Data Protection Policy

Loughborough University is committed to supporting the data protection rights of its data subjects, including, but not limited to, students, staff, alumni and other stakeholders, as well as potential students and staff, and former employees.

For information about how we use personal data, see our privacy notices.

The University needs to collect, manage, and use personal data about its present, former, and potential members and stakeholders in order to support and provide education, employment, research and innovation, and meet our legal and regulatory obligations to sector bodies and government.

The Data Protection Policy sets out how personal data will be managed by the University, and its responsibilities in ensuring it complies fully with the provisions of the General Data Protection Act (GDPR) and the Data Protection Act (DPA) 2018.  To comply with the law, personal information must be collected and used fairly, stored safely, and not disclosed unlawfully. 

All Loughborough University staff have a responsibility to protect personal identifiable data and respect the data protection rights of all data subjects. 

The University takes its obligations under the UK GDPR (2018), the Data Protection Act (2018), and the Privacy and Electronic Communications Regulations (PECR) very seriously. There is a procedure for handling complaints from individuals or by third parties about the University's use and processing of personal data.