Student Privacy Notice

During your time with the School, we collect and process personal data about you. This may include special category personal data (for example information about health or disability where needed to support study and make reasonable adjustments) and, where necessary and lawful, information relating to criminal convictions. We process special category and criminal convictions data only with appropriate safeguards and in accordance with the School’s Data Protection Policy.The data we hold may include:

• Personal Details: Name, contact information (address, email, telephone number), date of birth, country of domicile, nationality, and right to study in the UK. For overseas students, passport and visa details are also collected.
• Educational and Employment History: Schools attended, modules completed, dates of study, and examination results.
• Contact Information: Details for contacting you and your emergency contact.
• Family and Personal Circumstances: Information relevant to assessing bursary eligibility and providing academic and non-academic support, including study skills, wellbeing, and counselling services.
• Academic Engagement: Attendance, participation in studies, assessment feedback, qualifications awarded, and online learning activities.
• Programme Details: Enrolments, selected modules, and timetables.
• Financial Information: For managing fees, loans, grants, and financial support, including bank details for payments (e.g., bursaries).
• Service Usage: Interaction with School services such as the Library and Careers services.
• Digital and Communication Data: Log data from School email and services, including email marketing interactions. Telephone call logs and telephony metadata are maintained for operational, security, and service management purposes. Where these logs relate to identifiable individuals, they constitute personal data and are processed in accordance with the School’s Data Protection Policy, recorded in the School’s governed registers where required, and retained and disposed of in line with the Data Retention Schedule and Policy.
• Visual Data: Photographs and video recordings for identification, study administration, assessments, examinations, and graduation ceremonies.
• Safety and Security: CCTV footage and data related to breaches of School regulations, as well as personal data required under the UK GDPR for crime prevention and safety.
• Health and Disabilities: Information used to provide support, make adjustments for study, assessment, and examinations.
• Equal Opportunities Monitoring: Data on racial or ethnic origin, religious beliefs, health, and gender identity for monitoring and statutory compliance.
• Criminal Convictions: Information may be used to restrict access to services if necessary for safety.

You can view some of your data through the ‘personal’ tab on Student Central.

We collect personal information to support your education and enhance our services and facilities. This data also aids in delivering student services, including disability support and assistance for international students. We collect personal data in the following ways:

• Initial Contact: When you contact us, we create and update your record with information provided during reservations, registrations, and throughout your studies, including participation in learning activities, attendance, assessments, and use of services such as disability and employability support.
• Pre-Admission: From interactions before you join, such as expressing interest, ordering a prospectus, or sharing details at an open day.
• Application Process: Through application forms submitted via UCAS and other admissions procedures.
• Communication: From telephone, email, or website interactions for enquiries or concerns.
• Ongoing Interactions: As you interact with us during your studies for various purposes outlined below.

We may also receive information from third parties, such as:

• HESA and Educational Institutions: To verify your qualifications or check previous HESA returns.
• Funding Providers: Basic information from UK funding authorities or agencies, such as loans or grants, and details from organisations covering your fees.

We process student personal data under one or more of the lawful bases set out in the UK GDPR. The lawful basis relied upon depends on the specific activity and purpose. The School does not rely on consent where another lawful basis is more appropriate.

Typical lawful bases include:

• Contractual necessity: processing necessary to deliver teaching, learning, assessment, awards, student services, and the administration of your student relationship with the School.
• Legal obligation: processing required to comply with statutory or regulatory requirements, including reporting to regulators, funding bodies, visa and immigration compliance, safeguarding duties, health and safety obligations, and financial record-keeping.
• Legitimate interests: processing necessary to operate, improve, secure, and assure the effective running of the School, including service management, quality monitoring, planning, research, security logging, and fraud prevention, provided these interests are not overridden by your rights and freedoms.
• Vital interests: processing necessary to protect life or safety in emergency situations.
• Consent: used only where appropriate, such as certain marketing communications, optional activities, or specific uses of images or recordings, and you may withdraw consent at any time where it is relied upon.
• Special category and criminal convictions data are processed only where an additional lawful condition under data protection law applies and appropriate safeguards are in place.

