Find out more about enrolment.

Personal data protection policy

Data Protection Legislation sets out guidance on how organisations manage personal data. It is a requirement by law that the organisation managing personal data is registered with the Information Commissioner. This is achieved through a notification statement and can be viewed online at the Information Commissioner's website.

Secondly, every organisation that manages personal information is legally bound by the principles of the UK General Data Protection Regulation (GDPR). Further information regarding the University of Westminster's processing of personal data can be found in our Data Protection Policy and via our published privacy notices.

Download our Personal Data Protection Policy:

Data protection principles

At the University those who process personal data or special category personal data must comply with the principles of data protection legislation. These can be briefly summarised as:

Personal data shall be:

  1. processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’)
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’)
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’)
  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’)
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’)
  6. the controller (the University) shall be responsible for, and be able to demonstrate compliance with, the above statements (‘accountability’).

The University will adhere to these core principles.

Data Protection Act complaints

If you have any complaints about the way we are handling your personal data then please let us know. Please contact the Information Compliance Manager at the address below.

Information Compliance Team
University of Westminster
Third floor
32-38 Wells Street
London W1T 3UW

E: [email protected]

If you have followed our complaints procedure and are unhappy with the outcome, you have the right to appeal to the Information Commissioner.

Contact the Information Commissioner at the address below or report your concerns online at the Information Commissioner's Office website.

Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Related Pages

Our vision, mission and values

Our University is a place where discoveries are made, barriers are broken, diversity is celebrated and where everyone is welcome.

Read moreGo to Our vision, mission and values page

Annual reporting

Our key annual reports including Financial Statements, Key Performance Indicator Reports and Equality, Diversity and Inclusion Reports.

Read moreGo to Annual reporting page

Term dates

Our university calendar lists the important dates you need to know about each year.

Read moreGo to Term dates page