Under the GDPR, the University is required to appoint a Data Protection Officer (DPO).
The Data Protection Officer is required to monitor compliance with the GDPR and Data Protection Act 2018, to advise and inform the University on its data protection obligations and how to meet them, and to be a point of contact for data subjects and the ICO.
The University's Data Protection Officer is Henry Stuart:
Also see the ICO’s webpage on accountability and governance, and Articles 37, 38 and 39 of the GDPR.