As a student at Cardiff, some of your personal data will be stored and processed by the University. This page explains how your information is used, but you can view further information about the University’s registration under the Data Protection Act by searching for Cardiff University on the Register of Data Controllers. The Information Commissioner’s Office also provides useful guidance on data protection matter.
If after reading this page you still have queries then please contact the Data Protection Officer, Governance Compliance Division, Cardiff University, McKenzie House, 30-36 Newport Road, Cardiff, CF24 0DE or e-mail InfoRequest@cf.ac.uk.
The University collects your data, including your photograph, during your application and enrolment in order to:
• organise your studies;
• give access to and ensure the security of University buildings;
• provide student support services (libraries, careers, advice, IT facilities and Students’ Union);
• carry out legal duties, providing information to others (see disclosures section);
• provide other activities within the University business including developing and maintaining our alumni programme;
• conduct equal opportunities monitoring and equality impact assessments.
The University has a code of practice on the use of photographs for identity. This code sets out when and how you can expect your student card to be used to check your identity.
The University will share your relevant personal data with the bodies described below:
|Sponsors (including LEAs and the Student Loans Company) where a contract exists|
|Professional bodies (e.g. General Medical Council, Royal Society of British Architects, Law Society)|
|Cardiff & Vale University Health Board (and other NHS organisations in England and Wales)|
|Work placement sites or educational partners involved in joint course provision|
|The Higher Education Funding Council Wales (HEFCW) and its agents|
|Potential employers or providers of education whom you have approached|
|UK agencies with duties relating to the prevention and detection of crime, collection of a tax or duty or safeguarding national security|
|Plagiarism detection service providers|
Any other disclosures that the University makes will be in accordance with the Data Protection Act and your interests will always be considered.
You have a right to a copy, or to object to the processing of, your personal data held by the University. Any requests or objections should be made in writing to the Data Protection Officer (details at the top of the page) and there will be a £10 fee for copies of your information.
You have a responsibility to keep your personal details up-to-date via SIMS.
During the course of your studies you may have access to personal information about others. You are expected to treat this in a responsible and professional manner and are legally required to do this under the Data Protection Act, as well as any professional ethics or codes of conduct. If you are made aware of personal information in confidence including regarding someone’s mental or physical health then you are expected to not tell anyone without the individual’s consent, unless there are exceptional circumstances. You should also not seek to gain others’ personal data if you are not entitled. Disciplinary action will be considered for any University member who breaches the Data Protection Act or a duty of confidence. Further information about the Act can be found here.
Go back to The Step by Step Enrolment Process