The University of Sheffield
Corporate Information and Computing Services

Personal Information

Personal information about you is held by the University and carried across University systems

The University needs to have and use this information to perform its usual business. You can be assured that access to this information is restricted, in part or in whole. Your rights of access are protected under the English law of Data Protection, and the University adheres to strict policy on this subject.

This leaflet explains how common data is made available via a public directory, and how you can request restrictions be placed on your information in this common data. It explains how you can and should access your personal records online. It also sets out your obligations with regard to acceptable use of the facilities and publishing. Finally, you are informed how personal usage information can be accessed in the event of complaint.

1. Personal Information

In order to carry out its statutory, academic and administrative functions the University needs to collect and process personal information relating to many categories of people, which include its students and staff. The University takes the confidentiality of all personal information very seriously and consequently takes all reasonable steps to comply with the principles of the Data Protection Act. To this end, the University aims to collect personal information only in order to meet specifically planned, agreed and necessary purposes, and to retain that information only for as long as those purposes remain valid.

2. Public Directory

Certain information about members of the University is made public, unless the owner of that information wishes otherwise.

There is a public directory, provided with a Web interface to allow both on and off campus access to contact information. This information is available from anywhere on the Internet, and therefore potentially to anyone. (The principle is akin to a BT telephone book.) The directory is available from http://www.shef.ac.uk/findpeople/ and has the following format:

Example of find people screen

The way the system works is that into the Enter Name: text box you type in a surname, initial and surname combination, or a combination with wildcard. Then from the right hand side you choose the Search Group: status into which the person of interest falls, e.g. Staff, Undergraduate, etc. Upon clicking the submit button, one or a number of matches (depending on how tightly you defined your search) is/are returned to you.

For staff, the returned information includes initials and surname, department, status (Staff), telephone number, and email address.

For students, the returned information includes initials and surname, department, status (Undergraduate, Taught or Research Postgraduate), and email address.

For example, performing a search for c cartledge in the staff directory would return:

example of find people results screen

Relatives and friends find such a directory useful, but to preserve your privacy you can opt out of the directory facility, effectively having your details withheld from public view.

email : dsamanager@sheffield.ac.uk

3. University Records

The University has to record on a central database your study progress, the modules you are taking and those you have completed, etc., along with your personal contact details. You can access this information, via a Web form interface, available below the Check Your University Records from Student Services Information Desk (SSiD) Web pages.

This lets you check (via PIN secured access) that your records are correct and up-to-date. It is your responsibility to do this. Some of the information you can change yourself via the online system, but other changes will have to report to SSiD, in the Union of Students.

Student Services Information Desk (SSiD)

4. Computer Misuse

All users of the University's computing facilities must comply with the rules and regulations. It is your responsibility to become familiar with the IT Code of Practice.

You must recognize that the resources of the University's network are limited and take due account of this in any use of the system. This consideration is relevant to the volume and nature of email, to individuals, news groups, and mailing lists; the size and location (particularly in other countries) of any files to be transferred; and the storage of large amounts of data on central file servers. The University is also charged by usage for certain network facilities, including a large proportion of incoming transatlantic traffic.

Users of University IT facilities must conform to all applicable rules of English law, for example the laws on pornography, defamation and financial services advice.

Cases of computer misuse must be reported to the Director of CICS and will be investigated.

email : C.Sexton@sheffield.ac.uk

5. Harassment

Careful consideration should be given to the content of any published material (e.g. email, newsgroup contribution, Web page, images displayed on a screen, computer printout). Published material that is unacceptable to the recipient and which creates an intimidating, hostile or offensive environment may constitute harassment under the University's guidelines. Publication of such material outside the University may harm the University's good name or bring it into disrepute.

You can find information about harassment from the Personnel Department Web pages.

In cases of computer related harassment, use the emails below.

email : abuse@sheffield.ac.uk

Any students or members of staff who have been subjected to abusive emails, harassment, or any other form of abuse can have their email address changed or their emails filtered. You should make an application to the Director of CICS.

6. Logged Information

The University has a responsibility to measure computer usage for a wide number of reasons. Mostly this data is used anonymously for statistical purposes, like software licensing monitoring, phone and data network performance, obligations to third parties (academic network providers external to University), etc.

Although there is no active monitoring of personal use, the University takes all complaints of misuse of IT facilities very seriously and will investigate as far as is reasonably practicable. Therefore, individual information may be accessed in the event of a complaint. For example, a particular person who was using a specific machine at a given time can be identified; Web pages accesses can be linked with individuals; and, although the content of emails is not recorded, the header information is, which means time, date, sender and recipient information is accessible. Only specific people are authorized by the University to access such information.

Under English law, the University can be required to supply relevant information to appropriate authorities, eg the police, UK customs, etc to assist in criminal investigations.

7. Obligation to Students

The obligation of CICS to students is set out in the Students' Charter: and manifests itself in the form of the Service Level Agreements (SLAs)