• Back to previous menu
• Data Protection
• • Data Protection Impact Assessments
  • Data Protection Officer
  • Data Protection Policy
  • Information Asset Registers
  • Privacy Notice
  • Processing Personal Data
  • Reporting Data Breaches
  • Rights of Individuals
  • Requests for erasure of personal data
  • Transferring personal data outside the UK
  • Glossary
  • Research and Data Protection
  • Data protection training
  • Record of Processing Activities
  • Research Excellence Framework 2021 and data protection
  • Online Teaching and Data Protection
  • Data Protection Guidance for Email Correspondence
  • Disclosure of Personal Data Relating to Students
  • COVID-19 and Personal Data Collection
  • Special category and criminal offence data
  • Surveys and mailing lists

Data Protection Policy

Data protection is about the fair and appropriate use of information relating to identifiable individuals, and it is a crucial part of building trust between people and organisations. 

The University has a duty to comply with the principles and requirements of data protection legislation when processing personal data. Failure to do so could have significant financial, regulatory and reputational impacts for the University.   

The purpose of the Policy is to: 

• Outline the data protection principles and define key terms; 
• Detail the rights of data subjects;   
• Lay out the University’s obligations under data protection legislation; and   
• Make clear the specific responsibilities for compliance within the University.  

Data Protection Policy (last version uploaded May 2022)

Last updated 28 February 2024