Data protection policy
We fully understand our obligations to ensure that personal information is treated fairly, lawfully and correctly, and we are committed to achieving compliance with the laws of the Data Protection Act (DPA) 1998.
You may need to download additional plug-ins to open this file.
The objectives of this policy are to ensure that:
- proper procedures are in place for the processing and management of personal data
- there is someone within the organisation who has specific responsibility and knowledge about data protection compliance
- a better and supportive environment and culture of best practice processing of personal data is provided for staff
- all staff understand their responsibilities when processing personal data, and that methods of handling that information are clearly understood
- individuals wishing to submit a Subject Access Request are fully aware of how to do this and who to contact
- Subject Access Requests are dealt with promptly and courteously
- individuals are assured that their personal data is processed in accordance with the data protection principles, that their data is secure at all times and safe from unauthorised access, alteration, use or loss
- other organisations with whom BBSRC data needs to be shared or transferred, meet compliance requirements
- any new systems being implemented are assessed on whether they will hold personal data, whether the system presents any risks, damage or impact to individuals' data and that it meets this policy