The Essex website uses cookies. By continuing to browse the site you are consenting to their use. Please visit our cookie policy to find out which cookies we use and why. View cookie policy.

Working at Essex
Employee Voice survey Starting at Essex Equality, diversity and inclusion Employment policies, procedures and guidance Managing people Pay, rewards and benefits Pensions Taking leave Grading and reviews Professional development and training Recruiting staff Working flexibility Information and data UECS and Wivenhoe House staff Forums and networks
Teaching and learning
Academic standards and quality DBS checks for students Department student support roles Developing student success Exams and assessment Heads of Department Learning technologies Reading lists Staff awards and funding Student feedback Student wellbeing support and signposting Supporting students with disabilities and health conditions Supporting and welcoming new students Timetables
Research
Funding sources Making a funding application Research impact Promoting your research and research visibility Research governance Take part in research Managing an award Planning and assessment Knowledge exchange and commercialisation Research systems Repository and publishing Research management information Celebrating Excellence Awards
Our University
Brand Departments and schools Faculty support Freedom of information Governance Graduation Sustainability and biodiversity University partnerships
Services and facilities
Buildings, grounds and maintenance Crowdfunding Childcare Design, print and copy services Events, meetings and conferences Faith Centre Finance, planning and data insight Food and drink IT services Marketing and communications support Media Centre Parking Post and property services Professional Services teams Sport and recreation Strategic project delivery Student work experience and volunteering Theatre and arts on campus Travel, transport and accommodation Web support
Health, safety and wellbeing
COVID-19 (Coronavirus) Emergencies, security and safety Activities health and safety Equipment safety Health and safety support Fire safety Reporting health and safety incidents or concerns Risk assessment Safeguarding Work and study environments Working with physical agents Working with substances Your health and wellbeing
Online services
Email login Research Information System Research Repository Room booking form Unit4 Business World Phonebook Change your password
People and Culture
HR Organiser People Manager Develop at Essex Homepage Job vacancies
Academic
Moodle Libraries Academic departments FASER LEAP MyTutor Programme specifications Reading lists (Talis Aspire)
Info and help
Find your way campus map IT services Tableau Planning information portal Key dates Staff blog Report harassment Report a concern about student
Staff Directory Home Working with information and data Data Protection and GDPR How to write a privacy notice

How to write a privacy notice

Privacy notices (sometimes known as privacy policies, or data collection policies) are a way of explaining to people how we use their personal data. Once you have your draft it should be submitted to the Information Assurance Manager to be approved. 

How to write it

Your privacy notice should:

  • be clear, easy to understand, and use everyday language
  • relate clearly to a specific set of activities, a specific service, or a specific group of people
  • give specific examples - if you share with third parties, for example, list or describe them
  • avoid meaningless references to legislation such as "your information will only be shared in accordance with data protection law"
  • avoid vague unspecified scenarios such as "we may share your information with other people" - explain who the other people might be, and what circumstance would trigger the sharing
  • be truthful - don't say that information will never be shared if you have a need to share it

What to include 

There are several things your notice needs to include:

  • who we are - that's particularly important if the people you are working with a software system or a website where it might not be immediately clear that you are part of the University of Essex.
  • an explanation of what you are using the information for
  • your legal basis for using the data - you'll need to seek advice on this from the Information Assurance Manager
  • who you share the information with. This is especially important if you are sharing outside your team or outside the University. Don't forget to include the provider of your software system or website, if that's an external organisation.
  • whether the data will be stored outside the UK.
  • how long you will be keeping the information for. The retention schedules may help guide you.
  • whether you will using the information to make any automated decisions.
  • the list of rights that individuals have. These are the right to object to their information being used, the right to data portability, the right to access their own data, and the right to have their data removed.
  • the dpo@essex.ac.uk email address, which is the contact for the University's Data Protection Officer

There may be other things you need to include, depending on where your information comes from. The Information Assurance Manager can advise on this.

Examples of privacy policies

You might find it helpful to look at the main University privacy notices for staff and students as examples.  There is also a checklist provided by the Office of the Information Commissioner.

Also see

Arrow symbol
Contact us
Information Assurance Manager
Telephone: 01206 872285

  • University of Essex
  • Wivenhoe Park
  • Colchester CO4 3SQ

 

CONNECT WITH US
© 2024 University of Essex. All rights reserved