Data Protection & GDPR (UK and EU)

What is the General Data Protection Regulation (GDPR)?

The GDPR superseded national laws including the UK Data Protection Act, unifying data protection and easing the flow of personal data across the 28 EU member states. From the 25 May 2018 all organisations that process the personally identifiable information of EU residents are required to abide by a number of provisions or face significant penalties. From 1 January 2021 the UK GDPR were introduced.

Why is it important to Oxford Brookes?

As a public body the new UK GDPR will increase the obligations of Oxford Brookes University under the current Data Protection Act and will introduce substantial penalties for violations of the regulation, including fines for administrative errors such as incorrect recording and reporting.

Key points of the UK Data Protection law that are relevant to Oxford Brookes University:

Please note that the Information Security Management team is currently producing comprehensive guidance on each of the themes below.

Contact us

Information Security Office

Oxford Brookes University
Headington Campus
Gipsy Lane
Oxford OX3 0BP

+ 44 (0) 1865 484354

Useful UK GDPR Resources