Privacy Notice

The University is required to inform you how personal data collected by you will be used and to provide other information, including details of with whom personal data may be shared and your rights.

The identity and the contact details of the controller

University of St Andrews, College Gate, North Street, St Andrews, KY16 9AJ, Fife, Scotland, UK. The University is a charity registered in Scotland, No SC013532.

The contact details of the University Data Protection Officer

Mr Christopher Milne, Head of Information Assurance and Governance, University of St Andrews, Butts Wynd, North Street, St Andrews, KY16 9AJ, Fife. Email [email protected]

The purposes for which the University will make use of your personal data

Then University will use your personal data to provide you with the services and facilities which you have booked/requested of us.  This includes:

Managing your stay with us.

Name and contact details that were provided when an arrangement stay with us was made.

Guest registration

All guests, aged over 16 years of age will be required to complete a registration card with their name and nationality. Guests who are not citizens of the: Commonwealth; Territories protected by the Crown or the Republic of Ireland, will be required to provide additional details i.e. the number and place of issue of their passport, certificate of registration or other document establishing identity and nationality; and details of their next destination if it is known.

The University is required to record and retain those details by law, and to make those details available to the relevant authorities for inspection, which will normally include the Police.

Invoicing/bill payment

Your name, contact and bank details will be used to process payments for services provided by the University. The University will pass credit/debit card details to a third party payment provider, who will process payments.

The legal bases for processing personal data

Who personal data may be shared with

Disclosure to for the purposes of    Details
University staff and or agents/suppliers of the University; to prepare for and manage your stay at the University.    Booking details.
Payment processor    Bank/credit card details.
Law enforcement agencies; inspection of guest registrations.    Guest registration details.


The period for which personal data will be stored, or if that is not possible, the criteria used to determine that period

The University will retain customer/booking data for a period of 6 years, after which time records will be destroyed.

Guest registration cards will be destroyed 12 months after the period of residency has ended.

Rights available to individuals

European and UK data protection legislation provides individuals with a number of rights regarding the management of their personal data, in relation to guests making use of University accommodation your rights are:

These rights have to be met by the University and any other organisation that takes decisions about how or why your personal data is used. Details on how to access those rights are available from the University website, or you can contact [email protected]

Where the University asks for your consent to make use of personal data

The University may ask you for your permission to be contacted in the future, via any contact details you have provided to:

Consent is optional.  Individuals are under no compulsion to provide their consent, and where consent is provided, you will have the right to withdraw consent at any time, from which point the University’s use of your personal data will stop.

The right to lodge a complaint with a supervisory authority

If you believe that the University has not made use of your personal data, in line with the requirements of the law, you have the right to raise this with the regulator i.e. the UK Information Commissioner Office’s (“the ICO”).

Details on how to contact the ICO are available online, at:

Contractual requirement to provide personal data and the consequence where no personal data are provided

In order to secure accommodation from the University, you must provide details about you and fellow guests in order to secure facilities.

Revision of the Privacy Notice

This Privacy Notice will be reviewed at regular intervals. Any significant change to relevant legislation, University policy or procedures primarily concerned with the protection of personal data may trigger an earlier review.


This Privacy Notice will be published on the University website; a summary of this notice will have been provided when individual’s make accommodation bookings. Copies will also be available from the University on request.

Should a copy of this Privacy Notice be required in another form, including orally i.e. an audio recording, please contact [email protected].