General Data Protection Regulation @ CU—GDPR

Introduced by the European Union (EU), the GDPR is intended to help protect the personal information of EU individuals/data subjects (any individual who is physically located in an EU member state, which includes both EU citizens and non-EU citizens). The EU’s General Data Protection Regulation (GDPR) compliance date began May 25th, 2018.

The GDPR provides a number of rights to EU individuals that include the following: the Right to be Informed, the Right to be Forgotten/Erasure, and the Right to Rectification. Any EU individuals who have/had a formal relationship with the University and were assigned a University Network ID (UNI) may leverage the online request forms (see Make a Request, right) for the following rights:

  • Request for Information
  • Right to be Forgotten/Erasure
  • Right to Rectification

If you have questions or comments around these three specific rights, or any other rights provided by the GDPR, please email [email protected].

Note: Columbia University will update this page and the policies related to the GDPR on an ongoing basis, as needed.