Privacy

The General Data Protection Regulation (GDPR) protects the rights of individuals by setting out certain rules as to what organisations can and cannot do with information about people. A key element to this is the principle to process individuals’ data lawfully and fairly. In order to meet the fairness part of this we need to provide information on how we process personal data.

The University takes its obligations under the GDPR very seriously and will always ensure personal data is collected, handled, stored and shared in a secure manner.

The following statements will outline what personal data we collect, how we use it and who we share it with. It will also provide guidance on your individual rights and how to make a complaint to the Information Commissioner’s Office (ICO), the regulator for data protection in the UK.

Appropriate Policy Document

Data Protection Policy

Data Privacy Impact Assessment (DPIA) Policy

General Privacy Notice Policy

Lawful Basis of Processing Student Personal Data

Middlesex University Group Privacy Notice & MU Services Limited Privacy Notice for Staff

Privacy Notice for Research Participants

Rights to Erasure Policy

Statement of Tasks in the Public Interest

Subject Access Request Policy

If you have a concern or complaint about the way your personal data has been handled by the University, please contact us on dpaofficer@mdx.ac.uk explaining the nature of your concerns. We will acknowledge your correspondence as soon as possible and respond without undue delay.