People and Organisational Development

Conditions of service

Loughborough University Staff Data Privacy Notice

How we manage your data

This section of the HR web pages provides information on how we use and store the personal data of our staff, people who apply for a job and some types of visitor. We are committed to being transparent about how we collect and use the data to meet our Data Protection obligations.

We are responsible for managing the personal data for the following groups:

  • Job applicants
  • Employees on a salaried contract
  • Staff who work on a casual or claims basis
  • Academic Visitors, Honorary Appointments and Emeritus Professors
  • External Consultants who require access to University systems
  • Former colleagues who are members of a University administered pension scheme

Further information and guidance on Data Protection legislation is available from the Information Governance section of the University website. You can also find the Records Retention Schedule here:

1. What personal information do we hold about you?

We will keep a record of the details you provided on your application form (or equivalent), any supporting documents we request as part of the recruitment and selection process, additional details provided by any referees and records following any interview process.

1.1 Applicant Data

If you are successful, the information you give us will be transferred to your confidential staff record. If you are unsuccessful, we will retain the information for one year for reporting purposes. The information will be anonymised before it is included in any management report. You can instruct us to destroy your information at any time during the 12-month retention period by emailing us at

1.2 Staff Data

The range of information that we collect and process about you includes:

  • Your name, address and contact details, including email address and telephone number, date of birth and gender
  • The terms and conditions of your employment
  • Details of your qualifications, skills, experience and employment history, including start and end dates, with previous employers and within the University
  • Information about your salary, pay progression and awards, any entitlement to benefits such as pensions or insurance cover
  • Details of your bank account and national insurance number
  • Information about your marital status, next of kin, dependants and emergency contacts
  • Information about your nationality and entitlement to work in the UK
  • Details of periods of leave taken by you, including holiday*, sickness absence, family leave, special leave and study leave
  • Details of any disciplinary or grievance procedures in which you have been involved, including any warnings issued to you and related correspondence
  • Assessments of your performance, including PDR, performance rating, training you have participated in, performance improvement plans and related correspondence
  • Information about medical or health conditions, including whether you have a health condition for which the University needs to make reasonable adjustments

*Holiday records are maintained within the School or Service.

We will maintain this information during the time you work with us. We will retain the records for a minimum of 6 years after you have left us, for statutory purposes. More detail of the Records Retention Schedule can be found on the Information Governance webpage

1.3 Sensitive personal data

In addition to the information in Section 2.2, we may process some information about you that is sensitive personal data. This includes information concerning your ethnic origin, sexual orientation, religious beliefs and health conditions, to provide care, help or suitable adjustments.

For certain roles, other sensitive information may be processed, such as information about past criminal convictions, working with children or vulnerable adults, and your fitness to practise in certain regulated professions. The access and sharing of your sensitive personal data are controlled very carefully. You will normally be given further details about our use of any such data when we collect it from you.

We only collect sensitive personal data with your consent.

2. Why do we collect your information?

In most cases, your personal information is either necessary for the performance of our contractual obligations with you or necessary for compliance with a legal obligation - for example, to deduct income tax.

It may also be required so we can fulfil tasks required in the public interest - for example annual HESA reporting. For certain positions, it is necessary to carry out criminal record checks to ensure individuals are permitted to undertake the role in question.

We will process your personal information for a range of contractual, statutory or public interest purposes, including the following:

  • Assess your suitability for a role or task including right to work checks
  • Administer payroll, pension and other standard employment functions
  • Ensure effective HR and business administration
  • Deliver facilities, services and benefits to you and where appropriate, to monitor your use of those facilities in accordance with University policies - for example, the acceptable use of IT
  • Operate security (including CCTV), governance, audit and quality assurance arrangements
  • Communicate effectively with you by post, email and phone
  • Support your training, safety and wellbeing requirements
  • Enable us to contact others in the event of an emergency (we will assume that you have checked with the individuals before you supply their contact details to us)
  • Obtain Occupational Health advice to ensure we comply with our duties in relation to individuals with health conditions, meet our obligations under Health and Safety law and ensure you receive the pay or other benefits to which you are entitled
  • Fulfil and monitor our responsibilities under equalities, immigration and public safety legislation
  • Where relevant, to monitor, evaluate and support your research and enterprise activity
  • In order to provide accurate information to potential funders when preparing and submitting funding applications
  • Compile statistics and conduct surveys and research for internal and statutory reporting purposes
  • There may be occasions when, to fulfil your role and support the University strategy, you will be required to share limited personal data with external professional organisations. You may choose to manage your subscription personally but if the School or Service is involved in submitting personal data on your behalf, you will be informed and able to review and amend the submission data accordingly.
  • For monitoring and institutional reporting, for example for Athena SWAN, Race Equality Charter, Equal Pay reports. 

