Privacy notice - clearing enquirers

The University obtains personal data about you from a variety of sources. This includes information:

• provided to us by third parties, such as UCAS;
• collected at University of York Clearing Open Days (campus based or online) or campus tours;
• collected through University of York clearing alerts forms;
• collected through any correspondence with you during the clearing process including email, telephone, online chat and in some cases social media platforms. 

Personal data including:

• your name,  address and contact details (including email address and telephone number), date of birth, gender and UCAS Personal ID;
• details of your qualifications, skills, experience and educational history; 
• information about your entitlement to study in the UK, if applicable;
• If applicable, previous immigration history, including copies of previous UK visas. Please note we may also ask you to provide evidence of withdrawal from a previous UK University (if applicable) in order to conduct UKVI time limit checks;
• proof of identity documents, if applicable.

If you choose to refer yourself to the University of York via UCAS then Special category data will be requested for regulated professional programmes e.g. Medicine, Social Work, Nursing. This includes information about disability, health, ethnicity and racial origin. 

The University processes data from clearing enquirers to manage the clearing process, assess and confirm their potential suitability for a program of study and decide whom to offer a program of study. 

Typically, personal data will be processed on the following grounds:

• because you have given us your consent 
• contractual requirement or to take steps to enter into a contract with you;
• to allow us to comply with our legal obligations;
• our public task as laid out in our Charter;
• because it is necessary for our or a third party’s legitimate interests e.g., for purposes of maintaining IT network security, for system testing, implementing anti-fraud measures or for marketing activities.  

The following conditions for processing special category data may also apply: 

• because you have given us your explicit consent;
• for the management of legal claims; 
• recognised areas of substantial public interest: 
• monitoring equality and diversity. 

The University processes data for the following purposes:

• to operate Clearing admissions, recruitment, and selection processes;
• to enable effective communication with you as a Clearing enquirer; 
• to tell you about the University, the city and the experience of studying here and to make you aware of relevant upcoming events;
• to ensure effective general recruitment and admissions administration, including the analysis of applicant numbers and trends to improve our administrative and recruitment processes;
• to maintain and promote equality and diversity;
• to respond to and defend against legal and insurance claims;
• to form the basis of a student record, should you be offered a place of study at the University;
• if you enrol as a student with us via clearing, we may contact you regarding surveys/assistance regarding your experience with considering the University of York, the clearing process and your decision to choose the University of York.

The University may share your data with:

• employees and agents of the University including academic departments and the accommodation team;
• third parties that process data on behalf of the University to support its activities (e.g. software and system providers). This includes QS Enrolment Solutions (QSES) who provide support to clearing enquirers.

The University maintains a high standard of information security. Access to information and systems for all users are restricted on a need-to-know basis, and security arrangements are reviewed to ensure their continued suitability. For further information see, our IT security webpages.  

In certain cases, your personal data will be transferred outside the UK. For these transfers, the University will always comply with UK GDPR obligations and use necessary safeguards to protect your data.

The University will only keep your data as long as necessary to meet legal requirements or satisfy a defined business need. Specific retention timeframes are set out in the University’s Records Retention Schedule.

Under the UK GDPR, you have a right of access to your data, a right to rectification, erasure (in certain circumstances), restriction of processing, objection or portability (in certain circumstances). You also have a right to withdraw consent, and rights relating to automated decision making. For more information see Individuals’ Rights.

If you have any queries about this privacy notice or about how your data is being processed, please contact the University’s Information Governance Team at dataprotection@york.ac.uk.

If you wish to make a data protection complaint, please contact the University’s Data Protection Officer at dataprotection@york.ac.uk.

If you are unhappy with the way in which the University has handled your personal data, you also have a right to complain to the Information Commissioner’s Office (ICO).

This Privacy Notice is kept under regular review. It was last reviewed and updated on 22 May 2026.