Data protection

The University is responsible for personal data when it is the data controller for that data i.e. where the University determines the purposes for and the manner in which any personal data is to be processed.

A student is only permitted to use personal data for a University related purpose, with the knowledge and express consent of an appropriate member of staff. For research purposes this would normally be a postgraduate supervisor or the person responsible for teaching the relevant undergraduate class or course. For administrative purposes this will be on the express authorisation of the line manager or supervisor of the project on which the student is employed.

For more information consult: Processing of Personal Data by Students

Staff, all Research Postgraduate (PhD) students and some Masters students (supervisors will advise if this applies to your project) will be processing personal data under the auspices of the University for their research projects and therefore need to complete the relevant documents to ensure their intended processing complies with the Legislation.

The Legislation has specific requirements with regards to research and requires researchers to ensure that they provide suitable safeguards to protect the rights and freedoms of individuals whose personal data they are processing. Staff and relevant students engaged in research at the University are therefore obliged to comply with the requirements of the data protection principles, the University’s Code of Practice and any associated guidance, when collecting and processing personal data for research purposes.

In addition to computerised records, these requirements apply to written records held in a structured filing system, including hardcopy documents, paper, microfiche records and video recordings.

For more information consult: Use of Personal Data in Research.

Use of the internet, social media and other externally hosted services

In order to encourage safe, responsible and acceptable use of the internet, Web 2.0 and other externally hosted services (e.g. Facebook, YouTube, Twitter, LinkedIn) guidance has been developed for students on How to be Webwise.

All students are asked at registration to sign up to the University’s Privacy Notice for Students which explains how the University collects, uses, discloses and ultimately disposes of your personal data.

The University also publishes guidance on the student information we are required to disclose to HESA, which is available at the link above.

The University's graduation ceremonies are significant events for our graduates, their guests and our staff. Important information about how we will use student data for graduation purposes is in this Privacy Notice page - please scroll down to the 'Layered Privacy Notice' and select the appropriate Graduation Privacy Notice.