If we require your consent for any specific use of your personal information, we will collect it at the appropriate time and you can withdraw this at any time. We will not use your personal information to carry out any wholly automated decision-making that affects you.

3. Who has access to your data at the University?

People and Organisational Development, including Payroll and Pensions, have access to your personal data and are responsible for maintaining your personal file and your records on the HR system (we currently use iTrent).

Other colleagues, including your line manager and other managers in your School or Service, IT, Finance, Planning, Research will have limited access to your records, as necessary, to perform their duties and business tasks.

4. Who do we share your data with outside the University?

We share your data with third parties to obtain pre-employment references from other employers and obtain necessary criminal records checks from the Disclosure and Barring Service.

Your personal information is shared as permitted or required by law, on a considered and confidential basis, with a range of external organisations, including the following:

  • The external providers of any staff benefit or pension including Universities Superannuation Scheme (USS) and Local Government Pension Scheme (LGPS)
  • Higher Education Statistics Agency (see HESA’s statement about the uses made by them of your personal information published here
  • Prospective and actual research funders or sponsors. This may include providing personal information for a Research Passport.
  • Collaborators involved in the development of funding applications with you
  • University subsidiaries including LUEL
  • Relevant Government Departments including Her Majesty’s Revenue and Customs (HMRC) and UK Visa and Immigration (UKVI)
  • Any relevant simultaneous employers – for example an NHS Trust
  • If you agree, the relevant Trade Union
  • On occasion and where necessary, the police and other law enforcement agencies
  • On occasion and where necessary, auditors

Your data may also be shared, on a considered and confidential basis, with third party contractors of official University business, such as travel, parking or significant events like graduation. 

We will provide references about you to external enquirers where you have requested or indicated that we should do so. An example would be to a bank for a mortgage reference. These are requested via and you can request a copy for your records.

We will include your basic contact details in our internal online directory. Separately, Schools and Services may request you to provide other information for their webpages.

Except for the organisations listed above, we will not normally publish or disclose any personal information about you unless you have requested it, consented to it or it is an emergency.

5. How do we hold your data?

We hold your personal information securely in the HR system iTrent. We also maintain an HR file for other records during your employment. The University Occupational Health Service maintain their own records.

You can also view and update some of your personal data via MyHR, including contact and bank details.

Funding applications and associated information (including costing information) are held within the Costing Pricing and Award Management (CPAM) element of the Agresso system and in electronic format within the Research and Enterprise Offices. 

6. What are my rights?

You have the following rights in Data Protection law. You can:

  • Access and obtain a copy of your information on request. This is called a Data Subject Access Request. Information on how to make a DSAR can be found on the Information Governance webpages
  • Require us to change incorrect or incomplete data
  • Require us to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing
  • Object to the processing of your data where we rely on its legitimate interests as the legal ground for processing; and
  • Ask us to stop processing data for a period if data is inaccurate or there is a dispute about whether your interests override our legitimate grounds for processing data

7. What if you do not provide personal data?

Certain information such as contact details, your right to work in the UK and payment details, must be provided to enable us to enter into a contract of employment with you. If you do not provide other information, this will hinder our ability to administer the rights and obligations arising out of the employment relationship.

You may also have to provide us with personal information to exercise your statutory rights, such as in relation to statutory leave entitlements. Failing to provide the data may mean that you are unable to exercise your statutory rights.

8. Who can I contact?

If you need further help with your personal information, please email and we will ask an appropriate colleague to help you with your enquiry.

If you have any questions about how your personal information is used, or wish to exercise any of your rights, please consult the University’s Information Governance webpages at  

9. How do I complain?

If you are not happy with the way your information is being handled, please email in the first instance or contact your HR support direct. The most appropriate HR colleague will endeavour to resolve your concerns.

If you are still not satisfied, you have the right to lodge a complaint with the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, SK9 5AF (

10. Are changes made to this webpage?

This webpage was last updated in May 2018. It is reviewed when necessary and at least annually, with appropriate communications via the University website and your School or Service.