Skip to content

Non-Staff REF Privacy Notice


The University of Chester is committed to protecting the rights and freedoms of individuals as detailed in relevant Data Protection legislation including looking after any personal data that it collects, uses or hold.  This Data Processing and Privacy Notice describes how and why we collect and use personal information about you.  It is issued under your right to be informed about how the University collects, uses and stores your personal data.

Data Protection Principles

We will comply with data protection legislation, which says that the personal information we hold about you must be:

  • Used lawfully, fairly and in a transparent way
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
  • Relevant to the purposes we have told you about and limited only to those purposes
  • Accurate and kept up to date
  • Kept only as long as necessary for the purposes we have told you about
  • Kept securely

What Personal Data does the University collect?

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

The personal data of non-staff that may be included within the REF submission is sourced from the individual concerned. The data for an individual will include:

  • your name and title;
  • details of your employer and job title(s).

Why does the University need this data and how will the University use this data?

The data will be used to provide the REF panels with information about the impact of our research. For the purposes of the REF, impact is defined as an effect on, change or benefit to the economy, society, culture, public policy or services, health, the environment or quality of life, beyond academia.

What is the Legal Basis for processing the data?

The University needs to process personal data for the performance of a task carried out in the public interests. Processing personal data allows the University to make a submission to Research Excellence Framework which potentially benefits the University by: generating research income from Research England; contributing to the reputation of University by benchmarking and influencing league table positions. The submission also provides accountability for the use of public funds.

For how long will the University keep this Data?

Impact case studies will normally be retained by the University indefinitely except where material is identified as confidential. Confidential details will be retained until the completion of the assessment exercise (expected December 2021). See the section below regarding sharing of data.

Who has access to the data and with whom will the University share this data?

Your personal data will be available to the staff at the University involved in making the REF submission (for example, staff writing impact case studies, unit co-ordinators, Heads of Department, Deans, staff in the Research & Knowledge Transfer Office, Pro-Vice Chancellors and Vice-Chancellor).

Your data will be passed to the REF expert panels and the Equality and Diversity Advisory Panel (whose members are independent of UKRI) for the purpose of conducting a systematic evaluation of submissions, in accordance with predetermined criteria and methods. All panel members are bound by confidentiality arrangements.

Those parts of submissions that contain factual data and textual information about research activity will also be published online by UKRI. Published information is likely to include textual information including impact case studies in which you may be referenced. Your name and job title may be included in this textual information. Other personal details will normally be removed.

You may highlight to the University where you believe your data should be treated as confidential, in which case the University can:

  • identify a conflict of interest for particular panel members, which case the case study is not made available to such individuals; and/or
  • identify specific case studies that either should not be published at all due to their confidential nature, or that should be redacted prior to publication.

Individuals should contact the University’s REF Contacts ( to discuss the most appropriate course of action to deal with confidential material.

How will the University keep this data secure?

Your personal details will be stored in electronic files held on the University’s secure servers.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes. 

What Rights do you have as a Data Subject?

As a data subject of the University, under the Data Protection legislation, you have a number of rights with regards to your data, dependent upon the legal basis for processing that data.  As such you have the right to…

  • Withdraw consent - where the University has used consent as the legal basis for processing;
  • Be informed – about how the University, collects and uses your data;
  • Access your personal data that the University holds and process;
  • Rectify or correct any inaccuracies in your personal data that we hold;
  • Be forgotten by requesting that your details are removed from the University systems;
  • Restrict the processing of your data whilst it is being verified or corrected;
  • Port your data in a machine readable and commonly used format; 
  • Object to certain processing by the University including direct marketing, automated decision making, profiling, scientific/historical research and statistics;

The above rights are not absolute and may only apply in some circumstances such as being dependent upon which lawful process has been used or whether an exemption may apply.

The following table details the right that accompany each lawful basis.


You may contact the University’s Data Protection Officer as necessary regarding your rights. 

Who is the Data Controller and who is the Data Protection Officer?

The Data Controller is the University of Chester, Parkgate Road, Chester, CH1 4BJ.  The Data Controller’s representative is Mr Adrian Lee, University Secretary, who may be contacted at the University address and on 01244 511000. 

The University’s Data Protection Officer (DPO) is Rob Dawson.  He may also be contacted at the University’s address and tel number and also by email on

How to raise questions, comments, concerns, or complaints.

Should you have any questions, comments, concerns or complaints regarding the use of your personal data you should contact the University’s Data Protection Officer as detailed above. 

You may also raise any concerns or complaints with the Information Commissioner’s Office who may be contacted as follows:

Information Commissioners Office
Wycliffe House
Water Lane
Tel: 0303 123 1113.

Changes to this Notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates.  We may also notify you in other ways from time to time about the processing of your personal information.