The Data Protection Act 1998 governs, through a set of principles, the collection, processing and disposal of data held about individuals and the rights of individuals to access this data. 

Anglia Ruskin University is legally obliged to adhere to the eight principles of the Data Protection Act 1998 in the handling of data.  These are summarised below:-

1. Personal data must be processed fairly and lawfully.
2. Personal data must be obtained only for specified and limited purposes and should not be processed further for incompatible purposes.
3. Personal data should be adequate, relevant and not excessive in relation to the purposes for which they were processed.
4. Personal data should be accurate and, where necessary, kept up to date.
5. Personal data should not be held longer than necessary.
6. Personal data should be processed in accordance with the rights of individuals (data subjects).
7. Appropriate technical and organisational measures should be taken against unauthorised processing of, loss of, or damage to, personal data. 
8. Personal data should not be transferred to countries outside the EEA which lack adequate protection for data subjects’ rights. 

All staff and students of Anglia Ruskin University must comply with these principles when handling data.  Outside agencies handling data on our behalf must also comply.  Please refer to our Data Protection Policy for more information. 

All data held in relevant and structured filing systems are covered, both in electronic and manual formats. 

Compliance with the Data Protection Act 1998 is co-ordinated by Jackie Barlow - the University Records Manager. On these pages, you will find guidance on how to ensure compliance with data protection law.

Go to right hand side links go to local menu Go to main menu

Our Data Protection Policy was approved in April 2010 by the Information Management Advisory Group (IMAG) and by CMT. To access the policy please click here.

Our Telephone Protocol for the Disclosure of Personal Data statement was approved in April 2010 by the Information Management Advisory Group (IMAG) and by CMT. To access the policy please click here.