This page is no longer recommended for use, and Users are kindly reminded to refer to the HEAT Privacy Notice page instead. Additionally, all references to the HEAT Privacy Notice webpage should use the following link https://heat.ac.uk/privacy-notice/, which contains the most up to date information.
What is the HEAT Service and what does it do?
Led by the University of Kent, the Higher Education Access Tracker (HEAT) Service enables its members to monitor and evaluate the effectiveness of their education outreach activities. If you are reading this information you are very likely to have taken part in outreach activities with universities, colleges or charitable organisations whose aims are to support your choices about going into higher education (view the list of current HEAT members).
Why is data stored about you?
In accordance with the Data Protection Act 2018 (the UK implementation of the General Data Protection Regulation), the HEAT Service (the Data Processor) is permitted to store and process student data on behalf of our members (the Data Controllers) because the data is used for research in the public interest. HEAT members use your data to find out if their outreach activities are effective. For example:
- Do outreach participants go on to higher education?
- Are outreach participants more likely to go on to higher education than those who do not participate?
- What can schools, colleges, universities and charities do to improve their outreach work?
What data is stored?
When you apply for or take part in, education outreach activities, the providers ask for and keep your:
- Full name
- Date of birth
- Home postcode
- School or college name
Some providers may also keep information on your ethnicity and any disability you might have, along with additional criteria for their own reporting.
How is your data stored and processed?
The Office for Students (OfS) requires providers to evaluate the effect of outreach on student outcomes. The HEAT database ensures that our members can store your details in a secure system that it can only be accessed by the member organisation(s) that have worked with you. For research and evaluation purposes, members may also share your data with HEAT researchers and the following bodies:
- The Office for Students (OfS)
- The Department for Education (DfE)
- Education and Skills Funding Agency (ESFA)
- The Higher Education Statistics Agency (HESA)
- The Universities and Colleges Admissions Service (UCAS)
Your data will never be used for marketing purposes, shared, sold or seen by anyone else. The HEAT Service processes data solely for the monitoring and evaluation purposes described above. Data is not linked to or used for any decision-making process which might directly affect individual students. Results are presented in an aggregate form without disclosing any specific details of individual students.
For how long will your data be kept?
If you are under 21 years old at the time of first outreach activity:
- Your data will be retained for 15 years after graduation or until 30 years of age (whichever comes first).
If you are over 21 years old at the time of first outreach activity:
- Your data will be retained for 15 years after graduation or for 10 years after your first outreach activity (whichever comes first).
After this time, data will be anonymised in bulk at the beginning of the next academic year. This retention policy will be reviewed each year to ensure it remains fit for purpose and compliant with relevant legislation (see the HEAT Service Privacy Notice)
Your rights: who to contact about your rights, to make an enquiry or complain if you are unhappy
Under Data Protection law, you have the right to object to the storing and use of your data or request to have your data removed from the HEAT database.
Enquiries about your rights, Freedom of Information and Subject Access Requests, can be made to the HEAT Service in the first instance by contacting the HEAT Helpdesk which will be able to signpost you to the HEAT member who is the Data Controller for your data.
The University of Kent is registered with the Information Commissioner’s Office (ICO) Data Protection Register (Number Z6847902). Data Protection enquiries pertaining to the University of Kent can be made by emailing email@example.com.
For further information about Data Protection; advice and guidance on your right to privacy; or to make a complaint, you should contact the Information Commissioner’s Office (ICO) – the regulatory body for UK Data Protection:
Information Commissioner’s Office
Telephone helpline: 0303 123 1113