Data use under GDPR - How do we use your Data in IRIS
IRIS is using personal data for a range of processes to ensure Bangor University complies with legal and statutory requirements and to enable the performance of public tasks and to manage its business interests.
Research, consultancy or other externally funded activities
If you are involved in research activities, consultancy or other externally funded activities managed by or in collaboration with Bangor University we may need to use information about your salary and employment contract as well as your CV or personal circumstances. If Bangor University holds this information on file we will use these data sources, but we may have to request further information from you.
Research and other external funding applications
Your data will be used as required by the funder, lead partners and BU internal processes:
- to check your eligibility
- to support the preparation of proposals, including
- evidence of eligibility
- project budgets
- justification of resources
- clarification of funder, government or internal rules and regulations
We may have to share your data with colleagues in various departments at Bangor University and/ or other organisations, if they are involved in developing, approving and/ or submitting the application. We may also have to share some data with funding bodies or external advisory organisations or collaborators/ lead partners to clarify the application of rules in your case.
We will have to submit your relevant data to the funding body, which will further share them according to their internal processes and evaluation procedures. This can include individuals worldwide.
If your proposal is successful, we may ask your permission to use a redacted version of your proposal as an example for colleagues across Bangor University.
We will have to retain some data beyond the award of the application or beyond the end of successful projects in order to comply with audit and reporting requirements. This may extend beyond your association with Bangor University.
Project management
Your data associated with successful proposals will be used as required by the funder, lead collaborators and BU internal processes:
- for project budget monitoring and adjustments
- for reports
- justification of resources
- clarification of funder, government or internal rules and regulations
- evidence of eligibility
- for audit and reporting requirements by the funder, governments, BU management and other stakeholders.
We will have to retain some data beyond the end of successful projects in order to comply with audit and reporting requirements. This may extend beyond your association with Bangor University.
Performance assessments, reports and consultations
IRIS is required to report on or contribute to reports and consultations about Bangor University to governments, sector organisations or other stakeholders as well as provide management information within Bangor University. This may include some personal data.
PURE Research Information Management System
In order to manage our research activities, such as an evidence-based approach to Bangor University's research and collaboration strategies, related data are held in the PURE system.
Further information about the purpose of PURE, what information about you might be held on the system and how it can be updated is described here: /reo/pure
The Research Excellence Framework (REF)
Bangor University is currently preparing for the REF 2021. /research-support/ref-2021
We have to collate metrics and develop case studies for this extensive assessment exercise over several years and we have to hold relevant personal data as supporting evidence. As data are collated, they will be analysed and used to direct strategic efforts to improve research performance of the institution.
The extent of data we hold will be refined as the rules for the REF 2021 develop.
This includes publicly available data such as research outputs and some information about grant capture, but also non-public information such as your CV, salary and career progression, performance assessments and references or details of personal circumstances including sensitive personal data if necessary. Impact case studies may also be supported by a wide variety of data from a wide range of external sources from commercial, governmental and research sector organisations worldwide.
Non-public data are only accessible to managers and administrators assigned to work on REF related data in your area, unless you make them publicly available through the PURE system. Access is restricted through permission levels on the databases and systems where we hold data. Sensitive data submitted for REF purposes are only accessible to the REF Manager and are password-protected.
Bangor University is required to maintain RAE and REF related data for 20 years after the outcome of the respective exercise in order to comply with audit requirements. This may extend beyond your association with Bangor University.