skip to content

The General Data Protection Regulation came into force on 25 May 2018. Its purpose is to limit and safeguard the storage and use of personal data (ie information about living, identifiable persons). Obligations include holding and using data in a secure manner, making sure that data is handled in line with what individuals have been told, having appropriate arrangements in place for the access to (and sharing of) data, having suitable processes in place for dealing with data protection breaches, and making sure that data is accurate and retained for a suitable period.

Our data protection policies, data protection statements, and data retention schedule are all available to view on our website.

If you have any queries, please contact the College Data Protection Lead (

Data Protection Policies

Data Protection Statements

Data Retention Schedule

Data sharing protocol between the University, Colleges, and Cambridge in America