Data protection

Data Protection Policy v1.7 (adobe .pdf, 377 kbs)

Data protection in the UK is governed by the Data Protection Act 1998. The Act came into force on 1 March 2000 and is legally binding on any individual who collects or uses personal information about living people. It regulates the obtaining, holding, using, processing and disclosing of information relating to individuals. The Act applies both to manual data and data processed by computers.

The University of St Mark & St John holds and processes information about its employees, applicants, students, alumni, and other individuals who are defined as “data subjects” under the Data Protection Act.   It is necessary for the University to process personal data for a variety of reasons from administering the admissions process and operating payroll, to recording academic progress, monitoring attendance, and enabling references to be provided.

This area of the website enables students, staff and visitors to access information relating to Data Protection. It is divided into the following sub-sections:

A breach of the Data Protection Act could damage the University’s reputation in addition to the Information Commissioner fining the institution up to £500,000 for a serious breach. Please visit the Data Security Breaches page for more information. Any queries with regard to data protection should be directed in the first instance to the Data Protection and Freedom of Information Officer at