Data protection legislation is designed to ensure that personal information is processed appropriately and in accordance with data subject's expectations. These rights have been enshrined in UK law by the Data Protection Act 2018 and the General Data Protection Regulation 2016, which both came into force in May 2018. 

What do I need to do?

If you access, use, or store personal information you need to ensure that you understand your responsibilities under data protection legislation and the GDPR. 

Examples of where you may be processing personal data:

  • your research
  • newsletter/mailing lists
  • seminar and event registration/payment
  • recruitment
  • student support
  • line management

More information

Visit the Faculty's data protection and GDPR Sharepoint site to find out more about the support that's available.

Who can I contact for support?

In the first instance, please email the FoNS Data Protection mailbox at:

The Faculty Data Protection Manager can provide support in the following areas:

  • Privacy Notices
  • Data Protection Impact Assessments
  • Legitimate Interest Impact Assessments
  • Reviewing Data Storage and Transmission Practices
  • Support During Internal or External Audits
  • Information Asset Register Returns
  • Data Protection Training
  • Data Sharing Agreements and Data Processing Agreements
  • Compliance Monitoring in line with Legislative and College Policy Requirements
  • Data Retention
  • Data Breach Reporting