The Data Protection Act (1998) enables individuals to find out what information is held about them by organisations. Organisations that handle personal information must comply with a set of principles to ensure that it is:
- Fairly and lawfully processed
- Processed for limited purposes
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than is necessary
- Processed in line with the individual's rights
- Not transferred to other countries without adequate protection
The Information Commissioner's Office set out our responsibilities and obligations.
If you want to find out what information our University holds about you, please read the guidance notes. They provide details of the type of information that the University holds about you and for what purpose, as well as your rights in relation to that information.