This page provides information about how the University's mobile and web application MyUoB uses your personal data.
It supplements the pages on our website 'Your Privacy: Data Protection - How the University Uses Your Data', Student Privacy Notice, and Staff Privacy Notice.
It is important that the personal information we hold about you is accurate and current. Please keep your personal information updated during your relationship with us.
How does this privacy notice relate to other privacy notices?
In addition to the information set out in the Your Privacy Page, the MyUoB privacy notice contains more detailed information about how we use your personal data when you use the MyUoB student application (a platform called myday provided by Ready Education).
What personal data will be processed?
Student data:
- Your university ID number, username, email address, department, name, and your student type.
- We use groups to manage content for specific users. The following group attributes are synchronised (all are required):
- Name and ID of the group, group members, group status.
- Your timetable and exam timetable (event location, title, time, details (i.e.module), teaching staff, student username) - from Scientia
- Your Canvas modules, plus communications, events, tasks, and due-dates for those modules
- Your events from your Canvas and Outlook calendars.
- Your library books borrowed & overdue.
- Your public IP address and user agent string (including device and dimensions, operating system, and browser - but no user personal data)
Staff data:
- Your university ID number, username, email address, department, and name.
- We use groups to manage content for specific users. The following group attributes are synchronised (all are required):
- Name and ID of the group, group members, group status.
- Your events from your Canvas and Outlook calendars.
- Your teaching sessions as shown in student timetables.
- Your public IP address and user agent string (including device and dimensions, operating system, and browser - but no user personal data)
No special category or criminal offence data will be processed for any user.
What is the purpose of the processing?
Personal Data (including UoB Staff data) is processed by MyUoB in order to provide student users with on-the-go access to core UoB digital services which are personalised to their needs.
Microsoft EntraID (Access Control):
- validate the user in order to administrate system access and troubleshoot
- allow users to authenticate and access the system
- allow other integrations to validate the user in order to provide services and maintain data security (e.g. only providing a given user with their own timetable)
Connections to other systems e.g. Scientia, Canvas, M365, and Alma:
- validate the user in order to provide services and maintain data security (e.g. only providing a given user with their own timetable)
- present user's personalised service information to MyUoB for display
- recognise the user in order to troubleshoot
User Feedback:
- understand user satisfaction with MyUoB and how to improve it
- follow up with users on any complaints or queries raised
- follow up with users who'd like to become part of the MyUoB user group
- understand how users use the platform to make decisions about future development
What is the legal basis of the processing?
We consider the processing of your personal data for these purposes to be necessary for:
- the performance of our contractual obligations with you (e.g. to manage your studies, your student experience and access to IT systems while studying at Birmingham);
- the performance of tasks we carry out in the public interest (e.g. teaching and research);
If we require your consent for any specific use of your personal data, we will collect it at the appropriate time, explaining why we are collecting the data and how we will use it, and you can withdraw this at any time.
We do not use your personal data to carry out any wholly automated decision-making that affects you.
Who will your personal data be shared with?
Within the University, your data is shared with only those University staff who need access for the purpose of supporting you to use MyUoB.
Your personal data is shared with technical employees of our supplier, Ready Education (legal entity: Collabco), to administrate the platform and troubleshoot technical issues. We ensure we have appropriate data sharing agreements in place before sharing your personal data with any other data controllers.
Sometimes, we may have to send your personal data outside the European Economic Area (for example, so you can take part in an exchange visit or so we can to report to an overseas funding provider, or if you are studying at a campus overseas, for example, in Dubai). This is usually necessary to meet our contractual obligations with you, or your contractual obligations with a third party, and we make sure that appropriate safeguards are in place to ensure the confidentiality and security of your personal data.
How long is your data kept?
EntraID (Access Control): A synchronisation of EntraID data into myday/MyUoB occurs every 40 minutes. Data is kept in myday in line with its existence in EntraID. If an account or group is deleted, the data is removed from myday at the next incremental sync. If the UoB myday tenancy is deleted, UoB data is deleted at the same point. As per our current identity policy, user data will be kept in EntraID for one year after a user leaves the university unless it is deleted before that time.
Data from other systems e.g. Scientia, Canvas, M365 Alma: Because MyUoB processes data at the user's 'request' i.e. when they access the service in MyUoB, data is not stored or retained within myday/MyUoB but resides in its source systems under their individual retention policies. If data is removed from the source system, it will not be available in MyUoB.
Your rights in relation to your data
Details about your rights are set out on the website page 'Data Protection - How the University Uses Your Data'. This also explains how to ask any questions you may have about how your personal data is used, exercise any of your rights or complain about the way your data is being handled.
Are changes made to this webpage?
This privacy notice is effective from 1 October 2025 and was last updated on the 30 September 2025. It will be reviewed when necessary and at least annually. Any changes will be published here and you will be notified as appropriate.