Skip to content

HEAT’s permission to process student data

Under Data Protection law, the HEAT Service (as Data Processor) is permitted to process student data on behalf of member providers (Data Controllers) because it is necessary for a task carried out in the public interest. HEAT uses individual data for research purposes by helping its members to:

  • Record student participation in outreach activities
  • Share data with other providers to assess wider engagement in outreach
  • Monitor neighbourhoods that members are reaching with their outreach activity via postcode profiling to assess equality of access
  • Track individual outcomes through linking HEAT data with administrative data sets from the Department for Education (DfE), Education and Skills Funding Agency (ESFA), Joint Information Systems Committee (JISC), and Universities and Colleges Admissions Service (UCAS)
  • Report on the effectiveness of outreach programmes to the Office for Students (OfS)

The HEAT Service processes data solely for the monitoring and evaluation purposes described, and does not share, pass on or sell data to any unauthorised third parties. Data is not linked to or used for any decision-making process which might directly affect individual students. Results are presented in aggregate form without disclosing the characteristics of individual students; however student-level data are, in some cases, available to other HEAT members for monitoring purposes.

HEAT’s Data Protection policies

Our comprehensive data protection policies aim to communicate how we comply with data protection legislation, by describing the organisational, technological, operational and good-practice measures we embed into every aspect of the HEAT Service. These include, for example, HEAT’s lawful basis for processing data, what data is collected and how it is used, data sharing arrangements, retention, a range of procedural information, and the HEAT Service Privacy Notice. HEAT takes its responsibility for data protection very seriously, and the following suite of documents demonstrates both compliance with data protection legislation and our commitment to safeguard the personal data we hold and processes.

Please note: you will need to be logged into the HEAT database to access these documents.

Banner image courtesy of the University of Kent