is required by law to comply with the Data Protection Act, 1998 (DPA).
The UK’s regulator for the DPA is the Information Commissioner’s
Office. It is the commitment of the university to ensure that every
current employee and registered student complies with this Act to ensure
the confidentiality of any personal data held by UCL, in whatever
medium. This Act came into force on 1 March 2000.
processes the personal data of living individuals such as its staff,
students, contractors, research subjects and customers. To assist you
with this legislation we have developed guidance including the forms for
UCL has a data protection policy as a commitment to the safeguarding of personal data processed by its staff and students, and to ensure compliance with the DPA.
It is the duty of data controllers such as UCL to comply with the data protection principles with respect to personal data. This policy describes how UCL will discharge its duties in order to ensure continuing compliance with the DPA in general and the data protection principles and rights of data subjects in particular.
For more information, updates, and useful links, please visit our Guidance pages.