Data Protection

  • Data Protection

Furness College sees you, the student, at its very heart.

Purpose & Scope

Furness College and Barrow 6th Form College recognises its duties under the Data Protection Act and this policy outlines the responsibilities of the Data Protection Controller and members of staff.

The data protection policy ensures that the college operates within the law and ensures that staff and students are aware of their rights and responsibilities in order to comply with the Data Protection Act.

The college aims to promote equality and diversity and is committed to safeguarding all learners and staff.

Policy Statement

Data Protection Act 1998

1.1. The Data Protection Act 1998 came into force on 1 March 2000. It regulates the use of personal data and gives effect in UK law to the European Directive on data protection (95/46/EC). The Act covers manual and computerised records, and is concerned with the processing of “personal data”, that is data relating to living individuals. It works in two ways:

  • Giving individuals (data subjects) certain rights
  • Requiring those who decide how and why personal data are processed (data controllers) to be open about their use of those data and to comply with the data protection principles in their information handling practices.

1.2. There are eight data protection principles that are central to the Act. In brief, they say that personal data must be:

  • processed fairly and lawfully
  • processed for limited purposes and not in used in conflict with those purposes
  • adequate, relevant and not excessive
  • accurate
  • not kept for longer than is necessary
  • processed in line with data subjects’ rights
  • secure
  • not transferred to countries that do not protect personal data

1.3. Examples of personal data likely to be covered by the Act are:

  • Details of an employee’s salary, whether stored manually or electronically
  • An email about any employee
  • Any notes or records kept by line managers
  • A completed application form

1.4. Examples of information that is not covered by the Act are:

  • Information on the College’s salary structure, where individuals are not named or are not identifiable
  • Any reports where responses are anonymised, and cannot be traced back to individuals
  • Any manual files which are not stored in an organised way i.e. old piles of paper records

1.5. The Act grants workers the right to have a copy of the information that an organisation holds about them, and to apply for a data controller to correct inaccurate information held about them

2.1. All staff have responsibilities under the Data Protection Act. No employee should disclose personal data outside the College’s procedures, or use personal data for their own purposes. Line managers have a responsibility for the type of personal data that they collect and how they use them. All job applicants are also obliged to provide accurate information.

2.2. Reference should also be made to the Information Commissioners Office (ICO) Information Practices Code. A copy of this is available from the ICO website:

2.3. Further details about the Data Protection Act 1998 can be found on the data protection website:

3. Furness College (and Barrow 6th Form College) as a body corporate is the data controller under the Data Protection Act. However, the designated Data Protection Officer will deal with all requests for information under the Data Protection Act. The College’s Data Protection Officer is the Deputy Principal Curriculum & Quality and all requests should be submitted in writing or via email at or Furness College, Channelside, Barrow-in-Furness, Cumbria,  LA14 2PJ.

Search our course index below