Data Protection
Canterbury Christ Church University holds and processes information in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
You can read more about the approach the University takes to protecting personal data in our Data Protection Policy.
Personal data is information about a living, identifiable individual.
Individuals have rights related to the information the University holds about them, including the right to access their personal data unless an exemption applies.
The University must respond within a month, with a possibility to extend this period for particularly complex requests. You can make a request using the Subject Access Request form.
You can read about the information rights an individual has and the obligations on the University.
If you wish to exercise any of your information rights, you can use our Individual Rights Request Form.
We explain how we use personal data in our Privacy Notices.
We explain the way we process data for students and those who apply for our courses in our Student Privacy Notice.
We explain how we use special category data in our policy statements. There is a policy statement for students and applicants and a policy statement for staff.
All employees and agents processing personal data for and on behalf of the University are responsible for ensuring that any processing of personal data carried out by them complies with the data protection legislation.
This includes using appropriate security measures to protect personal data. This includes the disposing of personal data.
If you are a member of staff, you will find further information on our Intranet in the Data Protection Guidance.
If there is a data breach, we need to know about it immediately.
A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
If you are a student or a member of the public, please send an email to information.governance@canterbury.ac.uk. We ask you to provide your name and address and the details of the breach.
If you are a member of staff, please follow the procedures for reporting a data breach in the Data Protection Guidance.
If you have a complaint about any aspect of data protection at the University, we will seek to resolve the complaint speedily and to this end, you are invited to submit your complaint to the Data Protection Officer, by email to: dp.officer@canterbury.ac.uk
We ask you to provide your name and address and the details of your complaint. You can use our Complaint about Data and Information Handling form to provide the information.
We will deal with your complaint following our Procedures for Complaints Relating to Data and Information Access and Handling.
If we are unable to resolve any complaint, you can complain to the Information Commissioner, the independent body that oversees the GDPR and the Data Protection Act 2018.