Skip to content
OIT News

UT and the General Data Protection Regulation (GDPR)

GDPR

EU Law became effective May 25, 2018

Data privacy is the key theme of the European Union’s General Data Protection Regulation (GDPR) and applies to data subjects who are physically located within the EU. Anyone at UT providing services online should 1) review the information on the University’s Audit and Compliance website for GDPR 2) provide a link to the standard website privacy policy from their site and 3) seek consent prior to collecting any information.

GDPR asks us to make clear to people what data we maintain and how we process it. UTK’s updated data privacy policy can be found at dataprivacy.utk.edu/ and within that, you can find a link to the website privacy policy as well. A link to the website privacy policy is also now found in the footer of www.utk.edu and will also become part of the standard campus template.

The Office of the General Counsel has asked us to begin getting departments to adopt these standard privacy policy descriptions instead of having their own version. If you have links or directions to a departmentally managed privacy policy, please begin pointing those policies to the links above as appropriate. If your departmental policy requires additional controls or references additional accreditation standards, please refer to above and then supplement with your additional information.

If you have questions, please contact privacy@tennessee.edu.

The flagship campus of the University of Tennessee System and partner in the Tennessee Transfer Pathway.