SOAS University of London

Data Protection at SOAS

The legal regimes which govern personal data in the UK are the General Data Protection Regulation and the Data Protection Act 2018. These laws together give you a right of access to the data which organizations hold about you, and specifies how that data can be gathered, used and disseminated. SOAS is committed to protecting the rights of individuals under data protection law.

Using Personal Data in Research: Code of Practice for SOAS Staff and Students
Guidance on how to conduct research involving living individuals in a way which complies with data protection law and SOAS's Research Ethics Policy.

Requesting Access to Personal Data
Explains how to request access to any personal data which SOAS holds about you, including the form which you can use when submitting an access request.

Data Protection Policy
SOAS's Data Protection Policy is binding on all staff and students, and specifies the steps which SOAS is taking to conform to the requirements of data protection law.

Student Privacy Notice
The statement explains what data SOAS collects about students, who receives the data, how and why SOAS uses the information, and students' rights in relation to their data.

Staff Privacy Notice

The notice explains what data SOAS collects about staff, including contractors, consultants and agency workers, how we use the data, who we share it with, and what rights staff have in relation to their personal data.

HESA Student and Staff Data Collection Notices
The notices explain why SOAS has to supply certain data on students and staff to the Higher Education Statistics Agency (HESA), and what HESA does with the data.

Development and Alumni Privacy Statement

SOAS's Alumni, Donors and Supporters Privacy Statement sets out how and why personal data from these data subjects is collected, used and stored, what type of data is collected and from whom, who personal data is shared with, and informs alumni, donors and supporters of their rights under data protection law.

Guidelines for the Disclosure of Personal Data to Law Enforcement Agencies
Guidance for SOAS staff on how to respond to requests for personal data from the police and other agencies with law enforcement powers.

Responding to a Data Breach

Guidelines on the steps to take if you become aware of a data breach in your area.

Data Protection Impact Assessments

Essentially a risk assessment. Guidance and a template for staff initiating new projects, services or procuring systems which involve large-scale processing of personal or sensitive personal data, profiling, new technologies etc.

Freedom of Information and Data Protection: Guidance for Committee Servicing
Explains the implications of the Freedom of Information Act and data protection law to committee secretaries and chairs, including what should go on open and reserved agendas.

Publication of Staff Details
Explains what information SOAS routinely makes available about its staff, and how staff can opt out.

Further information about your rights under data protection law is available on the website of the Information Commissioner.