Data Protection Guidance

During 2018 the law in relation to data protection changed. The implementation of the General Data Protection Regulation (GDPR), and a new Data Protection Act 2018 has changed the way in which Bangor University collects, uses and stores personal information about individuals (personal data). The University has changed its processes in order to take into account these changes, and key policies and procedures have been updated.

The University’s Data Protection Officer is Sarah Riley, Head of Legal Services.

The University’s Data Protection Policy, which explains how the University manages data protection can be found here:

• Data Protection Policy

Our Privacy Notices for Staff and Students, providing more detail on how the University uses personal data, can be found here:

• Staff
• Students
• The Public
• Bangor University Privacy Notice: Asymptomatic Covid-19 Testing
• Council Privacy Notice

Further information detailing how an individual can access their personal data can be found here:

• Making a Subject Access Request

If you suspect there has been a data protection breach, and personal data has been lost, stolen or compromised you must follow the steps outlined in the Procedures as soon as possible:

• Procedures for the Management of a Suspected Data Security Breach

Other complimentary policies which also provide guidance on issues in relation to data protection and security of data are detailed below:

• CCTV Code of Practice
• Computer Recycling and Disposal Policy
• Guidance on the Destruction of Records Containing Confidential Data
• Higher Education Statistics Agency (HESA) Collection Notices for Students and Staff

If you require training on the new Data Protection Act / GDPR please contact Colin Ridyard in the Governance and Compliance Office (mhsa08@bangor.ac.uk).