The General Data Protection Regulation (GDPR) changed European data protection legislation and came into effect on 25th May 2018. The Data protection Act 2018 (DPA) was enacted in the UK and was designed to ensure that GDPR remains applicable in the UK post-Brexit. Accordingly, the DPA should be read alongside the GDPR, and they supersede the Data Protection Act 1998.

GDPR and DPA provide increased rights to individuals on:

  1. what data organisations hold
  2. how they process it
  3. how transparent they need to be

They also increase the fines that can be imposed on organisations which fail to:

  • comply with the legislation
  • protect data adequately

SRUC’s Commitment

Protecting the privacy of our customers, students, alumni, faculty and staff, as well as protecting the confidentiality, integrity, and availability of information, is important to our operations and mission.

SRUC is committed to protecting the rights and freedoms of individuals with respect to the processing of their personal data.

The Information Commissioners Office (ICO), is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

You can find more information about GDPR and DPA, through the ​​​​ICO Website.

Further information

Privacy Notice

SRUC is committed to protecting your personal data and your privacy.
Privacy Notice

Subject Access Request (SAR)

Subject Access Request (SAR)

Find out more about SRUC

About SRUC

Strong in our heritage: Ambitious for our future.

Find out more

Our people

We're still working on this portion of our new site - you can visit the Staff A-Z on our previous site.

Find out more

Supporting SRUC

Generosity from our alumni and friends community supports students facing financial difficulty, encourages students to further study, promotes research excellence, and enhances the student experience.

Find out more