Privacy Policy

Greater Manchester Higher is a collaborative partnership of universities and colleges across the region. Manchester Metropolitan University is the lead of the partnership and hosts this website.

The University is committed to looking after any information that is made available to us when you visit our website in accordance with data protection legislation and the University’s Data Protection Policy.

This is the privacy notice for the Greater Manchester Higher website. Other University websites, for example those operated by faculties or departments, may carry their own specific privacy notice information or provide additional information relating to their activities, which will supersede or supplement this notice.

This notice explains who we are, how and why we collect personal information about you when you visit our website, what personal data is collected, our purposes and lawful bases for processing, and how you can exercise your privacy rights.

Please do read this notice to understand our practices and if you have any questions, please contact us using the contact details provided below. Other privacy notices relating to our specific activities of the University are available from our main Privacy Notices index.

Who we are

Throughout this notice, “University”, “we”, “our” and “us” refer to the Manchester Metropolitan University, an exempt charity under Schedule 2 to the Charities Act 1993 (amended by the Charities Act 2011). We are a higher education institution which provides teaching, education, research and associated services. The University is the Controller in respect of any personal data which is collected during your engagement with the University website. The University is registered as a Controller with the Information Commissioner’s Office (ICO).

The personal data we process

Cookie information

If you have consented to our use of cookies, we will automatically collect, store, and use the following categories of information when you browse and search our site:

  • Technical information, for example, the type of device (and its unique device identifier) you use to access our site, the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, mobile network information and platform; and
  • Information about your visit to our site including the full Uniform Resource Locators (URL), clickstream to, through and from the website (including date and time), pages you viewed, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

Further information about our use of cookies is seen within our cookie policy.

Information collected via our forms

The majority of the personal information we collect about you when you engage with the website will be obtained via our forms, or if you contact us by e-mail. Examples of our forms include: our Contact Us form and event enquiry forms. We may ask for some personal details if you ask us to respond to your request.

The personal data we request will be determined by your enquiry, but is likely to be:

  • biographical information consisting of your name;
  • your contact details including school name, job title, phone number and email address.

This information is collected directly from you.

We will ensure that all personal information you supply is held in accordance with data protection legislation. We do not sell or otherwise transfer personal data to any third parties unless you have consented to this or this is permitted by law.

Your information will enable us to:

Cookie information – understand how users engage with our site, and improve our site and security. This processing occurs because it is necessary to meet our legitimate interests in operating and improving the website, analysing its use, and ensuring its security.

Lawful basis: This processing occurs because it is necessary to meet our legitimate interests in operating and improving the website, analysing its use, and ensuring its security. We also rely upon your consent collected when you accept use of our cookies.

Information collected via our forms – service your request of the University. For example, service and respond to your request to receive information from us or to facilitate your event booking enquiry.

Lawful basis: Where we are servicing or responding to a request which you have made of the University via one of our forms, we rely upon the legitimate interests lawful basis in order to respond to your request. We also rely upon legitimate interests to send you our promotional and marketing communications, such as our newsletters.

The recipients or categories of recipients of the personal data

We may share your data with third parties who provide services on our behalf, such as those who help us to operate the website or service requests you have made of the University. All our third-party service providers are bound by the terms of a contract and are required to take appropriate security measures to protect your data in line with our policies. We do not allow them to use your data for their own purposes. We permit them to process your data only for specified purposes and in accordance with our instructions.

We may also share your personal data with third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our site terms of use or to protect the rights, property or safety of our site, our users, and others.

Where your data is shared with third parties, we will seek to share the minimum amount necessary.

Retention

We will only retain your personal data for as long as is necessary in order to process your request. Specifically, we retain general enquiries for a period of one year following our response.

Your rights in respect of the processing

The GDPR provides data subjects with the following data subject rights:

The right to be informed – this privacy notice assists with fulfilling these obligations.

The right of access.

The right to rectification.

The right to erasure.

The right to restrict processing.

The right to data portability.

The right to object.

Please note that these rights apply in certain circumstances, for example according to the lawful basis utilised by the University. The right of access to personal information held about you exists in order to be aware of, and verify, the lawfulness of the processing. For further information about your data subject rights please see our specific: Data Subject Rights Page.

Contacting us

For further information about the website, this privacy notice or to exercise any of your data subject rights, please write to gmhigher@mmu.ac.uk in the first instance.

Our Data Protection Officer can also be contacted using dataprotection@mmu.ac.uk, by calling 0161 247 3884 or in writing to: Data Protection Officer, Legal Services, All Saints Building, Manchester Metropolitan University, Manchester, M15 6BH.

Right to lodge a complaint with the supervisory authority

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) as the supervisory authority in respect of the processing of your personal data. We would encourage you to expend our internal complaints procedure through our initial contact and the University Data Protection Officer, prior to contacting the ICO. Please contact: casework@ico.org.uk or telephone: 0303 123 1113. For any further contact information please see: https://ico.org.uk/global/contact-us/.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.