The EU's General Data Protection Regulation, which has also been incorporated into UK law by an Act of Parliament, is effective from 25 May 2018. This is an important step forward in the protection of personal data. Jesus College is committed to protecting the security and privacy of personal data in its possession and so draws your attention to our updated Data Protection and Privacy Policy on this page.

What is your personal data and how does the law regulate our use of it? 

'Personal data' is information relating to you as a living, identifiable individual. We refer to this as 'your data'. It can include information such as your name, contact details, education history and other information about you that we may process. 

'Processing' your data includes various operations that may be carried out on your data, including collecting, recording, organising, using, disclosing, storing and deleting it. 

The law requires us: 

  • To process your data in a lawful, fair and transparent way; 
  • To only collect your data for explicit and legitimate purposes; 
  • To only collect data that is relevant, and limited to the purpose(s) we have told you about;
  • To ensure that your data is accurate and up to date;
  • To ensure that your data is only kept as long as necessary for the purpose(s) we have told you about; 
  • To ensure that appropriate security measures are used to protect your data.

Further detail on the application of this policy to the various aspects of the College's activities are contained in the privacy notices and reports of processing activity (ROPA) listed below. These describe how the College will collect, use and protect your personal information. Whilst one privacy notice may be of primary relevance to you, it is important that you read that notice together with other applicable privacy notices. Please click on the relevant links to access the pages containing the required information.

Data Protection Policy

The College's data protection policy can be downloaded here.

Privacy Notices

You can navigate to the College's Privacy Notices here.

Record of Processing Activity (ROPA)

You can navigate to the Record of Processing Activity here.

Retention of Personal Data

Details of our specific retention policies for personal data are set out in the relevant ROPAs. The relevant table provides details of our general approach to the retention of personal data. The Retention Schedule can be found here.

Third Party Data Sharing

As explained in the Privacy Notices, certain personal data is shared with third parties either for appropriate legal or voluntary reasons. The ROPA summarises the nature of the data and with whom and why we share it. The Data Sharing Table can be accessed here.

Past Versions of Privacy Notices

Our relationships with students, alumni, staff and third parties often last several years. From time to time we may need to update relevant privacy notices and so in the interests of transparency and accountability, we include previous versions of these notices here.