Skip to main navigation Skip to content
We use cookies on this website. If you continue to use the website, we will use cookies to maximise your experience and help us to improve.

To find out more about cookies, how we use them and how to remove them, see our privacy and cookies statement.
 
 

Privacy and cookie statement

This privacy and cookie statement tells you what to expect when The Quality Assurance Agency for Higher Education (QAA) collects personal information. It applies to information we collect about:

  • visitors to our websites, which include www.qaa.ac.uk, www.sacca.ac.ukwww.accesstohe.ac.uk, www.enhancementthemes.ac.uk and the secure Qmmunity reviewer extranet
  • people who email QAA
  • people who call QAA
  • people who contact QAA via social media
  • individuals submitting complainants or concerns about HEIs
  • individuals complaining about QAA
  • individuals who contact QAA in relation to a data protection subject access request or other enquiry 
  • people who use our services, for example subscribe to one of our newsletters, attend a QAA event, or request a publication from us
  • job applicants and our current and former employees
  • testing and training.

Visitors to our websites

When you visit one of our websites, we collect standard internet log information and details of visitor behaviour patterns. This helps us to identify the number of visitors to various parts of the site. We collect this information in a way which does not identify anyone. We do not attempt to find out the identities of visitors to our websites. We will not associate any data gathered from this site with any personally identifying information from any source.

Where we need to collect personally identifiable information through one of our websites, we will do this by asking users to complete a registration form (for example when registering to use the HEER database, to sign up to attend a QAA event or to receive a QAA publication). We will make it clear when we collect personal information and will explain what we intend to do with it.

We may use personal information collected when people contact us to offer services and information related to our work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

Data may be passed to the police and other authorities where it is required in the investigation of illegal activities and security breaches.

Where data is passed to third parties, it is done so in compliance with the Data Protection Act 1998.

QAA's Data protection policy.

Use of cookies by QAA websites

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, remember your individual settings and preferences, and to measure how you use websites to ensure they meet your needs.

We do not use cookies to identify individuals or collate personal data. We only use cookies to make our sites work better for you.

Most web browsers allow some control of cookies through the browser settings, and you are able to manage and delete cookies from specific websites.

To find out more about cookies, including how to see what cookies have been set by the websites you visit, and how to manage and delete them, visit All About Cookies.

The table below explains the cookies we use on this website and why.

Cookie Name Purpose More information
Google Analytics _utma
_utmb
_utmc
_utmz

These cookies are used to collect information about how visitors use our site. This information is used to improve QAA's sites and to ensure they meet your needs.

All data is collected in an anonymous form and includes information such as the number of visitors to our websites and the pages they visit while they're on our sites.

Overview of privacy at Google

Opt out of Google Analytics

Session cookie ASP.NET_SessionId

Session cookies store information about particular choices you have made during your visit to the website - for example your preferred language choice if you have selected a Welsh language page.

These cookies expire when you close your browser.

All About Cookies: What is a session cookie used for?

Links

Our websites contain links to other sites. QAA is not responsible for the privacy practices within any of these other sites. We encourage you to be aware of this when you leave our sites and to read the privacy statements on other websites you visit which collect personally identifiable information. This privacy statement applies solely to information collected on our websites.

People who email QAA

QAA retains a copy of all emails sent in and out of our network for 5 years.  Emails that are saved as records may be kept longer. This data is held securely and will be released to third parties only when QAA believes the release is appropriate to comply with the law.

We may use personal information collected when people contact us to offer services and information related to its work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

People who call QAA

QAA retains copies of all voicemail recorded as an audio attachment within the email system. As with text-based email, these recordings may be copied or forwarded within the email system, and they are retained for a set period of time. Audio data is held securely and could be released to third parties if QAA believes this is appropriate to comply with the law.

We may use personal information collected when people contact us to offer services and information related to our work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

People who contact QAA via social media

QAA retains copies of messages received via social media. Any personal data collected will only be used in order to respond to the message. Messages are retained for a set period of time, and used by QAA to monitor its social media activity.  Data is held securely and could be released to third parties if QAA believes this is appropriate to comply with the law.

People who use QAA services, e.g. who subscribe to one of our newsletters, attend a QAA event, or request a publication from us

QAA offers various services to the public, including publications, newsletters and events. We have to hold the details of the people who have requested the service in order to provide it.

We may use personal information collected when people contact us to offer services and information related to its work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

Testing and training

Test data

To ensure that the systems are tested thoroughly, QAA uses recent copies of live data from existing systems. This ensures that the system can cope with comparable volumes of information, that a wide range of realistic scenarios is covered, and that the test will reflect all the possible combinations that occur in the real environment. Test systems are isolated from external networks to ensure that live systems are not compromised.

QAA's use of data for training purposes

Training may be undertaken using the live or test environment. In either case, the people accessing the data will be limited to those who would have access to it in the real environment, and have completed the appropriate non-disclosure and confidentiality agreements where necessary.

Complaints or queries

Should you think that QAA's collection or use of information is unfair, misleading or inappropriate, you are encouraged to contact us at the address below ('How to contact us').

Access to personal information

QAA tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a 'subject access request' under the Data Protection Act 1998. To make a request to the QAA for any personal information we may hold you need to put the request in writing addressing it to our Information and Records Team at the address provided below ('How to contact us'). For further guidance please see QAA's subject access request guidance and form (PDF 184 KB).

Disclosure of personal information

We may use personal information collected when people contact us to offer services and information related to its work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

Please also see our information sharing agreements.

Notification of changes to this privacy notice

If we decide to change our privacy policy, we will post details of any changes on this page. This will help ensure that you are always aware of what information we collect, how we use it, and under what circumstances, if any, we share it with other parties.

This privacy notice was last updated on 28 April 2014.

How to contact us

Requests for information about our privacy policy can be emailed to dataprotection@qaa.ac.uk or by writing to:

Information and Records team
Quality Assurance Agency for Higher Education
Southgate House
Southgate Street
Gloucester
GL1 1UB

Summary of terms

Browser

Used to locate and display web pages via a software application. 

Cookie

Message given to a web browser by a web server. The message is then stored by the browser in a text file called cookie.txt. Each time the browser requests a page from the server, this message is sent back.

A cookie's main objective is to identify users and/or personalise their visit by customising web pages for them, for example by welcoming them by name next time they visit the same site or remembering previously selected choices.

IP (Internet Protocol)

All networks connected to the internet speak IP, the technical standard which allows data to be transmitted between two devices. TCP/IP (Transmission Control Protocol/Internet Protocol) is responsible for making sure messages get from one host to another and that the messages are understood.

IP address

If you are connected to the Internet you have one, for example it may look something like this 195.185.99.9

Web server

Delivers (serves up) web pages to your computer.