The University of Oxford handles a large amount of your personal data, and we take data privacy very seriously.
We work continuously to ensure our policies and processes are up-to-date.
The introduction of the General Data Protection Regulation (GDPR) in May 2018 provides the University with an opportunity to further strengthen the way we protect student’s data and ensure that privacy is central to what we do.
Many GDPR principles are similar to the current Data Protection Act. The GDPR includes new and strengthened requirements for how we protect people’s data.
What it's about in a nutshell
- Being open with people about how we use their information
- Not keeping their information longer than necessary
- Making sure it is accurate
- Making sure that it is safe
- Knowing what we’ve got and what we can do with it (e.g. sharing)
- Recognising a breach and knowing what to do
Further detailed policy documentation can be found via the University’s data protection website which covers:
- Who is using your personal data
- Types of data we hold about you
- How the University obtains and uses your data
- Special category data and criminal conviction data
- Data sharing with third parties
- Transfer of your data outside of the European Economic Area (EEA)
- Data security
- Your rights
Keeping the data up-to-date
The University has a responsibility to ensure that the personal data which we process is accurate and up-to-date. Please help us to do this by ensuring that your personal details are kept up-to-date.
Publicly accessible information
Your webmail address will be included in the online University contact search. Requests to have your email address omitted from the online contact search should be addressed to your Telecommunications Co-ordinator (normally your Departmental Administrator or College Office).
Information about your educational achievements may be published in University/college publications for example the Oxford University Gazette from time to time.
You should be aware that many countries outside the European Economic Area do not have data protection legislation, or have different data protection or privacy regimes, and so may not always protect your personal data to the same standard.
Development and Alumni Relations System
Once you have been registered on your course your details will also be added to the Development and Alumni Relations System (DARS). For full details on the way in which the data is held and used in DARS, please see the DARS Data Protection Statement or email the Development Office to request a paper copy.
Subject access requests
The Data Protection Act 1998 gives you the right of access to your personal data subject to certain exemptions. If you wish to seek access under the Data Protection Act to information held about you by the University or have any queries about the University’s use of your data, you should contact the University’s Data Protection Officer.