Direct Marketing Privacy Notice
1) Information about you: what we collect and how we use it
Canterbury Christ Church University uses your personal data to provide you with a better customer experience. We want to ensure the information we send to you reflects your personal preferences.
If you expressed an interest in University products or services, you could receive an email, text or phone call from us for similar products or services. You could also receive marketing material from us via post or through personalised social media advertising.
For marketing purposes, we collect and process the following contact information about you: your name, address, company (where relevant), telephone numbers and email address. We also process your marketing preferences.
2) The legal basis for the processing of the data
The Privacy and Electronic Communications Regulations (PECR) sit alongside data protection legislation. They govern how we can send direct marketing communication to you. They give you specific privacy rights in relation to electronic communications. These include marketing calls, emails, texts and faxes.
a) Our Legitimate Interest
Where we have a existing relationships with customers who have purchased goods or services from us and we have offered them the opportunity to opt out it may not be necessary to obtain fresh consent.
This is an exception for existing customers to the consent rule, known as the ‘soft opt-in’. This is based on the legitimate interest of the University to maintain a relationship with individuals who expressed a clear interest in one of our products or services.
If you are an existing customer, we may send information about our products and services similar to those for which you expressed an interest.
If you are a student, or you have applied to be a student, information such as accommodation and post-offer open day invitations could help you to decide on student matters. We consider to be in our legitimate interests for you to receive them.
If you are a member of staff and you have expressed an interest in one of our services, we consider it is in our legitimate interests to let you know more about services, partners, promotions and events the University may offer.
If you are an external customer, we would consider it is in our legitimate interest to let you know about our latest offers, products or services that could be relevant to you.
We will only use the contact information we have obtained over the course of our customer relationship with you.
If we have had no previous contact with you, or the contact was brief and not sufficient to claim legitimate interest, we will ask your consent to send you information via electronic media. We will also ask your affirmative consent to send you direct marketing communications via social media.
3) How can you stop any marketing activities you are receiving?
You can withdraw consent at any time. You can also ask us to stop sending you any marketing material.
You can easily withdraw consent or opt-out from any email marketing messages. You can do this by clicking the 'unsubscribe' link at the bottom of each marketing email.
If you wish to withdraw consent from receiving certain types of Direct Marketing Communications, you can ‘manage your preferences’ via a link at the bottom of each marketing email.
You can also contact our Data Protection Officer. Contact details are at the bottom of this Privacy Notice.
4) Recipients of your Personal Data
The University uses Third-party service providers to process your personal data on our behalf.
This processing is only for marketing purposes, including sending out marketing material.
Third party service providers are bound by confidentiality clauses and Data Processors agreements.
Third-party service providers are not allowed to use your personal data for any other purposes than those instructed by the University.
5) Transfer outside the EEA
Some of the Third-Party service providers the University uses for Direct Marketing Purposes could be located in the U.S. and act under the EU-US Privacy Shield Agreement.
The EU-US Privacy Shield is a binding legal instrument under European law which can be used as a legal basis for transferring personal data to the US since it provides appropriate or suitable safeguards.
Also further material published by the ICO.
When Third-Party Providers used by the University are located outside of the EEA and not covered by the EU-US Privacy Shield we will ensure that a comparable level of data protection safeguards are in place.
6) Retention Period
If you decide to opt-out of or withdraw your consent to our marketing, we will no longer use your personal data for this purpose.
If your personal data is not needed for any other purpose, we will delete the data without undue delay.
7) The Data Controller and further information
The University is the data controller for this data. Our details are as follows:
Canterbury Christ Church University
St George’s Place
For further information about how the University processes personal data and your rights related to it, please see our Privacy Notice. Read the University's Data Protection Policy.
If you have a complaint about the way we handle your data, you can complain to the Data Protection Officer.
The University Data Protection Officer is:
Assistant University Secretary
Telephone: 01227 767700