Data Protection Act

Further information

Further information and advice on University-related matters can be obtained from Vicki Heath at

More detailed information can be found on the Information Commissioner website.

General Data Protection Regulation

The University processes large volumes of personal data in relation to its staff and students, to fulfil its purpose and to meet its legal obligations to funding bodies and government.  It also processes personal data of participants in research projects.  To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully.  To do this, the University must comply with the Data Protection Principles which are set out in the General Data Protection Regulation EU2016/679 (GDPR).

You will find the University's Data Protection Policy here which has been updated since May 2018 to reflect the implementation of GDPR.