumstances, for example, how we handle your data if you enrol as a student of the University. You will be made aware of these tailored privacy notices separately.

Contact us

If you have any questions about any of the information contained in this privacy notice then you can contact us on dataprotection@uws.ac.uk.

Who are we?

The University of the West of Scotland (referred to in this Privacy Notice as the “University”, “we”, “our” or “us”) is the Data Controller under the data protection legislation. This Privacy Notice sets out how we process personal data about visitors to our website (referred to in this Privacy Notice as “you” or “your”).

What type of information do we collect about you?

We collect information about you:

  • when you provide us with your personal details (such as your name, contact details, email address, etc.) by registering with us or submitting an enquiry via the website
  • when you respond to surveys which we ask you to complete for research purposes
  • from your usage of the website and any other information you post on the site or send to us via email or other means

What are the sources of information we hold about you?

The personal data which we hold about you is will be the information provided directly by you when you make an enquiry to us.

How will we use your information?

We will use the information we hold about you to respond to any queries you have raised with us or to provide you with information that you have requested that we send you.

If you make a general enquiry we will only send you the information you have requested and will not use your details for any further direct marketing purposes unless you have given your consent for us to do this.

We may use data to analyse demographic and other statistical information about the popularity and effectiveness of our website, but we’ll only disclose that information in aggregate form (user data grouped together), so individual users cannot be identified.

Why do we need to process your personal information?

We may process your personal data for a number of reasons. Primarily this is because you have consented to this so that we can respond to your enquiry or provide you with the information you have requested.

There may be times that we process your information because it is necessary for the purposes of our legitimate interests. For example, to better understand how people interact with our websites. We will not process your data for the legitimate interests of any third parties (e.g. other organisations or public bodies).

How long will we keep your information for?

We will retain your data for as long as it is needed to respond to your enquiry. If you also consent to receiving marketing information from us, we will keep your data for longer; but will ask for your consent again periodically so that we can ensure the information we send to you is still relevant.

Who has access to your information and who will we share it with?

Authorised personnel within the University will be able to access the information you provide to us. Your personal data will only be shared with those third parties with whom the University works in order to provide you with relevant, personalised communications. These types of organisations can include but are not limited to:

  • Suppliers of digital content for emails
  • Service providers who send out emails, SMS, direct mail or other communications on behalf of the University
  • Providers who will use your profile information to identify others who may be interested in the University.

No information will be passed to third party organisations for them to contact you directly themselves.

What choices do you have in relation to your information?

Under the legislation, you have certain rights in relation to the information we hold about you:

  • to obtain access to, and copies of personal data we hold about you;
  • to require us to stop processing your personal data if the processing is causing you damage or distress;
  • to require us to stop sending you marketing communications;
  • to require us to correct any personal data we hold about you that is incorrect;
  • to require us to erase your personal data;
  • to require us to restrict our data processing activities;
  • to withdraw your consent to our data processing activities (without affecting the lawfulness of our processing before you withdrew your consent);
  • to receive the personal data that we hold about you, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another controller, but only if you provided this information to us by automated means;
  • to object, on grounds relating to your particular situation, to any of our processing activities where you feel this has a disproportionate impact on your rights.

Many of the rights above are not absolute. As such, there may be times when you make a request to us and we are unable to meet it in full. If this is the case we will explain to you fully why we have not been able to do what you have asked. You should also be aware that where our processing of your information relies on your consent and you then decide to withdraw that consent, then we may not be able to provide all or some aspects of our services to you.

More detailed information about the rights you have in relation to the gathering, storage and processing of your personal data and how you can make a Personal Data Request, can be obtained by contacting us at dataprotection@uws.ac.uk.

How will we keep your information safe?

We employ industry-standard security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction, or damage. All personal information we hold about you is held on our secure servers. If we hold paper records about you then we make sure that staff are trained about how they should handle this information and make sure it is stored securely.

Information transmission over the internet can never be guaranteed to be completely secure and although the University will endeavour to protect your personal data, we cannot guarantee the security of your personal data transmitted to our website. Any such transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorised/unlawful access and disclosure.


A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. Rules are designed to provide a balance between strong security and allowing staff and students appropriate access to teach and study.

Patch Management

Patch management is a strategy for managing security fixes or upgrades for software applications and technologies. A patch management plan helps the organisation handle these changes efficiently and in a controlled and fully tested manner. We patch our devices and systems as part of a 30 day rolling process. Critical security patches are installed as required.

Access Control

Access control is a security technique that can be used to regulate who or what can view or use resources in a computing environment.

Access to files and folders and connections to computer networks is based on user credentials, login and password.

Event / Network Monitoring

The UWS network is constantly monitored for anomalous behaviour which would be associated with cyber-attacks. Event monitoring tools help us to monitor details of activity on the network and allow us to highlight areas of concern for further investigation. Identifying anomalies quickly is vital to securing the confidentially, integrity and availability of data on our network.


Anti-Virus protection is installed on all endpoint devices and updated at least daily with the latest vendor updates.
Antivirus software is designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.

Our antivirus software programs include real-time threat detection and protection to guard against potential vulnerabilities as they happen, as well as system scans that monitor device and system files looking for possible risks.

Will we transfer your information outside the EEA?

The information we store and process stays within the UK.

Who is the University’s Data Protection Officer?

The University Solicitor is the UWS Data Protection Officer. If you have any concerns about how we handle your personal data then you can contact the Data Protection Officer directly by e-mail: dataprotection@uws.ac.uk

or by post:

Data Protection Officer, University of the West of Scotland, Legal Services, High Street, Paisley, PA1 2BE

How can I complain about your use of my information?

If you remain unhappy then you have a right to complain to the Information Commissioners Office:


Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF


e-mail: casework@ico.org.uk
telephone: 0303 123 1113