Last updated: 8th June 2022
ABOUT THIS NOTICE
This privacy notice explains how the Institute of Contemporary Performance (“ICMP”, "we", "our", "us") collects, uses, and shares your personal data, specifically your data regarding the safety of students, staff and the general public and the security of ICMP’s facilities. This privacy notice concerns our processing of personal data of people who interact with ICMP ("you", "your").
ICMP is the data controller of your personal data and is subject to the UK’s General Data Protection Regulation 2021 (UK GDPR 2021).
HOW WE COLLECT YOUR INFORMATION
We collect and temporarily store your personal data in the form of access records, including entry and exit records, room bookings and requests.
THE TYPES OF INFORMATION WE COLLECT
We will collect the following types of personal data about you:
- Your name
- Your student ID
- Your email
We will ensure that all personal data you supply is held in accordance with the UK GDPR. We do not sell or otherwise transfer this personal data to any third parties unless this is permitted by law.
HOW WE USE YOUR INFORMATION
The purposes for which we may use personal data is:
- To assist in providing a safe and secure environment for the benefit of persons using ICMP.
- To assist in Health and Safety requirements and statutory obligations.
- To provide assistance to Emergency services.
- To assist in the identification and confirmation of breaches of ICMPs code of conduct, contracts and regulations.
- To detect, prevent and reduce the risk of incidents of crime at ICMP.
- To monitor levels of student engagement
Disclosure of access records to third parties will only take place according to the Data Protection Act 2018 and the General Data Protection Regulation 2016/679. It may also take place in accordance with other UK legislation including the Regulation of Investigatory Powers Act 2000 and the Human Rights Act 1998.
This type of processing will only be carried out with the permission of the Head of Facilities.
Third party access requests can be received from the following (this is not an exhaustive list):
- UK Police forces (including Ministry of Defence and Military Police)
- Statutory authorities with powers to prosecute, (HMRC, Councils, Trading Standards, Environmental Health etc.)
- Solicitors or their legal representatives in either criminal or civil proceedings
- Individuals representing themselves in judicial proceedings
- Other agencies according to their purpose or legal status (i.e. Insurance companies)
Access records may be disclosed to the Police if failure to disclose would compromise a criminal enquiry, the apprehension or prosecution of offenders.
If there is any doubt with any application the request will be forwarded to the Head of Facilities.
THE LEGAL BASIS FOR PROCESSING YOUR DATA
This personal data is collected and processed by ICMP under its legitimate interest and as necessary for the performance of a contract under which ICMP provides services to applicants.
HOW WE STORE AND PROTECT YOUR INFORMATION
Your personal information is protected by us in a number of ways.
It is stored on computer systems that have been tested to make sure they are secure, and which are kept up-to-date to protect them from viruses and hacking. Where we share your personal information with other organisations, we only ever do so via secure computer systems or encrypted email.
We store your personal information in the UK only
Your information used by us can only be seen by staff who have been specifically trained to protect your privacy.
HOW LONG YOUR INFORMATION IS KEPT
Entry records will be held for 30 days after the initial collection date.
Under the UK GDPR you have the following rights:
- to obtain access to, and copies of, the personal data that we hold about you;
- to require that we cease processing your personal data if the processing is causing you damage or distress;
- to require us not to send you marketing communications.
- to require us to correct the personal data we hold about you if it is incorrect;
- to require us to erase your personal data;
- to require us to restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);
- to receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller;
- to object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights.
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
If you have any queries about this privacy notice, how we process your personal data or to request access to the personal data that we hold about you, you can contact our Data Protection Officer by email: email@example.com; by telephone: +44 020 8328 0222 or by post: Data Protection Officer, ICMP, 1B Dyne Road, Kilburn, London NW6 7XG.
If you are not satisfied with how we are processing your personal data, you can make a complaint to the Information Commissioner.
You can find out more about your rights under data protection legislation from the Information Commissioner's Office website available at: www.ico.org.uk.
If you would like more details about how we use and store your personal data, you can view our Data Protection policies on our Policies Page.