We use cookies to ensure that we give you the best experience on our website. You can change your cookie settings at any time. Otherwise, we'll assume you're OK to continue.

Information Governance

Data Protection

The Data Protection Act 1998 came into force on 1 March 2000. It concerns privacy and governs the processing of personal data about living individuals in order to protect the rights of those individuals.

For more information please see the ICO's Guide to Data Protection (see link).

On 25 May 2018, Data Protection legislation will change. The new General Data Protection Regulation will come in to force.

For more information please see the ICO's Data Protection Reform webpages (see link).

Within Durham University the Data Protection Officer is the University Secretary and Data Protection is coordinated through the Information Governance Unit. Please use the contact form below to address queries to the Unit.

Access to personal data

To make a Subject Access Request, please see the process outlined in the 'Subject Access Requests' link on the left of this page.

To make a third party request to access to personal data under section 29(3) of the Data Protection Act 1998, please submit your organisation's Section 29(3) form, giving full details of the personal data being requested and the reasons for the request. The form should also be signed by a superior officer in your organisation. Please email the form to