If you wish to exercise your data protection rights, including making a Data Subject Access Request, please contact the Internal Data Protection Lead at dataprotection@lsi-ac.uk. Requests are logged and managed through the School’s governed DSAR process, including identity verification, retrieval from systems-of-record, and response within statutory timescales.

The School may share personal information with external organisations to fulfil legal obligations, manage operations, or at your request. External organisations may include:

• Higher Education Statistics Agency (HESA): For processing personal data. Details available at: HESA Data Protection Notices and Student Collection Notice. 
• Government Departments: Such as Home Office (including UK Visas and Immigration), Foreign and Commonwealth Office, Department of Health, and Department of Education.
• Executive Agencies and Non-Departmental Public Bodies: Including HM Revenue and Customs and the Health and Safety Executive.
• Office for Students (OfS).
• Universities and Colleges Admissions Service (UCAS).
• Office for Fair Access (OFFA).
• Office of the Independent Adjudicator (OIA).
• Student Experience Surveys: Including Student Experience Survey (SES), National Student Survey (NSS), Postgraduate Taught Experience Survey (PTES), Postgraduate Research Experience Survey (PRES), and Graduate Outcomes survey.
• Anti-Plagiarism Software Providers.
• Student Loans Company (SLC) and Other Loan Providers: Such as US Federal Loans, Canadian Loans, and Channel Islands Government.
• Accrediting Organisations: Such as BCS, for qualification confirmation and programme accreditation.
• Local Authorities: For Council Tax administration and electoral registration.
• Law Enforcement Agencies/Multi-Agency Safeguarding Hub (MASH).
• Insurers: For accidents.
• Internal and External Auditors.
• Sponsors or International Agents: Where a contract exists.
• External Learning or Training Placement Providers.
• Current or Potential Employers: For references and progress/attendance details, with your permission.
• Library Services: Including access to online resources and dyslexia support.
• Graduation Service Providers.
• Student Trip and Exchange Programme Service Providers.
• Student Support Service Providers.
• Student Accommodation Providers.
• IT Service Providers.
• Parents/Guardians: For students under 18 years old.
• Crime Prevention or Detection Agencies: Such as the police, Department for Work and Pensions, and Trading Standards.
• Banks and Employers: For confirming student status or providing references, at your request.
• Debt Collection Agencies: If money owed is not recovered.
• Third-Party Software Systems: For managing applicant and student data functions.

We share personal data where we have a lawful basis to do so, including where it is necessary for the performance of our contract with you, to comply with legal obligations, to protect vital interests in an emergency, or where we have legitimate interests that are not overridden by your rights and interests. Where consent is the appropriate lawful basis for a specific disclosure, we will seek consent. We may also use or share anonymised or aggregated data for reporting, benchmarking, and service improvement purposes where individuals are not identifiable.

The School securely collects, stores, and processes your personal information in various paper and electronic formats, accessible only to authorised staff and trusted contractors with a legitimate business need. Your data is used for:

• Academic Administration: Supporting your education through admission, registration, programme management, placements, progress tracking, awards, assessments, examinations, attendance, and research.
• Financial Administration: Managing fees, scholarships, bursaries, and sponsor-related funding.
• Facility Use: Overseeing access to buildings, catering, computing services, libraries, careers services, health and wellbeing services, and graduation events.
• Disciplinary and Appeals Management: Handling complaints, investigations, and disciplinary proceedings related to student and academic misconduct.
• Regulatory Processes: Supporting extension requests, extenuating circumstances, intermission applications, and student surveys.
• Statutory Reporting: Fulfilling legal obligations and monitoring equality responsibilities.
• Health and Safety: Ensuring student wellbeing, safeguarding, and crime prevention.
• Regulation Compliance: Monitoring adherence to School regulations.
• Management Reporting: Conducting research and statistical analysis for reporting purposes.
• Visa Compliance: Verifying study rights and visa terms.
• Academic Records: Providing transcripts and award certificates.
• CCTV Administration: Managing the School’s CCTV system.
• Communication: Contacting you regarding studies, administration, support, and updates about the School.

