My uca.ac.uk

Open Days

Contact

This section:
This section:
This section:
This section:
This section:
This section:
UCA

Data Protection Policies

The University for the Creative Arts takes its obligations with regard to data protection seriously. As such, we are providing you with the following Data Protection Notices so that you have information about how we collect and use your Personal Data in accordance with applicable data protection law, including, the General Data Protection Regulation 2016/679 (“GDPR”).

Data Protection Policy

The University for the Creative Arts Data Protection Policy.

Download data protection policy

Data Retention Policy

The Data retention policy aims to ensure that records are managed consistently across all departments and Schools, are retained for as long as necessary to meet business needs and to demonstrate compliance with legal, audit and regulatory requirements.

View Data Retention Policy

Marketing Privacy Notices

Privacy Notices that explain our data usage for the Marketing, Student Recruitment & Engagement department.

View marketing privacy notices

Accommodation Privacy Notices

View information about the data we collect, how it is used and when it might be shared during your time as a student with us.

View accommodation privacy notices

Alumni Privacy Notice

For individuals who have graduated from the University for the Creative Arts view information about the data we collect, how it is used and when it might be shared during your time as a student with us.

View alumni privacy notice

Applicant Privacy Notice

View information about the data we collect, how it is used and when it might be shared during the application process.

Download applicant privacy notice

Student Privacy Notice

View information about the data we collect, how it is used and when it might be shared while you are a student with us.

Download student privacy notice

Staff Privacy Notice

View information about the data we collect, how it is used and when it might be shared whilst you work with us.

Download staff privacy notice

Data Subject Access Request Guidance

Internal guidance for UCA staff to respond to a Data Subject Access request (DSAR).

Download DSAR guidance

Data Processing Agreement

A Data Processing Agreement is a legal document between the controller and the processor in writing or electronic form. It regulates aspects of data processing such as scope and purpose and the relationship between controller and processor.

View third party data processor agreement

Data Audit Template

The Data Audit template enables the University to identify where personal data is collected, who collects it, why it is collected and how it is stored and processed across the whole institution.

Download data audit template

Privacy Impact Assessment and Guidance

A Privacy Impact Assessment (PIA) is a process which helps to identify and mitigate potential risks to privacy and compliance with data protection law when processing personal data.

Download the Privacy Impact Assessment Guidance

Download the Privacy Impact Assessment Form

Report a Breach

The process to follow if you need to report a data breach and form to complete.

Download how to report a breach

Download the form for reporting a breach

CCTV policy

To ensure the CCTV system is operated in compliance with the law relating to data protection and to ensure compliance with privacy law.

Download CCTV policy