Data Protection at DMU
De Montfort University (DMU) complies with UK information and privacy laws. The General Data Protection Regulation (GDPR) became law on 25 May 2018.
View our policy on data protection.
The GDPR gives you rights over how your personal information is used:
- The right to be informed - we must tell you how we process your personal information. These details are included in DMU’s Privacy Notices.
- The right of access - you can ask to see what personal information we hold about you. This is called a Subject Access Request (SAR). Find out how to make a SAR.
- The right of rectification - where information about you is inaccurate, you can ask us to correct it.
- The right to erasure – in some circumstances, or where DMU has no compelling reason to retain your personal information, you can request deletion of that information.
- The right to restrict processing – in some circumstances, you can ask us to restrict the processing of your personal data. This right, where it applies, also allows you to ask us to retain your personal information but not to use it.
- The right to data portability – in some circumstances, you can request a copy of your personal data in a machine-readable form, to enable you to transfer it to another organisation for a similar purpose. The right only applies to personal data that you have provided to us.
- Right to object – where there is no legal obligation for DMU to process your data, you can object to us processing your personal information.
- Rights in relation to automated decisions and profiling - where computers make decisions about you, including automated profiling, you have a right to challenge the decision or ask for a human to check an automated decision.
To discuss any of these rights, please contact firstname.lastname@example.org and let us know how we can help.
Key DMU data protection contacts are:
- The Data Protection Officer (DPO) (DPO@dmu.ac.uk) oversees data protection compliance for the university, and handles complaints.
- The Information Governance Team (email@example.com) handles procedures and provides advice for staff.
The Information Commissioner's Office (ICO) is an independent body that upholds information rights in the UK. If you're dissatisfied with how DMU has handled your data, after having raised the matter with the university, you are entitled to complain to the ICO.
Where DMU wishes to send you information that may interest you (for example, activities, events and offers), and you have not already indicated an interest in receiving such information, we will ask for your consent to send you this information.
Where you have indicated an interest in receiving information about a particular subject, we will send you information about closely-related areas. For example, if you request a prospectus, DMU may email you about open days and course opportunities.
From time to time, we will ask you to tell us what marketing information you would like to receive.
You can change your marketing preferences or unsubscribe from all electronic marketing at any time and we will respect your wishes. The rules about electronic marketing fall under the Privacy and Electronic Communications Regulations (PECR). If at any time you would like to opt-out of receiving marketing communications please email your full name to this address.
How we use your data
DMU has published Privacy Notices. There are three main privacy notices - one for students, one for staff and one for the public and third parties.
Public and third party
We place cookies on your device to help make this website better, and improve your experience. You can change your cookie settings at any time.
Reporting data breaches
You can report a data breach by emailing the below information to us:
- Contact details of individual reporting incident
- Nature of Incident
- Date of incident
- How incident was discovered
- The type of information and number of records
- The circumstances of the loss/ release/ corruption