Special category personal data and information relating to criminal convictions are handled with appropriate technical and organisational safeguards. Data Owners are accountable for ensuring appropriate use, lawful basis mapping, transparency information, and data quality within their domains, with privacy operations coordinated by the Internal Data Protection Lead and information security and systems controls operated by the Director of Technology, in line with the School’s Data Protection Policy and Information Governance Policy.

Your personal data is stored within the School’s designated systems-of-record and governed repositories, including the Student Management System and other approved platforms used for learning delivery, assessment, student support, and governance workflows. Access is restricted using role-based access control so that only authorised staff and approved contractors with a legitimate need can access the information required for their role. The School applies technical and organisational safeguards to protect confidentiality, integrity, and availability, including access lifecycle controls, approved tooling, and security monitoring proportionate to risk.

We retain personal data only for as long as necessary for the purposes for which it was collected and in accordance with legal, regulatory, academic, contractual, and operational requirements. Retention periods are defined and managed through the School’s Data Retention Schedule and Policy, which sets out minimum retention periods, accountable Data Owners, systems-of-record, and secure disposal expectations for each category of record. The School retains long-term academic award verification records to enable the verification of awards and academic history, with appropriate safeguards and minimisation applied. Where legal claims, complaints, appeals, investigations, safeguarding matters, audits, or regulatory obligations apply, retention may be extended under a documented legal hold. Automated decision-making, including profiling producing legal or similarly significant effects, is not used unless we tell you and we have a lawful basis and appropriate safeguards.

We regularly review and update privacy notices to ensure they remain accurate and aligned with our processing activities, systems, and legal requirements. The current version of this notice is the authoritative version in force. Historic versions are archived in the School’s governance and assurance system-of-record so the School can evidence what applied at any point in time.

We are committed to protecting your privacy. Please note that additional privacy notices cover data related to staff, enquiries, applications, current students, alumni, and website use. These notices are available on our website.

Before your graduation, we will request additional details to arrange your attendance, your guests' attendance, and to process your award certificate. This information, along with graduation details, will be available on our website. Photographers and videographers may be present at graduation ceremonies, and the ceremony may be recorded or live streamed where this forms part of the event arrangements. Where recordings, photography, or live streaming take place, we provide transparency information in advance and apply appropriate privacy safeguards. Where the School uses graduation photography or video footage for promotional or marketing purposes, we will ensure a lawful basis applies and, where required, we will seek appropriate consent or provide an appropriate opt-out mechanism. Your name, award, programme, and ceremony details may be shared with our gowning supplier and other event service providers where necessary to administer the graduation event and related services, under appropriate contractual and data protection safeguards.

To celebrate your achievements, all eligible graduates' names (excluding classifications) will be printed in the ceremony booklet and listed at the end of the graduation film, both live-streamed and available for download. Names will be listed by award, programme, and alphabetically.

Your ceremony invitation will include full terms and conditions, along with an option to opt into sharing your name with our graduation commemorative merchandise suppliers.

Upon successful completion, your contact details may be used for alumni engagement activities, including communications about alumni events, services, and benefits. Where we send marketing or fundraising communications, we do so in accordance with applicable law and your preferences, and we provide clear mechanisms to manage communications. Where third-party service providers support alumni engagement or fundraising analysis, processing is governed by appropriate contractual safeguards and supplier controls in line with the School’s Data Protection Policy and Information Governance Policy. You can manage your alumni communication preferences at any time by contacting alumni@lsi.ac.uk

Additionally, during and after your studies, you may be invited to participate in surveys such as the National Student Survey (NSS), Graduate Outcomes Survey, and Postgraduate Research Experience Survey (PRES). Your contact details will be shared with the Office for Students (OfS) and the Higher Education Statistics Agency (HESA) for survey purposes and will be deleted after the survey closes. These bodies may retain your details for future public interest surveys, subject to your legal rights.