Data Protection - Introduction
UK GDPR and the Data Protection Act (2018) set out the UK's legislative framework for managing personal data. This includes student records, staff files and personally identifiable research data.
Together, these legislation set out the standards for data management and provides a right of access by data subjects to the information that the university holds about them. The university's Data Protection Policy provides additional detail about how personal data is handled.
The university has a Data Protection Procedure which should be read alongside the Data Protection Policy. It covers the steps we will take to implement the Data Protection Policy, the lawful bases under relevant data protection legislation that we will rely upon to process personal data, and the data protection principles.
Please see the Governance Zone to find related policies including the College's policy regarding the use of CCTV and the King's IT policy framework.
King's is a registered data controller under UK GDPR. The registration number is: Z7915194.
The Information Commissioner's Office is the supervisory body for the UK in relation to Information Rights. Further information regarding UK GDPR can be found on the ICO's website.
Information Compliance manages requests for personal data (and other rights under UK GDPR) and provides guidance and support to staff and students to ensure compliance with the Act. To access data that King's holds about you, please see our page on requesting personal data.
The College's policy regarding the use of CCTV is available on Governance Zone.
Further guidance for students and staff, including information about Data Protection training can be on the internal webpages.