Data Protection Statement.

The following is a broad description of the way Coleg Sir Gâr processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices (below) the organisation has provided or contact the organisation to ask about your personal circumstances.

We process personal information to enable us to provide education and support services to our students and staff; advertising and promoting the College and the services we offer; publication of the College magazine and alumni relations, undertaking research and fundraising; managing our accounts and records and providing commercial activities to our clients. We also process personal information for the use of CCTV systems to monitor and collect visual images for the purposes of security and the prevention and detection of crime.

We process information relevant to the above reasons/purposes. This may include:

• personal details
• family details
• lifestyle and social circumstances
• education details and student records
• education and employment details
• financial details
• disciplinary and attendance records
• vetting checks
• goods or services provided
• visual images, personal appearance and behaviour
• information held in order to publish College publications

We also process sensitive classes of information that may include:

• racial or ethnic origin
• trade union membership
• religious or other similar beliefs
• physical or mental health details
• sexual life
• offences and alleged offences
• criminal proceedings, outcomes and sentences

We process personal information about:

• students
• employees, contracted personnel
• suppliers, professional advisers and consultants
• business contacts
• landlords, tenants
• complainants, enquirers
• donors and friends of the College
• authors, publishers and other creators
• persons who may be the subject of enquiry
• third parties participating in course work
• health, welfare and social organisations
• friends of the College
• individuals captured by CCTV images

We sometimes need to share the personal information we process with the individual themself and also with other organisations. Where this is necessary we are required to comply with all aspects of the General Data Protection Regulation (GDPR). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

• family, associates and representatives of the person whose personal data we are processing
• current, past or prospective employers
• healthcare, social and welfare organisations
• educators and examining bodies
• suppliers and service providers
• student union
• financial organisations
• debt collection and tracing agencies
• auditors
• police forces, security organisations
• courts and tribunals
• prison and probation services
• legal representatives
• local and central government
• consultants and professional advisers
• trade union and staff associations
• survey and research organisations
• press and the media
• voluntary and charitable organisations
• landlords

It may sometimes be necessary to transfer personal information overseas. When this is needed information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of the data protection act.

This data controller also processes personal data which is exempt from notification.

To make an application to access the data that Coleg Sir Gâr holds on you, please contact the data protection officer.

dataprotectionofficer@colegsirgar.ac.uk