UCL is required by law to comply with data protection legislation. The UK’s regulator for the legislation is the Information Commissioner’s Office. It is the commitment of the university to ensure that every current employee and registered student complies with this Act to ensure the confidentiality of any personal data held by UCL, in whatever medium. This Act came into force on 25 May 2018.
UCL processes the personal data of living individuals such as its staff, students, contractors, research subjects and customers. To assist you with this legislation we have developed guidance including the forms for its administration.
UCL has a data protection policy as a commitment to the safeguarding of personal data processed by its staff and students, and to ensure compliance with the legislation.
It is the duty of data controllers such as UCL to comply with the data protection principles with respect to personal data. This policy describes how UCL will discharge its duties in order to ensure continuing compliance with the Act in general and the data protection principles and rights of data subjects in particular.
For more information, updates, and useful links, please visit our Guidance pages.