Further information about subject access requests can be obtained from the Information Commissioner's Office.
The University is obliged to comply with the eight principles of the Data Protection Act for handling personal data as follows:
- Personal data shall be processed fairly and lawfully.
- Personal data shall be processed for one or more specified and lawful purpose.
- Personal data shall be adequate, relevant and not excessive to the purpose of processing.
- Personal data shall be accurate and up-to-date.
- Personal data shall not be kept longer than is necessary.
- Personal data shall be processed in accordance with the individual's rights under the Act.
- Appropriate measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss, destruction or damage.
- Personal data shall not be transferred to a country outside the EEA without adequate protection for the rights and freedoms of data subjects.
Staff can find details of how the University handles their data in the terms and conditions of employment provided with their contract. For students, the details are in the student handbook in the Personal Information and Data Protection section.
Making a subject access request:
You can request a copy of information the University holds about you as follows:
1. To make an inquiry please email: email@example.com
2. Send a written request to:
Freedom of Information and Data Protection Specialist, Plymouth University, 16 Portland Villas, Drake Circus, Plymouth, PL4 8AA.
Please provide your name, date of birth and, if applicable, student number and enclose evidence of your identity and a cheque for £10 to cover the fee.
Once we've received all the relevant pieces of information the University has 40 calendar days to respond.