Policies

SafeZone - EDS support services

Information you need to know

The EDS Support Services Department are part of the Estates and Digital Services Division which is part of the University of Leicester. Get more information on the institution. The University of Leicester is the Data Controller for your information.

To contact the University’s Data Protection Officer please email DPO@le.ac.uk.

This privacy notice explains how we use your personal information and your rights regarding that information.

What information are we collecting?

  • (a) Names
  • (b) Employee/Student ID
  • (c) Email addresses
  • (d) Location data – Only when user checks in on the app whilst on campus
  • (e) Access requirements

Why are we collecting your data?

To ensure compliance and fulfil our legal duty, the University of Leicester data has to provide the services below available via the SafeZone application:

  • Emergency response and or first aid, we will respond once a button has been pressed be able to locate a person on campus and send them assistance. Push notifications can also be sent to the individual via the app to provide urgent information in the event of an incident.
  • Track and Trace information based on historical location data when needed for such things as COVID-19 proximity information we can provide it to inform others of the risk to themselves.
  • Assistance from Security on general enquiries. SafeZone app uses high-speed push messaging to allow Security to send you important notifications in the case of an emergency or critical incident on campus.

How we will use this data?

Data will be used to:

  • Ensure we respond to the safety of our staff, students and the visitors on campus.
  • Locate and manage incidents raised by staff or students across campus.
  • Track and trace may be collated to allow us to examine relevant information for the tracing of peoples in the vicinity of other individuals, and to provide information as requested by Public Health England.
  • The personal information will be used to support the NHS Test and Trace system and Public Health England COVID-19 monitoring systems. For example, the names and contact details of relevant visitors of the venues listed on the Contact Tracing form will be provided to the NHS to support Test and Trace when they ask for these records either because someone who has tested positive for COVID-19 has listed the University as a place they visited recently, or because our premises or local area have been identified as the location of a potential local outbreak of COVID-19. If requested to, we may pass the personal data onto Public Health England for them to use in part or in full to assist with their COVID-19 monitoring systems.

What is the legal basis for processing the data?

The legal basis that we are relying on is:

Article 6(1)(e) – ‘processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller’ As information about health is a special category of personal information, a further section of the GDPR applies which is based on:

Article 9(2) (i) – ‘processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy and Schedule 1, Part 1 (3) of the DPA 2018.  

In most circumstances processing is necessary for compliance with government guidelines and legal obligation to fulfil our duty of care to the individual and the wider community. The law on protecting personally identifiable information, known as the General Data Protection Regulation (GDPR), allows Public Health England to use the personal information collected by NHS Test and Trace.

For more information please visit government website on:

If we are sharing your data with others who are we sharing it with?

Location, name and contact details may be shared with the following:

  • Other University of Leicester departments – In the event of support requirements resulting from an incident, for example administering first aid
  • Public Health England – In the event of a positive contamination, this is to allow them to track the COVID-19 outbreak, warn vulnerable communities and to improve the effectiveness of government frontline responses.

How long we will process your data for?

All data is kept in UK and EEA data centres as the service is acquired via a SaaS for 21 Days in accordance to Government advice.

What are your rights and how to enforce them?

If we are unable to process your personal data this may result in a restriction of work place activity and may also prejudice settlement of claims.  

The following rights may apply to your personal data which we may process:

  • Right to be informed
  • Right of access
  • Right of rectification
  • Right to restrict processing
  • Right to object processing

How to complain to the Information Commissioner’s Office?

If you wish to complain about any part of the Privacy Notice or its implementation the first step would be to contact the University Data Protection Officer by email on DPO@le.ac.uk.

The Information Commissioner can be contacted on:

  • Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK95AF
  • +44 (0)303 123 1113
  • ICO website

Back to top
MENU