Data Protection Privacy Notice for Use of Office 365 at QMUL
This privacy notice explains what personal data of users of Office 365 at Queen Mary University of London (QMUL) will be provided to whom and for which purposes. It is in addition to QMUL’s Data Protection Policy.
QMUL is a data controller in terms of Article 4 of the General Data Protection Regulation. The Office 365 services are provided by Microsoft but administered by IT Services. This is a hosted service. Personal data such as your name and username will be transmitted to Microsoft and held offsite on behalf of IT Services in order to create an account and provide you with the services. This is a requirement of your employment. Personal data from any non-work use you make of the services will be subject to the same conditions. In this respect Microsoft is acting as a data processor for which QMUL has a written agreement with it.
This data may only be used for the purpose of providing the Office 365 services; Microsoft acquires no rights over it and your email or documents held by Microsoft are not scanned for advertising purposes. For more details, please see Microsoft’s Office 365 Privacy Statement.
As with other Queen Mary systems, data will also be available to certain members of IT Services to allow them to administer your account. They will only access your account with your permission or in line with our current guidelines.
Other data about your use of the services may be held in logs which contain information of dates and times of login attempts. These help to identify and resolve problems as well as for anonymised statistical analysis. Logs are retained for a maximum of two months. When you leave, your account will be closed and the information retained for 6 years from that point.
Microsoft and QMUL comply with all applicable data protection legislation.
For further information, including on your rights, please see https://www.qmul.ac.uk/privacy/ and/or contact the Data Protection Officer