Data protection

 

The Data Protection Act 1998 provides the overall framework within which users of personal data can operate.  It requires that anybody who processes personal information (i.e. obtains, holds, amends, discloses or destroys data) must keep to eight data protection principles.  These principles are that personal data will be:

  1. Be obtained and processed fairly and lawfully
  2. Be obtained for a specified and lawful purpose
  3. Be adequate, relevant and not excessive for these purposes
  4. Be accurate and kept up-to-date
  5. Not kept for longer than is necessary
  6. Be processed in accordance with the data subject's rights
  7. Be kept safe from unautrhorised access, accidental loss or destruction
  8. Not be transferred to a country outside the EEA (the EU plus Norway, Iceland and Liechenstein), unless that country has adequate levels of protection for personal data.  

More information is available on the website of the UK Information Commissioner. (new window)

The Act also gives individuals the right to access personal information held about them.  This is called a subject access request. 

Frequently Asked Questions

Click a question to see the answer.

How can I see what personal data of mine that the council holds?

The Data Protection Act gives you a general right of access to personal data that relates to you. Access requests must be made in writing. You must supply enough information to locate the data requested along with proof that you are the data subject.

How much will it cost me to obtain a copy of my personal data from the council?

There is a 10 administration fee for us to collate and present you with the personal data that we hold on you.

What do you mean by 'personal data'?

Personal data is any information which, on their own or referenced against other data held by the organisation, can be used to identify a living individual. This includes all the obvious details the council might hold about you, such as your name, address, Council Tax reference number, benefit entitlements and so on.

What is the Data Protection Act 1998 about?

The Data Protection Act is based on eight legally enforceable principles that organisations and individuals must apply when they process your personal data. The principles underlying it are designed to keep your personal information confidential, accurate and secure. There are extra rules for processing sensitive data such as data about your ethnic origin, religious beliefs, trade union membership, party political opinions, sexuality, health, involvement in court proceedings, and so on.

Why am I being asked to sign something consenting to you sharing my personal data?

By signing this, you indicate that you give your consent to us to share your personal information between council departments in order that we can provide you with the best possible service. If you do not consent to us sharing your personal data, we will have to keep asking you for the same information over and over again.

Will the personal information I provide to become a panel member of the Citizen's Panel be confidential?

Yes, the personal information you provide will be confidential. The Data Protection Act 1998 strictly controls the use of this information. The council, and or those employed by it, will process your answers to find out your views on important issues, to help plan and deliver services and to make decisions. Your answers will not be used for any other purpose. Your name, address and personal details will not be used publicly or passed to any other organisation - including the council's partners and any consultants that the council may employ - without your express permission. You will be asked to agree to the use of your information for these purposes only. Without that authorisation we could not and would not use any of the personal information you give us.

Related Links

On Other Sites

Contact details