Data protection: an introduction Data protection: an introduction

On 25 May 2018 the UK's data protection law changed. The Data Protection Act 2018, and the General Data Protection Regulation (GDPR) are now in force. 

The new law gives us responsibilities in the way we handle personal information. It enhances people's rights, and those who gather and use personal data on behalf of UEA must follow the data protection principles.

For information on how we use personal data, see our privacy notices. Your Rights explains how the law helps you to protect your privacy. For further information, see our online training (for UEA staff and students) or come along to a drop-in session.

UEA data protection contacts UEA data protection contacts

If you have questions about data protection at UEA, contact our Information Compliance team at or by telephone on +44 (0)1603 59 2431/1143.

The University's Data Protection Officer is Ellen Paterson. You can reach Ellen using the email address and phone number above (ext.2431).

The University also has a network of data protection contacts, covering all departments and Schools. If you're a member of UEA staff and don't know who your contact is, email

UEA data protection policies UEA data protection policies

The Data Protection Policy sets out how personal data will be managed by the University, and explains responsibilities.

The following University policies also contain statements and requirements on how we process personal data, and include actions for all staff.

Information Classification and Data Management Policy

Conditions of Computer Use

General Information Security Policy

Records Management Policy

GDPR training module GDPR training module

UEA staff and students can access online data protection training. Go to Blackboard and you'll find a link under 'My Organisations'.

All staff must complete this online training (or an approved alternative) each year. Training is monitored and reports shared with managers on a regular basis. 

Find out more Find out more

We offer regular lunchtime Q&A sessions to answer data protection queries from staff or students.

No booking is required, you can drop in any time.

Time: 12-1pm

Location: Registry, Committee Room 3 (CR3)


10 Apr 2019

Let us know if these times don't suit, or if you'd like the team to run a data protection session for your department.