Summary: FIN 022 Issued September 2000
Updated February 2009
University of the West of England Data Protection Policy
The University needs to keep certain information about its employees, students and other
users to allow it to monitor for example, performance, achievements, and health and safety. It
is also necessary to process information so that;
Staff can be recruited and paid
Courses may be organised
Legal obligations to funding bodies and government may be complied with.
To comply with the law, information must be collected and used fairly, stored safely and not
disclosed to any other person unlawfully. To do this, the University must comply with the
Data Protection Principles which are set out in the Data Protection Act 1998. In summary
these state that personal data shall:
Be obtained and processed fairly and lawfully and shall not be processed unless
certain conditions are met.
Be obtained for a specified and lawful purpose and shall not be processed in any
manner incompatible with that purpose.