All University web hosted services will be at risk of downtime every Tuesday between 7am to 9am.
Close
The following page is a web version of the current University of Sunderland Data Protection Policy
The full principles of data processing from the GDPR can be found in Appendix 1.
Personal Data means any information relating to an identified or identifiable natural living person (‘data subject’); an identifiable natural personal is one who can be identified, directly or indirectly, in particular by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means.
Data controller means any individual or organisation which either alone or jointly, determines the purposes and means of the processing of personal data.
Data Processor means any individual or organisation which processes personal data on behalf of a controller
Personal data breach means a breach of security or process leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Coming soon, processes and procedures to support the University of Sunderland Data Protection Policy.
Data Protection Policy
Version 1.0 – Written January 2018
Review Due – January 2020
Author – Information Governance Manager and Data Protection Officer
There are 6 processing principles in the GDPR, in full they are:
Personal data shall be:
Point (f) shall not apply to processing carried out by public authorities in performance of their tasks.
1. Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation shall be prohibited, unless one of the following applies:
2. Personal data referred to in paragraph 1 may be processed for the purposes referred to in point (h) when those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another personal also subject to an obligation of secrecy under Union or Member State law or rule established by national competent bodies.