Privacy is of key importance to the University and any use of a Learner’s personal data (identifiable information about the Learner) must be done in accordance with data protection legislation. This includes sharing personal data with Employers.
Given that the Graduate Apprenticeship programme is employer-based, the University will provide Employers with information on applications, progress reports and other relevant information regarding Employees/Learners that they are supporting through Graduate Apprenticeship programmes at the University.
Data will only be shared if the Employer is providing protected time within the working week for the Learner to complete their studies.
Personal data to be shared
Standard Reporting:
- Information regarding performance in pre-assessments
- Learner Name
- Attendance at mandatory on-campus activities
- Performance
- Progress in developing work-based learning
Exceptional reporting:
- If the Learner has been unresponsive to direct, personal communication from Strathclyde programme staff for a period of at least 2 weeks of term time when no absence is planned or exceptional circumstance flagged;
- If the Learner has shown insufficient engagement for a period of at least 4 weeks of term time with online learning materials despite concerns being raised with them by Strathclyde programme staff;
- If the Learner has shown insufficient engagement for a period of at least 6 weeks of term time with their Work Based Learning activity despite concerns being raised with them by Strathclyde programme staff.
Additionally, should a Learner have a Senate Disciplinary Case raised against them or be cautioned on inappropriate behaviour as defined by the University’s Dignity and Respect Policy this will also be shared with the Employer.
No special category data will be shared.
Lawful basis
The legal basis for sharing data is:
- Public task or official authority
- Contract
Secure transfer and storage of data
The relevant University department will transfer the data in the most appropriate secure method, adhering to current University policies and procedures. This is likely to depend on the volume and sensitivity of the data. For routine sharing and updates on a low number of individuals this is likely to be shared by email. This should be sent from a University email account to a business email account of the Employer. For high volume data, or more sensitive data, the Department should consider the most appropriate secure transfer method.
The Employer will retain the information in accordance with their own information governance/management and IT security policies. It will be retained by the Employer for as long as is required for its own management purposes. It will be held securely and access will be restricted only to staff who require access as part of their job role. All information will be managed in accordance with data protection legislation.
International transfer
Data is not being shared outside the EEA.
