This privacy notice explains:
- who we are
- how and why we collect and use personal information about you
- what personal data is collected and held about you when you use the SafeZone app
- our purposes and lawful bases for processing
- who we share your personal data with
- relevant retention periods
- how you can exercise your privacy rights.
This notice provides information in addition to the University’s Student Privacy Notice and Staff Privacy Notice. Please read these notices and if you have any questions contact us using the details provided.
Who we are
Throughout this notice, “University”, “we”, “our” and “us” refer to the Manchester Metropolitan University, an exempt charity under Schedule 2 to the Charities Act 1993 (amended by the Charities Act 2011). The University is the Data Controller in respect of the personal data you provide as part of your use of the SafeZone app.
The University is registered as a data controller with the Information Commissioner’s Office (ICO). We manage personal data in accordance with the General Data Protection Regulation (GDPR) and the University’s Data Protection Policy.
The personal data we process
We collect and process certain data about you when you download and register with the app. This includes your:
- name
- telephone number
- Manchester Met email address
- location (when using the app)
You also have the choice to provide further data such as a photograph, disability information, or details about any allergies or illnesses.
When you enrol with the University as a student, we may share your student email addresses with SafeZone so that you can be pre-registered. An email will be sent to you inviting you to download the application. If you choose not to download the app, your information will be deleted by SafeZone.
The University may also choose to use SafeZone as an emergency and general messaging service. In this case, staff and student email addresses and telephone numbers will be contacted via SafeZone.
What is the purpose and lawful basis of the processing?
Essential data is required to allow you to use the service, as part of the contract in place with SafeZone. This includes your Manchester Met email address, telephone number and name. Your information will enable us to:
- identify and contact you if you raise an emergency alert on the SafeZone app.
- locate you if you raise an emergency alert on the SafeZone app and require in-person support. Location data is limited to the Manchester Met campus and campuses of the universities included in the SafeZone Alliance.
The following data is processed in your and our legitimate interests:
- Additional data you choose to provide, such as your photo.
- Pre-registration using your student University email address.
- University-wide messaging service to all students and staff.
The following data is processed in the substantial public interest:
- Disability, allergy or illness information you choose to provide.
If you contact us, we may also keep a record of that correspondence.
The recipients of the personal data
We disclose personal data about you to the following third parties:
- Critical Arc (SafeZone), which provides storage and support for the data you provide in the application (University Centre Maidstone (UCM), MidKent College Maidstone Campus, Tonbridge Road, Maidstone, Kent, ME16 8AQ, United Kingdom).
- Security teams at universities that are included in the SafeZone Alliance, if you raise an emergency alert via the app while on their campus.
Data retention
Your personal data will only be retained for as long as it is necessary by the University’s Retention and Disposal Schedule. Specifically, we will retain your personal data for the duration of time you are a student or member of staff at the University and are using the app. Data is purged annually in August, so your data will be retained from the time you leave the University to the next August.
You can request that your account be deleted and your data purged at any time by requesting account deletion in the app settings.
Your rights with respect to the processing
The GDPR provides data subjects with the following data subject rights:
- The right to be informed – this privacy notice assists with fulfilling these obligations.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
Please note, that these rights apply in certain circumstances, for example, according to the lawful basis utilised by the University. The right of access to personal information held about you exists to be aware of, and verify, the lawfulness of the processing. To exercise these rights please email [email protected].
How to contact us
For questions or concerns about this Privacy Notice or how we store and use your personal information, please contact [email protected] in the first instance.
Our Data Protection Officer can also be contacted by emailing [email protected], by calling 0161 247 3331 or by writing to:
Data Protection Officer, Legal Services
All Saints Building
Manchester Metropolitan University
Manchester
M15 6BH
Right to complain to the supervisory authority
You have the right to complain to the Information Commissioner’s Office (ICO) as the supervisory authority in respect of the processing of your personal data. We would encourage you to use our internal complaints procedure through our initial contact and the University Data Protection Officer, prior to contacting the ICO. If you wish to contact the ICO, the following contact information can be used: [email protected] or telephone: 0303 123 1113. For any further contact information please see the ICO website.
Updates to this privacy notice
We may update this privacy notice from time to time in response to changing legal, technical or business developments. When we update our privacy notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material privacy notice changes if and where this is required by applicable data protection laws.
This privacy notice was last updated on 19 March 2024.