The Data Protection Act 1998 creates a number of rights for individuals with regard to their personal information, and consequently places a number of obligations on the University and its staff, as users of such information. Read more below about key concepts and further information about the Act.
The Act is based on 8 basic principles. To ensure compliance with the Act the University must act in accordance with these principles.
One of the rights you have under the Act is to ask a data controller for access to the information held about you.
Find out more on our page - Accessing your Personal Data
As well as the right to access your personal information the Data Protection Act gives an individual a number of other rights.
As a data controller the University is legally obliged to register with the Information Commissioner's Office.
The University has a number of policies and procedures related to Data Protection. These include the University Data Protection Policy, personal data statements for staff and students, CCTV policy and more.
See our full list of Data Protection-related policies, procedures and guidance.
We have developed a list of FAQs for staff and students to help them find the information they are looking for in relation to Data Protection.
You can find the online Data Protection training module here.
All staff are advised to complete this short training module.
Links mentioned in the module:
This module was developed by Edinburgh Napier University, with funding from the Leadership Foundation for Higher Education, for the Scottish Higher Education sector.