Main menu
Staff & students

Privacy notice: Members of College Council and Committees

Privacy notice for members of Goldsmiths' governing bodies - Council and its Committees.

Primary page content

Goldsmiths, University of London collects and processes personal data relating to Members of the College Council and Committees in order to fulfil its Charter, its legal and regulatory responsibilities and to manage its relationship with Members effectively.

This Notice explains how Goldsmiths will collect, use and share your personal data and sets out your rights in relation to your personal data. It should be read alongside the general information on how we process personal data and the use of cookies on our website.

This Notice will be kept under review and Members will be informed of any significant changes.

The purpose of processing your personal data

Goldsmiths will process your personal data for the following purposes:

  • discharging its duties and obligations in accordance with Goldsmiths’ Charter, Statutes, Ordinances and Standing Orders
  • complying with legislation, checks and procedures relating to the management of investments or procurement of financial services, in accordance with Members’ responsibilities as trustees of the College
  • informing the Regulator of changes to the Membership of the College Council
  • conducting a Fit and Proper Person Assessment in accordance with the requirements of the Regulator
  • preparing and publishing a Register of Interests containing declarations from each Member of the Council, updated annually
  • preparing audited annual reports and financial statements
  • holding institutional celebratory events
  • preparing the College’s annual data submission to HESA regarding the governing body
  • committee management
  • publishing a biography for each Member on the College’s website
  • developing a skills and experience matrix to aid the College in recruiting new Members to Council
  • making contact with Members when necessary
  • processing Members’ expenses claims
  • managing Members’ access to College facilities and infrastructure
  • making arrangements for external training sessions or conferences

The personal data that is collected and processed

This may include:

  • name
  • date of birth
  • email address
  • postal address
  • telephone numbers
  • educational background and qualifications
  • employment history
  • voluntary appointments
  • protected characteristics
  • reasonable adjustments and access requirements
  • bank account details
  • car registration number
  • name of partner or spouse
  • dietary requirements
  • a photographic portrait
  • skills and experience

Where personal data is collected from

Your personal data is collected from the following sources:

  • You – you provide data through application forms, CVs, resumes, identity documents, interviews, forms completed by you at the start of or during your term of membership, correspondence with the College, meetings or other consultations
  • Third parties – the College obtains data from those parties you may have provided as references as part of your application

The legal basis for processing your data

Goldsmiths relies on several different legal bases for processing your personal data. The lawful bases are set out in Article 6 of the UK GDPR. Depending on the processing being performed, these may include one or more of the following:

  • processing is necessary for the performance of our tasks carried out in the public interest or in the exercise of official authority vested in the College
  • processing is necessary to comply with the College’s legal and regulatory obligations, such as the Office for Students requirements as set out in the Higher Education and Research Act 2017
  • processing is necessary for the purposes of the legitimate interests pursued by the College or by a third party
  • you have given your consent to the processing of your personal data

We may process your special category data to ensure the College has appropriate facilities to accommodate your needs. For example, we may need to process information about your dietary requirements where these are related to your religious or philosophical beliefs. We process this data in order to comply with a statutory obligation conferred on us by equality law or health and safety law, in accordance with Schedule 1 Part 2 of the Data Protection Act 2018.

We process Criminal Offence data to the extent that this might arise in Fit and Proper person checks, or other due diligence undertakings. The processing is undertaken with explicit consent and/or because it is necessary for reasons of substantial public interest set out in Schedule 1 of the Data Protection Act 2018, particularly paragraphs 6 and 12.

Securing your personal data

Your personal data is held securely within the College. Access to the data is controlled. Staff processing the data receive relevant training on data protection and information security.

From time to time, the College may commission agents of a third party to enhance the systems storing your personal data. Where this occurs, they will act in accordance with the instructions given by the College, scheduled within a data sharing agreement, so that your personal data remains secure.

Sharing your personal data with others

Your information will be shared internally with College staff who need the information for administrative purposes.

The information will be placed in the public domain in respect of:

  • Members’ biographies published on Goldsmiths’ website
  • Goldsmiths’ Register of Interests
  • Goldsmiths’ annual report and financial statements
  • live-streamed graduation events
  • other Goldsmiths publications

It may also be necessary to share your personal data with:

  • the Office for Students (OfS)
  • the College’s banks, insurers, legal advisors, and internal and external auditors
  • organisations used by the College to manage investments and assets
  • UK government bodies and departments responsible for public funding, statistical analysis, monitoring and auditing, sponsorship, or regulatory matters
  • AdvanceHE, or other training providers, when making bookings on Members’ behalf
  • contractors or suppliers the College might engage to carry out services that may involve or require Members’ data

Where the College engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data. Appropriate safeguards will be put in place where your data is to be transferred outside the European Union.

JISC / HESA

Jisc is the Designated Data Body for England under the Higher Education and Research Act 2017, with a statutory relationship to the Office for Students. On 4 October 2022 the Higher Education Statistics Agency (HESA) merged with Jisc; HESA is now part of Jisc.

Goldsmiths has a statutory requirement to report data to HE funding and regulatory bodies. It does this by providing information to JISC who shares this information with public authorities who require it to carry out their statutory and/or public functions.