Research and data protection

Guidance on research and data protection legislation

The UK General Data Protection Regulation (UK GDPR) along with the Data Protection Act 2018 (DPA) sets out how personal data and privacy should be managed. The legislation applies to any research project which processes personal information. This also applies to research outside the UK that the University is involved in.

Undertaking research in an ethical, fair and lawful manner complies with the requirements for data protection legislation and must start prior to project approval by incorporating data protection and privacy into the research planning process. This guidance is intended to assist researchers with this.

Participants consent form.docx (20.22 KB / DOCX)
PIS non medical research.docx (15.36 KB / DOCX)


There is an online training module on LEARN about research and data protection. All researchers and research students should complete this training.

Storing research data 

Research data planning is an important part of ensuring your research is conducted in a way that is compliant with data protection, freedom of information and record management requirements. 

The Research Data Service (part of Information Services) offer advice and tools to help you manage research data.

Research Data Service