Under Data Protection legislation an individual has the right to access the information that an organisation holds about them. Accessing personal data in this way is known as making a Subject Access Request. (Subject Access Requests are different to requests submitted under FOI legislation, which relate to information about the organisation itself.)
You are entitled:
Your subject access request to the University may be submitted in whatever format you wish, but we have created a standard Subject Access Request Form for your convenience. Using the form will help us to verify your identity and give a timely and accurate response to your request. View a word copy of our Subject Access Request Form.
When we receive your request, we will let you know the statutory deadline by which we will reply. If, on receipt of our response, you consider that the University has not dealt correctly with your request, please refer to our Data Protection Complaints Procedure.
The role of the Data Protection Officer (DPO) is defined in the GDPR. The DPO at Anglia Ruskin University can be contacted via email or post:
Office of the Secretary and Clerk
Anglia Ruskin University
Bishop Hall Lane Chelmsford
The main tasks of the Data Protection Officer are:
The DPO also works closely with the Records Management Team to provide day to day support for staff on data protection and freedom of information matters.
Anglia Ruskin University aims to comply fully with its obligations under the General Data Protection Regulations (GDPR). If you have any questions or concerns regarding Anglia Ruskin University’s management of personal data including your subject rights, please contact the Records Management Team, who are responsible for ensuring Anglia Ruskin University is compliant with the GDPR.
If Anglia Ruskin University holds inaccurate information about you, you should contact the Records Management Team explaining what the problem is and where appropriate provide her with any evidence to show what the information should say. Keep copies of the correspondence. If after a reasonable amount of time (28 days is recommended) the information has not been corrected, you can make a complaint.
If you feel that your questions/concerns have not been dealt with adequately please get in touch with us:
If you remain unhappy with our response or if you need any advice you can contact the Information Commissioner’s Office (ICO).
Please visit their website for information on how to make a data protection complaint.