Privacy notice – library (members of the public)

This notice sets out how the University uses your personal information. It applies if you are a member of the public. It should be read in conjunction with the University's Data Protection Policy.

What personal information will be processed?

The University may store, process or otherwise control the following personal data, provided by you when you have applied for membership in the University Library:

  • Name
  • Address
  • Phone number
  • Email address
  • Photograph

How your personal data is used by the University

The personal data outlined above will be used for the following purposes because it is necessary to do so for the performance of the contract:

  • Creation of a Library Account
  • Production of ID Card
  • Granting access to the Library and the resources
  • To inform you about operational changes to the Library service
  • To manage your library account


In certain circumstances the University may share your personal data with certain third parties, with or without prior notification, but will only do so in compliance with its legal obligations.

The University will ensure that it has adequate data sharing or contractual agreements in place before any transfers with external parties take place. We will not sell your personal data to third parties under any circumstances, or permit any third parties to sell the data we have shared with them.

Opting out

If you would like to opt-out of the personal data processing outlined, please contact

Please note, in certain circumstances the University may continue to process your personal data, but will only do so in line with its Data Protection Policy.

Storage and retention

Your data will be stored safely and securely. Data relating to members of the public is generally held for a period of your current membership. For more detailed information, please contact the University's Record Retention Schedule.


Depending on the nature of the processing activity and the legal basis on which it is taking place, you may have one or more rights in respect of your personal data:

  • Right of access
  • Right to data portability
  • Right to rectification
  • Right to be forgotten
  • Right to request a restriction of processing
  • Right to object to processing
  • Right not to be subject to automated processing

The University will manage data subject rights access in accordance with its Data Subject Rights Procedure. To find out more information or to exercise your rights as a data subject, please visit the data protection web pages.

Other information

The University will publish any changes we make to this data protection statement on the website, and will notify you by other communication channels where appropriate.

The University of Roehampton is registered with the Information Commissioner's Office, and acts as data controller for the personal data outlined in this notice.

You can raise any queries relating to the processing of your personal data with the University's Data Protection Officer, whose contact details are available on the University website.

You have the right to make a complaint about the University's handling of your personal data to the Information Commissioner's Office, and can do so at