StJohnsLogo St John's College, Nottingham - Home Page

Login here
St John's College, Nottingham - Discipleship, Mission and Leadership in a World of Change

GDPR 2018

Privacy Notice - St John’s College Nottingham Ltd

The College fulfils its obligations under GDPR, as outlined in the College Data Protection Policy which all staff, students and others connected to the College are expected to implement.

The purposes of the College are to provide Christian education, to teach students and assess student work, and to advertise events and other activities that support Christian education. Staff, students and others will have a contractual arrangement with the College so that the purposes can be fulfilled.

The College processes personal data according to the law and in accordance with the fulfilment of its purposes and contractual obligations. Data is shared with third parties (such as universities and churches) when necessary and expects third parties to fully comply with GDPR.

The College collects personal data from staff, students and others through interactions online, face to face, by post, over the phone, via SMS or any other means. Some of this information is personal data which can be used to identify individuals. Examples of personal data include name, address, date of birth, telephone number, email address, academic assessments and bank details. For access to some content, such as the virtual learning environment (Moodle), staff, students and others may be asked to register using a name and password. The College may give staff, students and others the option of receiving news about the College’s activities.

The College will only collect data which is relevant to the purpose for which consent has been given, or necessary for a contractual relationship, or in fulfilment of a legitimate interest.

However, the College may amalgamate data available within the public domain, such as websites and other public sources. Examples of such data may include age, salutation, church relationship contact details, and personal interests. The College may use mailing lists collated from public sources but will provide unsubscribe options in emails sent to people on these lists and via the main College website.

Data will be stored in secure electronic databases, company servers, in the Sage accounting system, the Moodle VLE and Turnitin system, and the Heritage library records system. Paper records may also be kept and will be stored in locked cabinets and drawers or within rooms that are locked when staff are not present.

The College will ensure that the data is collected from verifiable sources and a record is kept of the consent and verification where necessary. In most cases data will only be held for the period of time that is necessary for the fulfilment of the College purposes and contracts. Examples include, the details of student records are only kept for four years after withdrawal or completion of a course of study, and staff records are retained for seven years after resignation or retirement. Further details may be available from a validating university depending the data policies that apply in each case. However, the College does publish an annual list of students who have completed courses through the College.

Data will be kept for longer periods in certain circumstances in order to fulfil our purposes and contracts, to comply with the law and to safeguard the rights and freedoms of individuals. Examples include, information about safeguarding, tax payments, and debt. Some data may be archived in the public interest for the purposes of scientific or historical or statistical research if it is within the purposes of the College. Details of how to access the archive can be obtained from the College.

Staff, students and others have the right to access what data the College holds about them, to ensure this is correct and in most cases, where possible, to have this data erased. Such applications should be submitted in writing with a verification of identity to the College Data Compliance Officer. We will attempt to fulfil such requests in a reasonable time and within 30 days. Repeated or excessive applications will incur a fee.

Staff, students and others have the right to lodge a complaint about the College with regard to personal data with the Information Commissioner’s Office


A copy of St John’s Data Protection Policy is available upon request. To receive further information regarding our policy and procedures please contact the College on 0115 925 1114 and ask to speak to the Data Compliance Officer.