KPA Privacy Policy

1. Introduction

The Keele Postgraduate Association ("KPA", "We", "Us") is committed to protecting your privacy. This privacy policy explains how we collect, use, and safeguard your personal information when you become a member, use our services, or interact with our website. This policy has been written to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

 

2. Who We Are

The Keele Postgraduate Association is the students' union and representative body for postgraduate students at Keele University. We are a registered charity in England and Wales. For the purposes of data protection law, the KPA is the 'data controller' of the personal data we process.

 

3. What Personal Data We Collect

We collect information about you in the course of our operations. This may include:

• Membership Data: Your name, student ID number, course details, and university email address. This data is typically provided to us by Keele University to confirm your membership eligibility.

• Contact Information: Personal email address and phone number, if you provide them to us.

• Democratic Participation Data: Records of your voting in KPA elections, your candidacy for elected positions, or your attendance at General Meetings.

• Event & Purchase Data: Information required to process event ticket purchases or other transactions.

• Website Usage Data & Cookies: Our website may use cookies (small text files placed on your device) to function and to improve user experience. You can control or disable cookies through your browser settings.

• Other Information: Any other information you voluntarily provide through forms or communications.

 

4. How We Use Your Personal Data

We use your data to operate the students' union effectively and provide you with services. This includes:

• Administering your membership and verifying your eligibility for services.

• Sending you updates, news, and information about events.

• Running democratic processes, such as elections.

• Responding to your enquiries.

• Improving our services and communication.

 

5. Our Lawful Basis for Processing

We only process your personal data where we have a lawful basis to do so under UK GDPR. The main bases we rely on are:

• Legitimate Interests: For the core activities of running a students' union as required by the Education Act 1994. This includes administering membership, democracy, and core communications.

• Consent: For sending optional marketing communications. Where we rely on consent, you have the right to withdraw it at any time.

• Legal Obligation: To comply with our legal duties as a registered charity.

 

6. Data Sharing

We do not sell, trade, or rent your personal information. We may share data only when required by law or with trusted service providers (e.g., for website services) who support our operations under strict confidentiality agreements.

 

7. Data Security and Retention

Your information is stored securely. We take appropriate technical and organisational measures to protect your data from loss, misuse, or unauthorised access. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including any legal or reporting requirements.

 

8. Your Data Protection Rights & Contact Information

Your Rights Under UK GDPR, you have several rights regarding your personal data:

• Right of Access: You can request a copy of the personal data we hold about you.

• Right to Rectification: You can ask us to correct or complete your data.

• Right to Erasure: You can ask us to delete your data in certain circumstances.

• Right to Restrict Processing: You can request that we limit how we use your data.

• Right to Object: You can object to us processing your data. You can unsubscribe from our emails at any time.

Contact Us & Complaints

If you have any questions about this policy or wish to exercise any of your rights, please contact us:

Email: kpa.chair@keele.ac.uk