Dyson Institute Privacy Notice
Enquirers, applicants & offer-holders
At the Dyson Institute of Engineering and Technology, we are committed to ensuring that your personal data is protected, treated respectfully and used fairly and transparently.
This privacy notice explains what personal data we collect and why, how we use it, the control you have over your personal data and the procedures we have in place to protect it.
Who is responsible for your personal data?
In this notice, when we refer to the "Dyson Institute”, “Dyson Institute of Engineering and Technology", "we", "our" or "us", we mean Dyson Technical Training Ltd
How to contact us?
If you would like to receive this, or any other, notice in another format or have any questions, comments or concerns, please contact the Dyson Institute at email@example.com or our Global Privacy Team at firstname.lastname@example.org.
You can also contact the regulator or authority in your country that is responsible for handling complaints about the use of personal data.
Personal Data we collect about you
Personal data is defined slightly different across the world. To respect your privacy and ensure appropriate protection of your information, we define it as any information that could be used to identify you or another individual.
If you are making an enquiry about The Dyson Institute, we collect only the minimum personal data needed such as your name, email address, phone number, year of A levels, region and information from the cookies we use on our websites (see Cookie notice for further information). We also give you the option to provide other information such as ethnicity, gender identity, and free school meals status.
For those applying to study at The Dyson Institute, the personal data that we process about you will mainly fall into one of the following categories:
Name, contact details, school/college attended, academic qualifications, residency and nationality, government issued documentation.
Academic assessments and examination results, personal statement, online tests, telephone interviews, assessment day feedback.
Date of birth, gender identity, racial and ethnic origin, sexual orientation, religion or belief, disability (including learning disabilities), parental qualifications and parental military background.
Operational Information (where required)
Video and photographic images taken on Dyson sites or at events (e.g. CCTV footage), bank information (e.g. expenses reimbursement) and vehicle registration.
How and why we use your personal data
Our main reason for collecting your personal data is for the purpose of responding to your queries and processing and assessing your application for study, such as assessing your eligibility for funding. If your application is successful, we may use this information to populate your student record.
Data protection law requires us to have what's called a "legal basis" for processing your personal data, we have concluded that our legal bases are as follows:
- where necessary prior to entering into a contract with you, such as reviewing your application;
- where necessary for complying with legal obligations that we have, such as reporting diversity information;
- where necessary for us to perform a task in the public interest, such as compiling our Access and Participation Statement;
- where necessary for our legitimate interests or the legitimate interests of a third party, such as processing vehicle registration to ensure the safety of Dyson sites;
- where you have provided consent, such as keeping you updated with news and information about what we are doing at The Dyson Institute.
How long do we keep your data?
We only keep your personal data for as long as we need to, to be able to use it for the reasons given in this privacy notice, and for as long as we are required to keep it by law.
The actual period for which we store your personal data will vary depending on the type of personal data and how it is used.
Sharing and transferring your personal data
Sharing within Dyson Group
Most of Dyson’s processes, procedures and systems are shared across the Dyson Group (including our commercial entities under Dyson Holdings Pte. Limited), which means that we may need to share your personal data between us when using it in the ways we have described, for example we share IT systems and support across the group.
Access to your data is limited to those employees who need it to carry out their role. Transfers of personal data between Dyson entities (including those outside of the EEA) are governed by Dyson’s Intercompany Agreement.
Sharing with third parties
During the application stage, we may share information with third party suppliers who assist us with conducting our application process.
If you are successful in your application, we will also share your information with third parties that help us to deliver our contract to you, for example:
- with End Point Assessment Organisations, to enable the award of your apprenticeship qualification;
- other government and higher education bodies that we are required to do so, such as
- third party suppliers and support services such as software providers, to enable us to deliver your programme of study;
- health services, where we have your permission to do so;
- legal services, where we are required to do so; and
- law enforcement bodies, courts and other governmental authorities, where we are required to do so.
Some of these third parties are responsible for their use of your personal data and will use it for the purposes set out in their privacy notice. You should read these notices to understand how they will use your personal data where relevant links are provided above.
Data transfers and storage
We will generally aim to host and store your personal data in the UK or EEA but where that is not possible. We will make sure that any transfers of your personal data from one country to another comply with those data protection and privacy laws which apply to us.
European data protection laws, in particular, include specific rules on transferring personal data outside the EEA. When transferring personal data outside the EEA, we will:
- include appropriate mechanisms to ensure the continued safety and privacy requirements expected are met; or
- ensure that the country in which your personal data will be handled has adequate levels of protection in place.
In any case, our transfer, storage and handling of your personal data will continue to be governed by this privacy notice.
Your controls and choices
Where possible, we give you control over the personal data we collect about you, to ensure it is accurate and reflects your preferences.
For example, if you have previously said that you would like us to contact you ("opted-in") but would like to change or update the way that we do so, you can update your preferences by:
- Using the unsubscribe option included in all our e-mail correspondence;
- Texting ‘STOP’ when you receive SMS from us; or
- Emailing us at email@example.com.
You have the right to ask us to:
- Provide a copy of the personal data that we hold about you;
- Update and amend personal data that we hold about you;
- Stop using your personal data for certain purposes;
- Limit or restrict our use of your personal data;
- Remove or delete personal data about you; or
- Provide your personal data to a third party provider of services.
Please note that these rights do not always apply and there are certain exceptions to them. We will also need to confirm your identity before acting on certain requests.
If you, or a party authorised to act on your behalf, would like to exercise any of your rights in relation to your personal data, please email us at firstname.lastname@example.org or the Global Privacy Team at email@example.com.
We will send you a link to our privacy portal, using the contact details that you provide, where you will be invited to provide additional information about your request and be given further details about how we will process your request. You will not be discriminated against for exercising any of the rights that apply to you.
How we protect your data
We are committed to protecting your personal data. We use appropriate technical and organisational measures, to protect your personal data and privacy, and review those regularly. We protect your personal data using a combination of physical and IT security controls, including access that restricts and manages the way in which your personal data is processed, managed and handled. We ensure those handling your personal data are adequately trained in protecting your personal data.
In the unlikely event that we suffer a security breach which compromises our protection of your personal data and we need to let you know about it, we will do so.
Changes to this privacy notice
We will regularly review and update this privacy notice. This privacy notice was last reviewed and updated in September 2020.
If we change our privacy notice in a way that significantly changes how we process the personal data that we hold about you, we will also ask you to confirm that you are happy with those changes through the most appropriate method (e.g. in email or a notification on our website).
Translations of this privacy notice
If there are any conflicts or inconsistencies between the translated versions of this privacy notice, the English version will prevail.