Queen Margaret University is committed to protecting the rights and freedoms of individuals with respect to the processing of their personal data. Such processing is undertaken in compliance with:

  • The EU-General Data Protection Regulation (GDPR) and Data Protection Act 2018 (the Act), which together are referred to as the "Data Protection Legislation" within this section
  • associated legislation
  • the University's notification with the UK Information Commissioner, which sets out the purposes for which the University holds and processes personal data about employees, students, graduates and others.

The General Data Protection Regulations (GDPR) came into force on 25 May 2018, and regulates how organisations deal with "personal data". Personal data is information that relates to an identified or identifiable individual. What identifies an individual could be as simple as a name or a number or could include other identifiers such as an IP address or a cookie identifier, or other factors. The full text of the Regulations is available from the UK Information Commissioner’s website:

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr

Compliance with Data Protection Legislation in the UK is overseen by the UK Information Commissioner. The University must tell the Commissioner about all the purposes for which it processes personal data. This is called notification and all the purposes are maintained in a searchable register by the Commissioner. The University is registered with the Information Commissioner’s Office. Our Registration Number is Z6013920.

Queen Margaret University needs to keep certain personal data, for example about its staff and students, to fulfil its purpose and to meet its legal obligations to funding bodies and government.  We are a public authority under the Freedom of Information Act 2000 and a Scottish public authority under the Freedom of Information (Scotland) Act 2002. Personal Information that we collect and hold is used by us for our statutory and/or public functions. Where we collect or share data it is on the basis that it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us as the Data Controller (See GDPR Article 6(1)(e)) and for statistical and research purposes (See GDPR Article 89). Processing of Special Categories of data is necessary for statistical and research purposes in accordance with Article 89(1) based on the duties in the Equality Act 2010 (See GDPR Article 9(2)(j)).

All users of personal data at Queen Margaret University are required to comply with the Data Protection Legislation, the University’s Data Protection Policy, and Data Protection Guidelines.

QMU Data Protection Policy Word Format

QMU Data Protection Guidelines Word Format

Contact:

All enquiries relating to the University’s Data Protection compliance should be directed to Lorraine Kerr, Legal Adviser and Data Protection Officer: lkerr2@qmu.ac.uk

 

FOI Requests and Data Protection

Show Contacts

FOI Requests and Data Protection

Irene Hynd University Secretary
0131 474 0000