GDPR and Data Protection
ºù«Ӱҵ processes information about individuals, for our own administrative purposes and to comply with our legal obligations. This includes personal data concerning current, prospective and former employees, students, suppliers, research partners and others in order to carry out
ºù«Ӱҵ is committed to protecting the rights and privacy of individuals in accordance with appropriate UK and European legislation. This includes:
- - The GDPR provides some opportunity for national governments within the EU Member States to make certain provisions for how they apply the GDPR. The Data Protection Act 2018 formally repealed the Data Protection Act 1998 and addresses these Member State options of the GDPR.
We detail our processing within our data protection policy (PDF).
ICO Notification
ºù«Ӱҵ has notified the Information Commissioner's Office (ICO) of the purposes for which it processes personal data. This notification is renewed annually and recorded in the . The University's Registration Number is Z681065X
The University must ensure that its notification remains up-to-date. Any member of staff who wishes to carry out processing additional to the current notification must contact dataprotection@sheffield.ac.uk prior to doing so.
Additional processing includes:
- Processing personal data for an additional purpose
- Collecting an additional class of data
- Collecting personal data from an additional class of data subject
- Disclosing personal data to a new recipient