We have rooms available in Horton Halls, our university-managed housing facility. Learn more and apply now.
Learn more about our key research areas and our research objectives.
We are building a positive research culture at St George's where researchers feel empowered to do their best work and develop their career.
We're putting £5.8 million of Office for Students funding towards improving facilities and equipment for our students.
St George’s celebrated its annual Research Day on Wednesday 11th December. The day showcased the hard work, latest findings and achievements from the vibrant research community.
Your gift to St George’s will inspire our students, our research, and our community, and ultimately impact the patients who will benefit from the care and expertise of our graduates around the world.
Enjoy stories of impact and support from generous donations.
Below you will find definitions of some of the key terms and phrases associated with data protection.
An individual’s consent to process their personal data must be freely given, clear and require a positive action to opt-in. Consent must be based on the individual’s clear understanding of what the data is being used for, who it will be shared with, how long it will be kept for (see ‘fair processing notice’). It is important to note that while an organisation must have a valid reason for processing personal data, this may not necessarily always involve the direct consent of the individual it relates to.
The person who decides how, and for what purposes, the data is going to be processed. This could be either an individual or an organisation. St George’s, University of London is considered the data controller for information processed for the purposes of the university’s business.
Someone (other than an employee of the data controller) who processes data on behalf of a data controller, eg an external company employed to distribute an organisation’s newsletter or marketing materials, or a company responsible for the disposal of ‘confidential’ waste.
The UK GDPR sets out 7 core principles. These specify that personal data shall:
The living individual who is the subject of the personal data.
The fair processing notice is a formal statement that provides the individual whose data is to be processed with the following information: the identity of the data controller, the purpose(s) for which the data may be processed and any other information necessary to ensure the processing can be considered ‘fair’ under the Act, eg other persons the data may be shared with. The fair processing notice is now known as the 'privacy notice', although you will probably still find reference to both.
Data relating to a living individual who can be identified from that information, or from other information the data controller has in their possession or is likely to have access to.
Any action or operation carried out on personal data, whether obtaining, recording, storing or disposing of that data.
Under the Data Protection (Charges and Information) Regulations 2018, individuals and organisations that process personal data need to pay a data protection fee to the Information Commissioner's Office (ICO), unless they are exempt.
The process by which a data subject can request information about themselves held by an organisation. The request must be made in writing, which can include email. The organisation must respond to the request within 40 days, providing copies of the relevant information in ‘permanent form’. All subject access requests should be passed to St George’s Data Protection Officer.
Browser does not support script.