The General Data Protection Regulation (GDPR) came into force on 25th May 2018, replacing the Data Protection Act 1998. The UK is also subject to a revised Data Protection Act 2018 that will legislate on areas outside of the GDPR and those areas where EU member states are required to implement their own law.
The College creates, gathers, stores and processes large amounts of data on a variety of data subjects such as students, staff and customers. The College takes its responsibility seriously to ensure that data is secure and protected in line with the law.
The following documents explain how the College processes personal data, how it is kept securely and provides guidance to staff.
GDPR Policy - The Policy sets out the responsibilities of the College, its staff and students to comply with the provisions of GDPR.
Privacy Notices – These notices explain for our main groups of data subject, what we do with their personal data, who we share their data with and how we keep it secure.
For information on your rights in relation to your personal information, including how to make a subject access request, see the Data Subject page.