Skip to main navigation Skip to content
Accessibility|Text only| Text size: A A A| Display: Default / High contrast
RSS icon

We use cookies on this website. If you continue to use the website, we will use cookies to maximise your experience and help us to improve.

To find out more about cookies, how we use them and how to remove them, see our privacy and cookies statement.

Privacy and cookies statement

This privacy and cookie statement tells you what to expect when The Quality Assurance Agency for Higher Education (QAA) collects personal information. It applies to information we collect about:

  • visitors to our websites, which include http://www.qaa.ac.uk/heer.qaa.ac.uk, www.accesstohe.ac.uk, http://www.enhancementthemes.ac.uk/ and the secure Qmmunity reviewer extranet (all links open in new windows)
  • people who email QAA
  • people who call QAA
  • people who contact QAA via social media
  • individuals complaining about QAA
  • individuals who contact QAA in relation to a data protection subject access request or other enquiry
  • people who use our services, for example subscribe to one of our newsletters, attend a QAA event, or request a publication from us
  • testing and training.
 

Visitors to our websites

When you visit one of our websites, we collect standard internet log information and details of visitor behaviour patterns. This helps us to identify the number of visitors to various parts of the site. We collect this information in a way which does not identify anyone. We do not attempt to find out the identities of visitors to our websites. We will not associate any data gathered from this site with any personally identifying information from any source.

Where we need to collect personally identifiable information through one of our websites, we will do this by asking users to complete a registration form (for example when registering to use the HEER database, to sign up to attend a QAA event or to receive a QAA publication). We will make it clear when we collect personal information and will explain what we intend to do with it.

We may use personal information collected when people contact us to offer services and information related to our work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

Data may be passed to the police and other authorities where it is required in the investigation of illegal activities and security breaches.

Where data is passed to third parties, it is done so in compliance with the Data Protection Act 1998.

More information about QAA's Data Protection policy (PDF).

Use of cookies by QAA websites

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, remember your individual settings and preferences, and to measure how you use websites to ensure they meet your needs.

We do not use cookies to identify individuals or collate personal data. We only use cookies to make our sites work better for you.

Most web browsers allow some control of cookies through the browser settings, and you are able to manage and delete cookies from specific websites.

To find out more about cookies, including how to see what cookies have been set by the websites you visit, and how to manage and delete them, visit All About Cookies.

The table below explains the cookies we use on this website and why. All links within the table open in new windows.

CookieNamePurposeMore information
Cookie acceptance acceptcookies

On first visiting our website, you will see a message at the top of your screen explaining that we use cookies. If you click to accept and hide the message, a cookie is stored so that you will not see the message appear again when you visit the website. Set to expire after 100 years.

Google Analytics _utma
_utmb
_utmc
_utmz

These cookies are used to collect information about how visitors use our site. This information is used to improve QAA's sites and to ensure they meet your needs.

All data is collected in an anonymous form and includes information such as the number of visitors to our websites and the pages they visit while they're on our sites.    

Overview of privacy at Google

Opt out of Google Analytics

Google cookies
GAPS
khcookie
NIDS
PREF
VISITOR_INF01_LIVE
YSC

We use the YouTube video player and Google Maps functionality on our website. These are cookies set by Google to store your user preferences.

Overview of privacy at Google

Session cookie
f

Stores the font size, if you have selected one of the options provided in the accessibility menu. Set to expire after 20 minutes.

Session cookie
 homepage_imageno

This cookie refreshes the image that appears in the top right-hand corner of the Access to HE homepage. It is purely for design purposes. Set to expire after 40 minutes.

All About Cookies: What is a session cookie used for?

Session cookie

 accessibility

Stores the contrast setting you have selected while using the website. Set to expire after 20 minutes.

All About Cookies: What is a session cookie used for?
Session cookie
LoggedIn 

Stores your email address if you are logged in to the AVA area, so that it displays in the main navigation throughout your visit. Set to expire after 30 minutes or cleared when you log out.

All About Cookies: What is a session cookie used for?

Standard ASP.NET cookie

ASPXAUTH

Created and set when you log in to the AVA area. Expires when the browser closes.

All About Cookies: What is a session cookie used for?

Standard ASP.NET cookie

ASP.NET_SessionId

Created when session state is used. Expires when the browser closes.

Links

Our websites contain links to other sites. QAA is not responsible for the privacy practices within any of these other sites. We encourage you to be aware of this when you leave our sites and to read the privacy statements on other websites you visit which collect personally identifiable information. This privacy statement applies solely to information collected on our websites.

People who email QAA

QAA retains a copy of all emails sent in and out of our network for 5 years. Emails that are saved as records may be kept longer. This data is held securely and will be released to third parties only when QAA believes the release is appropriate to comply with the law.

