SOAS Connect Privacy Policy

Introduction

The University understands the importance of our members' privacy. We will act responsibly in the handling of your personal data and take steps to ensure its security. The purpose of this policy is to ensure our members are always aware of the type of information we collect, how we use it, and under what circumstances, if any, we would disclose it.

The Service is offered by the University via their Service Provider Aluminati Network Group Ltd ("Aluminati"). Both the University and Aluminati undertake to handle your private information responsibly and in accordance with their respective duties, as set out below, under UK Data Protection Legislation (the UK GDPR as defined in section 3(10) of the UK Data Protection Act (2018), and the UK Data Protection Act, and any successor regulation or legislation)

This Policy should be read together with our Terms and Conditions and inherits any definitions defined therein.

Legal Framework

All personal data is handled in accordance with the UK Data Protection Legislation.

The University is the Data Controller for all personal data held in connection with your use of the Service, apart from information relating to account administration and email data.

Aluminati is the Data Controller for personal data held for the purposes of account administration and storage and management of your email data stored on the servers; and acts as a Data Processor for the University in relation to other personal data held by it in the course of running and modifying the Service.

The University is registered with the Information Commissioner’s Office under membership number Z6740574.

Aluminati is registered with the Information Commissioner’s Office under membership number Z8393842.

The University's Data Protection Policy may be viewed online: https://www.soas.ac.uk/infocomp/dpa/policy/.

Collected Information

The information we collect is that provided by you directly via our registration form and profile interface. We also collect non-personal information for statistical analysis on the use of our websites. We also have your registered email address on record.

If you register with the Service as an alumnus of the university, we will collect data from you via our registration form and profile interface.

If you join the Service as a current SOAS student, your student ID and university email address will be matched to validate your identity.

The Service stores information that you generate during normal use of the Service. This includes, but is not limited to, emails that you send and receive, address book data and general preferences.

Any correspondence between you and Aluminati is archived for future reference.

Data may be transferred between the University and Aluminati for the purposes of properly administrating your account and verification.

Purpose and Use of Personal Data

Personal Data collected and generated by the University and Aluminati is used for

(i) the normal operation and maintenance of the Service
(ii) billing and security verification of individuals
(iii) Contact details are used for announcements and to inform members of important information regarding the use of the Service.

Any directory system will operate on a strictly opt-in basis and will be accessible only to other users of the Service.

The information that you give will be used to verify your University membership, and in order to update your alumni record.

The University may contact you about alumni news and services (including those provided by affinity partners) and will have access to certain identifying data including name, date of birth, university number and email address.

Use of Cookies - these are small files that reside on your system and are read by our website and webmail interface so as to enhance your experience. No personal information is stored and you may delete these cookies at any time.

Disclosure

Neither the University nor Aluminati will disclose your personal data to any third party other than:

- with your consent; and/or
- in accordance with the Terms and Conditions; and/or
- for the purpose of properly administering your account; and/or
- in order to process and verify an online payment; and/or
- if required to do so by the police or other regulatory authority; and/or
- in the good faith belief that any disclosure is reasonably necessary to:-
- enforce the Terms and Conditions; and/or
- respond to any complaint concerning or connected with your use of the Service; and/or
- to protect the rights, property or personal safety of the University, the registered users of the Service and the public.

Your email address will not be given to any third party for the purposes of advertising or promotions, without your consent.

Neither the University nor Aluminati will transfer your data outside of the United Kingdom unless:

- The transfer of your data is to a country recognised as adequate by the UK government
- The transfer is carried out under one of the safeguards under Article 46 of the UK GDPR
- The transfer is carried out with your explicit consent, or in accordance with one of the other exceptions under Article 49 of the UK GDPR

Storage

Your information is stored in a password protected database which is never accessible by the public nor any non-authorised employee of the University or Aluminati. Authentication information, such as passwords, is encrypted.

Accuracy and Access

Aluminati will always try to maintain up-to-date and accurate records and we welcome you to help us in this effort by updating your own information whenever it changes.

Methods of access and modification:

Aluminati:

- email Aluminati for a copy of your stored details and/or inform us of any changes that need to be made.
- write in to request a paper print out (include a stamped addressed envelope).
- access and update your profile via an online profile interface.

Aluminati will require that you suitably identify yourself before accessing your information.

No fee is payable for the exercise of these rights unless the request is clearly unfounded, repetitive or excessive in which case we may also legally refuse your request.

Aluminati will refuse access for the following reasons:

- the request does not relate to the information belonging to the person making the request.
- insufficient identification is produced.
- denial of access is required by law.
- providing access would pose a serious threat to the life or health of an individual or individuals.
- the information provided for modification is reasonably believed to be false.
- providing access would interfere with any legal proceedings or negotiations relating to the individual.

The University:

You may request access to a copy of your personal data under the UK Data Protection Legislation by following the guidance here: https://www.soas.ac.uk/infocomp/dpa/access/. You can exercise your other rights under UK Data Protection Legislation by emailing dataprotection@soas.ac.uk.

Complaints Procedure

If, for any reason, you wish to complain or comment about our privacy practices or policies we encourage you to contact us using the details provided below so that we may resolve the situation.

Disclaimer

The University's web site links to and is linked from other web sites on the internet. Neither the University nor Aluminati accepts any responsibility for other web sites or activities undertaken through them and you are advised to read the privacy policies on those sites.

In the event that you are directed to a secure server while using the Service, for example in the case of making an online payment, it is your responsibility to check that the web site is authentic by verifying the URL as correct. You should also check to ensure the web site is secured by looking for the 'padlock' symbol or an URL beginning with "https://". In the event of any uncertainty please contact Aluminati before proceeding.

Neither the University nor Aluminati accept any responsibility for any breach of privacy resulting from a member's compromised computer system or security information where the breach did not occur as a result of an action of inaction by the University or Aluminati. This includes, but is not limited to, the case of a password being stolen and used to access the member's profile or email account for purposes including sabotage and data theft.

Notification of Changes

Any changes to this privacy policy will be announced in the News section of the relevant websites where a link to the updated policy will be posted.

Your Comments

Privacy is a very important issue and it is vital that we provide a policy that is reasonable, fair and responsible. If you have any comments regarding this policy then please do not hesitate to contact us using the details below.

Contact
Data Protection Officer

SOAS University of London
Thornhaugh Street
Russell Square
London
WC1H 0XG

Email: dataprotection@soas.ac.uk

Service Provider Contact

Privacy Enquiries
Aluminati Network Group Ltd.
Hyperion House (First Floor), The Oaks
Fordham Road
Newmarket
Suffolk, CB8 7XN
England

Email: privacy@aluminati.net
Fax: +44 (0)1638 668 890

Service Provider

This service is operated under contract by Aluminati Network Group Ltd. (Aluminati) acting under instruction as our Data Processor under the Data Protection Acts 1998 and 2018. Aluminati will process personal data strictly for the purposes of operating this service.

Aluminati is registered with the Information Commissioner under membership number Z8393842.