The Data Protection Act (DPA) 1998 aims to ensure personal privacy, through giving individuals rights to information held about them, and by placing responsibility onto the organisations who process this information.

The DPA regulates how information about living individuals may be collected, used, retained and disclosed by the university. The Information Commissioner (IC) oversees the DPA, and the university is required to register with the IC Office on an annual basis.

The University of Gloucestershire is obliged to comply with the data protection principles set out in the Act. Under the DPA 1998 all personal data processed by the university is covered, including paper records as well as those held on computer, video, CCTV and other mediums.

The Act entitles individuals to request access to any personal data that the university is holding about them. These requests are known as subject access requests.

Data protection policy
Subject access request form
Staff guidelines for good practice
Data processing consent noticeĀ 2016-2017
Data processing consent noticeĀ 2015-2016

For further information about data protection, please contact the data protection officer:

Please also visit the Information Commissioner's Office for guidance on data protection practice.