Data Protection

The University processes large volumes of personal data in relation to its students, alumni and staff. It also processes personal data of participants in research projects.  

This information is defined as personal data in the General Data Protection Regulation EU2016/679 (GDPR) and Data Protection Act 2018. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully.

Any action carried out which relates to personal information is known as processing. The University is the Data Controller for the personal information it processes. We process this information for a variety of reasons in order to carry out our academic, employer and other administrative functions and to meet our legal obligations to funding bodies and government. 

Information and advice on University-related data protection matters can be obtained from Victoria Heath, Data Protection Manager via