Data Protection and Dumfries and Galloway College ("the College")

The personal information of our students and staff is our core asset. The College must comply with the European Union General Data Protection Regulation (“GDPR”), the UK Data Protection Act 2018 (“DPA 2018”) and other relevant legislation protecting privacy rights.

As part of our work we process and store your personal information.  We take our responsibilities for handling your personal information seriously and ensure it is held, used, transferred and processed in accordance with our obligations under the applicable Data Protection laws. This includes the GDPR, the DPA 2018 and any other law, enactment or regulation relating to the processing, privacy and use of personal data.

Currently, we have privacy notices available for some of our process where we collect personal data. These Privacy Notices explain how we will collect, store, manage and protect your data. They outline the type of data that we hold and tell you how we use it to provide services to you. We aim to be clear when we collect your personal information and will inform you of your rights in relation to data protection.

In line with our responsibilities as a Data Controller under the GDPR we have appointed a designated Data Protection officer (DPO) The DPO provides guidance and supports the College in fulfilling is obligations under Data protection Law. You can contact the DPO at dpo@dumgal.ac.uk

New policies covering Data Protection are in the final stages of our internal approval process and will be published on the website as soon as this is complete.