Skip Page Menu
SERC Privacy Notice
Apprenticeships NI
Business Meeting Recordings
Business Support
Campus Health And Wellbeing
Careers Service
Community Engagement
Data Protection Policy
Enterprise, Entrepreneurship & Environment
Estates
Examinations
Finance
Health and Safety
Higher Level Apprenticeships
Human Resources (HR)
Information Rights Requests
International Department
Learning Academy
Learning Support
Lecture Capture
Library
Little SERC (Creche)
Marketing
National Fraud Initiative
Photography/Videos & Audio Recordings
Placement Providers
Retention and Disposal Schedule SOP
Special Category Policy Document
Student Enrolment
Student Placements

Community Engagement

 

Introduction

This Community Engagement Privacy Notice should be read in conjunction with the College’s privacy notice, further information on GDPR and your Rights can be found by clicking this link: https://www.serc.ac.uk/PrivacyNotice/

SERC is a “data controller” for the purposes of Data Protection legislation. This means that we are responsible for deciding how we hold and use personal information about you. This privacy notice explains how we hold and use any personal information we collect about you before, during and after your relationship with us.

The College will process all personal data in compliance with the UK General Data Protection Regulations (UK GDPR) and Data Protection Act 2018 for the purpose of providing support through our Community Engagement programme for the purpose of promoting, supporting and encouraging an individual return to education. We will never ask for information that is unnecessary to deliver this service.

SERC is the Data Controller registered with the Information Commissioner Office (ICO) and is responsible under the Data Protection Act 2018 for the personal data that you submit to us.

The Data Protection Officer email for the College is informationrights@serc.ac.uk The College’s registration reference number with ICO is Z6477199.

SERC will collect and use your personal data as per the terms of the programme/project you have engaged in with the College.

Lawful Basis for Processing 

Personal Data 

As a FE College our main lawful basis for processing your personal data in Community Engagement are as follows 

  • Article 6.1(e) - processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. 

On occasions we may be required to process your personal data for other reasons however we will only do so where a Lawful Basis applies. 

We are also required to collect, process and maintain special category data. Our lawful basis for processing this information is :

  • Article 9.2(g) - processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject; On occasions we may be required to process your personal data for other reasons however we will only do so where a Lawful Basis applies.

Schedule 1(8) Data Protection Act (2018) - Equality of opportunity or treatment  

What information do we collect about you?

The information collected may include:

  • Name
  • Address
  • Date of birth
  • Contact details
  • SERC service of interest
  • Additional relevant information to support application/enquiry
  • National Insurance Number
  • Employment status and previous employment, if applicable
  • Residency status
  • Previous educational attainment
  • Education/Employment Barriers (may include Health Data)   

How will we use the information about you?

We need your information:

  • To determine your eligibility.
  • To monitor your progress.
  • To facilitate the successful program/project delivery
  • To inform future programme changes.
  • To contact you about issues directly related to your participation on the programme/project (e.g. changes that you need to be aware of, or a follow up survey)

We will use your personal data for these purposes only. 

How do we Collect Personal Data?

SERC Community Engagement/ Project Staff will collect personal data directly from an individual who is enquiring to use our service. Personal data may also be obtained from a third-party organisation e.g. referrals.

Who will have access to my information, or who will you share it with?

We will only share information where there is a lawful basis to do so.  Recipients of the data may include:

  • SERC Community Engagement staff
  • SERC Careers staff
  • SERC Student Funding staff
  • SERC Learning Support staff
  • SERC Teaching staff
  • SERC Customer Service staff
  • Little SERC (Creche) staff
  • Third-Party Organisation who initially made the referral
  • SERC Project Staff
  • Project Stakeholder/ Funders 

Data Subject Rights

Under certain circumstances, by law you have the right to:

  • Request access to your personal information
  • Request correction of your personal information
  • Request erasure of your personal information. However, please note that the right to erasure doesn't apply when processing is necessary for performing a task carried out in the public interest or in the exercise of official authority. This includes tasks mandated by law, educational purposes, health purposes, and social care purposes. 
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about their particular situation which makes them want to object to processing on this ground.
  • Object to processing of your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information.
  • Request the transfer of your personal information to another party.
  • Right to withdraw consent

These rights are not absolute. Further information on data subject rights can be found in our Data Protection Policy. You also have a right to lodge a complaint with the Information Commissioner’s Office if you believe we have not handled your personal information in accordance with the Data Protection legislation. In the first instance complaint should be made to the Company

Retention Period

Community Engagement will only retain personal data for as long as necessary to fulfil the purpose we collected it for, for the purpose of satisfying any legal, accounting or reporting requirements. Community Engagement will retain records in line with the FE Sector Retention and Disposal Schedule.

Use of Artificial Intelligence (AI)

Tools  The College uses Microsoft Copilot and other AI technologies to support and enhance service delivery, internal operations, and user experience. These tools may assist with tasks such as: 

  • Generating and summarising content 
  • Transcribing conversations 
  • Identifying key actions from meetings 

Where personal data is processed by AI tools, this is done in accordance with the UK General Data Protection Regulation (UK GDPR). Safeguards are in place to ensure: 

  • Data minimisation – only necessary data is processed 
  • Purpose limitation – data is used solely for defined purposes 
  • Access controls – data is restricted to authorised personnel 

Where appropriate, the College conducts Data Protection Impact Assessments (DPIAs) to assess risks and implement necessary protections. Individuals will be informed when AI tools are used in ways that may affect them. 

The College does not use personal data to train AI models. All AI-generated outputs are reviewed to ensure fairness, accuracy, and compliance with data protection principles. 

AI tools are used to assist staff and do not make automated decisions about individuals. Final decisions involving personal data are always subject to human oversight.