This site uses cookies. By continuing to browse the site you are consenting to their use. Please visit our cookie policy to find out which cookies we use and why. View cookie policy.

Working at Essex
Starting at Essex Diversity and inclusion Employment policies and procedures Flexible working Forums and networks Grading and reviews Managing people Pay and rewards Pensions Professional development and training Recruiting staff Taking leave UECS and Wivenhoe House staff Working with information and data Your information and your rights Quick guides to working at Essex
Teaching and learning
COVID-19 and teaching Academic standards and quality DBS checks for students Department student support roles Developing student success Exams and assessment Heads of Department Learning technologies Reading lists Staff awards and funding Student feedback Student wellbeing support and signposting Summer schools Supporting students with disabilities and health conditions Supporting and welcoming new students Timetables
Research
Research funding sources Making a funding application Research impact Research governance Take part in research Managing an award Planning and assessment Knowledge exchange and commercialisation Research systems Repository and publishing Research management information Celebrating Excellence Awards
Our University
Brand Departments and schools Faculty support Freedom of information Governance Graduation Staff survey Sustainability and biodiversity University partnerships Strike action
Services and facilities
Buildings, grounds and maintenance Childcare Design, print and copy services Events, meetings and conferences Faith Centre Finance, planning and data insight Food and drink IT services Marketing and communications support Media Centre Parking Post and property services Professional Services teams Sport and recreation Student work experience and volunteering Theatre and arts on campus Travel and transport Web support
Health, safety and wellbeing
COVID-19 (Coronavirus) Emergencies, security and safety Activities health and safety Equipment safety Health and safety support Fire safety Reporting health and safety incidents or concerns Risk assessment Safeguarding Work and study environments Working with physical agents Working with substances Your health and wellbeing
Online services
Email login Research Information System Research Repository Room booking form Unit4 Business World Phonebook Change your password
People and Culture
HR Organiser People Manager Develop at Essex Job vacancies
Academic
Moodle Libraries Academic departments FASER LEAP MyTutor Programme specifications Reading lists (Talis Aspire)
Info and help
Find your way campus map IT services Tableau Planning information portal Key dates Staff blog Report harassment Report a concern about student
Staff Directory Home Working with information and data Data Protection and GDPR Data protection and third-party suppliers

Data protection and third-party suppliers

There are many situations where the University might engage a third party to carry out activities on their behalf, perhaps some specialist expertise or a software platform. 

Where they will be collecting or storing the personal data of our staff, students, or customers on our behalf they are acting as ‘data processors.’ The University is the ‘data controller’ and determining how the data is used; the supplier or ‘data processor’ is carrying out our instructions. If the data processor is using its own processors, such as a hosting provider, these are called ‘subprocessors.’

In data protection law both ‘controllers’ and ‘processors’ have obligations under data protection law. If a processor suffers a data breach, the University could be liable for substantial monetary penalties.

The University as ‘controller’ needs to ensure there is a formal contract in place for the supplier covering a range of standard provisions.

  • process data only on instructions from the University
  • their staff accessing the data are under an obligation of confidentiality
  • has security measures in place
  • assists with any data protection impact assessments for the University in relation to the system
  • only appoints their own third parties (“subprocessors”) on the University’s authorisation, who will process data at the same level of protection as they will   
  • can demonstrate their compliance to the controller

You can assess this in the contract checker document (.docx).

Arrow symbol
Contact us
Information Assurance Manager
Telephone: 01206 874853

  • University of Essex
  • Wivenhoe Park
  • Colchester CO4 3SQ

 

872400
CONNECT WITH US
© 2022 University of Essex. All rights reserved