Skip to content

Privacy Notice

As part of processing enquiries, offering you access to our services and improving your customer experience, the University of Brighton Sport Brighton service collects and processes personal data provided by you directly to us or via the central university database. The University is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

 

Data Controller

The Data Controller is University of Brighton, Mithras House, Lewes Road. If you would like information about how the University uses your personal data please contact This email address is being protected from spambots. You need JavaScript enabled to view it., 01273 642010

 

Data Protection Officer

The Data Protection Officer is responsible for advising the University on compliance with Data Protection legislation and monitoring its performance against it. If you have any concerns regarding the way in which the University is processing your personal data, please contact the Data Protection Officer: Head of Data Compliance and Records Management, 01273 642010, This email address is being protected from spambots. You need JavaScript enabled to view it.

 

What information does Sport Brighton collect?

We collect a range of information about you. This includes:

    • your name and contact details, including email address and telephone number; DOB, Unicard Number and membership category, history. Direct debit account information.
    • whether or not you have a disability or medical information highlighted from members ParQ for which the organisation needs to make reasonable adjustments;
  • Sport Brighton has access to the UoB staff and student database which gives us access to student and staff information such as student number, student course and halls of residence (if applicable) if you are studying at the University. For staff we receive your department.

 

Why do we collect your data?
FORMS ON OUR WEBSITE:

We take your details to understand your enquiry and/or feedback you are reporting relating to your usage of our services and website so that we may fix any faults or improve your experience of using our services. In addition, your details may be used to contact you for further information about your feedback or to respond to you. None of these details are processed without your consent and is taken at the time the feedback or enquiry is made.

 

APPLICANT FOR EMPLOYMENT OR VOLUNTEER ROLES:

The University needs to process data to take steps at your request prior to entering into a contract with you. It also needs to process your data to enter into a contract with you. In some cases, the University needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a successful applicant's eligibility to work in the UK before employment starts.

The University has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows the University to manage the recruitment process, assess and confirm a candidate's suitability for employment and decide to whom to offer a position. The University may also need to process data from job applicants to respond to and defend against legal claims.

Where the University relies on legitimate interests as a reason for processing data, it has considered whether or not those interests are overridden by the rights and freedoms of employees or workers and has concluded that they are not.

The University processes health information if it needs to make reasonable adjustments to the recruitment process for candidates who have a disability. This is to carry out its obligations and exercise specific rights in relation to employment.

 

TO PROCESS SALES FOR OUR SERVICES

The University needs to process data to take steps at your request prior to entering into a contract with you. It also needs to process your data to enter into a contract with you. In some cases, the University needs to process data to ensure that it is complying with its legal obligations and to deliver eligible services. For example eligibility for membership categories and applications for direct debit payment schemes.

The University will not use your data for any purpose other than internal processes these will form aggregated data for the analysis of usage trends and verification of membership/payments.

 

Third-party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

How your data is held

Your personal data is held within our email and management information system and accessed by staff within the Sport Brighton department who manage that system. Access to the system by third parties is only authorised by request when maintenance is carried out by our management information system providers. 

 

Who has access to data?

Your information will only be shared internally for the purposes of the process outlined above. Where we use third parties to process data on our behalf, we take steps to ensure that any third-party partners who handle your information comply with data protection legislation and protect your information just as we do.

 

How does the University protect data?

The University takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.

 

Where is your data held?

Your data is held on the Sport Brighton Management Information system and selected third parties (e.g. Active IQ for those registering for relevant fitness courses).

All data is held within the EEA and will not be transferred outside of the EEA.

 

How long we will keep your data?

We will retain your data only until your feedback has been dealt with and is then deleted.

Or

We will retain your data when relating to memberships for the duration of its validity. We will keep all data for a further 3 years in case of reactivation. 

 

Privacy notices and/or consent

You have the right to be provided with information about how and why we process your personal data. Where you have the choice to determine how your personal data will be used, we will ask you for consent. Where you do not have a choice (for example, where we have a legal obligation to process the personal data), we will provide you with a privacy notice. A privacy notice is a verbal or written statement that explains how we use personal data.

Whenever you give your consent for the processing of your personal data, you receive the right to withdraw that consent at any time. Where withdrawal of consent will have an impact on the services we are able to provide, this will be explained to you, so that you can determine whether it is the right decision for you.

 

Data subject's rights (access, rectification, erasure, restriction of processing, objection to procession, right to data portability)

As a data subject, you have a number of rights. You can:

  • access and obtain a copy of your data on request, see https://www.brighton.ac.uk/foi/requesting-information/index.aspx

  • require the University to change incorrect or incomplete data;

  • require the University to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;

  • object to the processing of your data where the University is relying on its legitimate interests as the legal ground for processing; and

  • ask the University to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the University's legitimate grounds for processing data.

If you would like to exercise any of these rights, please contact the University’s Data Protection Officer,  Head of Data Compliance and Records Management, 01273 642010, This email address is being protected from spambots. You need JavaScript enabled to view it.

 

Whether providing personal data is a statutory or contractual requirement and the consequences for failing to provide the data

There is no statutory or contractual requirement to provide your personal data to us, we are processing it with your consent, in order to manage your feedback or instruction.

The existence of automated decision making, including profiling, information about the logic involved, including the significance and the envisaged consequences of such processing for the data subject

We will not use your personal data for automated decision making / or profiling about you as an individual.

 

The right to complain to the ICO

If you are unsatisfied with the way the University has processed your personal data, or have any questions or concerns about your data please contact This email address is being protected from spambots. You need JavaScript enabled to view it., if we are not able to resolve the issue to your satisfaction, you have the right to apply to the Information Commissioner’s Office (ICO).  They can be contacted at https://ico.org.uk/

January 2026