Thank you for submitting your feedback
In this policy, whenever you see the words ‘we’, ‘us’, ‘our’, ‘PHES’, it refers to Professional HE Services Limited, a company limited by guarantee registered in England 08080702.
PHES is an umbrella company for membership organisations in Higher Education. Currently PHES is the corporate “parent” of seven Special Interest Organisations (SIOs); the Association of University Directors of Estates (AUDE), Association of University Legal Practitioners (AULP), the British Universities Finance Directors Group (BUFDG), College & University Business Officers (CUBO), Council of Higher Education Internal Auditors (CHEIA), the Higher Education Strategic Planners Association (HESPA) and Universities Human Resources (UHR). BUFDG also includes the Higher Education Procurement Association (HEPA), although HEPA is not an SIO of the company.
What we need
We collect your name, job title, institution, contact details, photo and other profile related data if you are a member or customer. If you are booking onto an event, we may ask you for any special dietary or access requirements.
From November 2022, we will be collecting optional EDI data from our members, to optimise our service delivery, to tailor our CPD offering and to adapt our services where we notice a group being underrepresented or disadvantaged.
Why we need it
We will collect and process your personal information for a range of purposes, including the following:
What we will not do:
If you choose to withhold requested information, we may not be able to provide you with certain services.
We will also hold information about you so that we can respect your preferences for being contacted by us.
We may combine data from our database, your interest areas (that you have told us about) and your browsing habits to the make our communications relevant to you.
You can of course change your contact preferences by visiting the MY PROFILE page on this site.
Any special dietary or access requirements are only used to provide you with the best experience at an event or meeting.
When do we collect your personal data?
We collect your personal information in a number of ways:
Under the new data protection law starting in May 2018 we have a number of lawful reasons that we can process your personal information. One of those lawful bases is Legitimate Interests, which means:
‘we can process your personal information if we have a genuine and legitimate reason and we are not harming any of your rights and interests’
This means when you provide your personal details to us, we use your information for our legitimate business interests to carry out our work supporting our members and the HE sector. Before doing this, though, we will also carefully consider and balance any potential impact on you and your rights.
Sometimes, with your consent, we will process your personal data to provide you with information about our work or our activities that you have requested or are expecting. You can control your interests and preferences from the MYSITE section of this website.
On other occasions, we may process personal data when we need to do this to fulfil a contract (for example, if you have booked a ticket from our website) or where we are required to do this by law or other regulations.
Information system and data security is extremely important to us, to ensure that we are keeping our members, customers and employees safe. We will treat your data with the utmost care and take all appropriate steps to protect it.
By using strong encryption when your information is stored or in transit we minimise the risk of unauthorised access or disclosure; when entering information on our website, you can check this by right clicking on the padlock icon in the address bar.
We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff.
Our staff complete mandatory data protection training on employment and annually thereafter to reinforce responsibilities and requirements set out in our information security policies.
The EDI data will be stored in our central database, and only accessed by PHES staff through a small number of anonymised reports.
We sometimes use external companies to collect or process personal data on our behalf. We do comprehensive checks on these companies before we work with them and put an agreement in place that sets out our expectations and requirements, especially regarding how they manage the personal data they have collected or have access to.
Some of our suppliers run their operations outside the European Economic Area (EEA). Although they may not be subject to same data protection laws as companies based in the UK, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law. By submitting your personal information to us you agree to this transfer, storing or processing at a location outside the EEA.
We may need to disclose your details if required to the police, regulatory bodies or legal advisors.
We will only ever share your data in other circumstances if we have your explicit and informed consent.
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
If decide you no longer wish to be a member, we will keep some basic information in order to avoid sending you unwanted materials in the future and to ensure that we don’t accidentally duplicate information.
We will update your personal data such as job title, institution and contact details when you tell us they have changed, when we receive an automated email from you or when we find out from another source.
Where we use an external service provider to act on our behalf, we will disclose only the personal information necessary to deliver the service and will have an agreement in place that requires the provider to comply with our data protection and information security requirements.
We do not sell or share your personal information for other organisations to use.
PHES uses external Payment Card Industry (PCI) compliant providers to collect this data on our behalf. We do not store PCI data on our own systems.
A new data protection law, starting in May 2018, gives everyone a number of very important rights. These are:
If you would like to know more about your rights under the data protection law, see the Information Commissioners Office website.
Remember, you can change the way you hear from us by using our MYSITE pages on this website.
Professional HE Services Ltd
3 Holywell Drive
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
This policy was last updated on 19th November 2022.
When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience.
Because we respect your right to privacy, you can choose not to allow some types of cookies. Look at the cookies we use below to help you make an informed decision. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.
You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information
Microsoft - ASP.NET_SessionId – keeps you logged in for a set period of time, so that you don’t have to keep logging in
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.
All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance
Please Wait. Loading...