People who email QAA should be aware that access to email messages may be shared between QAA staff for business purposes. 

We may use personal information collected when people contact us to offer services and information related to its work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

People who call QAA

Voicemail messages left for members of QAA staff can be accessed via email. Callers should be aware that access to email messages may be shared between QAA staff for business purposes.
Email and audio data is held securely and could be released to third parties if QAA believes this is appropriate to comply with the law.

People who call QAA information and enquiry lines should expect to have their calls monitored to assist QAA in maintaining and improving the standards of our customer service and for staff training purposes. Private phone calls to QAA staff will not be monitored.

We may use personal information collected when people contact us to offer services and information related to our work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

People who contact QAA via social media

QAA retains copies of messages received via social media. Any personal data collected will only be used in order to respond to the message. Messages are retained for a set period of time, and used by QAA to monitor its social media activity.  Data is held securely and could be released to third parties if QAA believes this is appropriate to comply with the law.

Individuals complaining about QAA

When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.

We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.

We usually have to disclose the complainant's identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person's record is in dispute. If a complainant doesn't want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.

We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for 10 years from closure. It will be retained in a secure environment and access to it will be restricted according to the 'need to know' principle.

Individuals raising a complaint by calling QAA's information and enquiry lines may have their calls monitored (see above People who call QAA).

Individuals who contact QAA in relation to a data protection subject access request or other enquiry

Personal data relating to a data subject access request or other information request will not be disclosed publically. However individuals should be aware that they may be identifiable through the details of their request.

People who use QAA services, e.g. who subscribe to one of our newsletters, attend a QAA event, or request a publication from us

QAA offers various services to the public, including publications, newsletters and events. We have to hold the details of the people who have requested the service in order to provide it.

We may use personal information collected when people contact us to offer services and information related to its work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

Information Sharing

QAA may share information with organisations with a common interest in protecting standards and quality in higher education. This is regulated by Information Sharing Agreements (opens in new window)​.

Testing and training

 
Test data

To ensure that the systems are tested thoroughly, QAA uses recent copies of live data from existing systems. This ensures that the system can cope with comparable volumes of information, that a wide range of realistic scenarios is covered, and that the test will reflect all the possible combinations that occur in the real environment. Test systems are isolated from external networks to ensure that live systems are not compromised.

QAA's use of data for training purposes

Training may be undertaken using the live or test environment. In either case, the people accessing the data will be limited to those who would have access to it in the real environment, and have completed the appropriate non-disclosure and confidentiality agreements where necessary.

Complaints or queries

Should you think that QAA's collection or use of information is unfair, misleading or inappropriate, you are encouraged to contact us at the address below ('How to contact us').

Access to personal information

QAA tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a 'subject access request' under the Data Protection Act 1998. To make a request to the QAA for any personal information we may hold you need to put the request in writing addressing it to our Information and Records Team at the address provided below ('How to contact us'). For further guidance please see QAA's subject access request guidance and form (PDF 184 KB).

Disclosure of personal information

We may use personal information collected when people contact us to offer services and information related to its work on quality and standards in higher education, which we feel would be of interest. This may include services offered by our wholly owned trading subsidiary QAA Enterprises Limited. QAA will enable users to 'opt out' of further contact with QAA or QAA Enterprises at the time that personal data is collected.

Please also see our information sharing agreements (opens in new window).

Notification of changes to this privacy notice

If we decide to change our privacy policy, we will post details of any changes on this page. This will help ensure that you are always aware of what information we collect, how we use it, and under what circumstances, if any, we share it with other parties.

This privacy notice was last updated on 6 May 2015.

How to contact us

Requests for information about our privacy policy can be emailed to dataprotection@qaa.ac.uk or by writing to:

Information and Records team
Quality Assurance Agency for Higher Education
Southgate House
Southgate Street
Gloucester
GL1 1UB

Summary of terms

Browser

Used to locate and display web pages via a software application.

Cookie

Message given to a web browser by a web server. The message is then stored by the browser in a text file called cookie.txt. Each time the browser requests a page from the server, this message is sent back.
A cookie's main objective is to identify users and/or personalise their visit by customising web pages for them, for example by welcoming them by name next time they visit the same site or remembering previously selected choices.

IP (Internet Protocol)

All networks connected to the internet speak IP, the technical standard which allows data to be transmitted between two devices. TCP/IP (Transmission Control Protocol/Internet Protocol) is responsible for making sure messages get from one host to another and that the messages are understood.

IP address

If you are connected to the Internet you have one, for example it may look something like this 195.185.99.9

Web server

Delivers (serves up) web pages to your computer.