What is the Data Protection Act?
The Data Protection Act 1998 applies to personal information and ensures that it is handled properly.
It establishes a framework of rights and duties which are designed to safeguard personal data.
Personal information is information about you. It can be your name, address or telephone number. It can be the type of job you do, the things you buy and the place you went to school.
The data Protection Act balances the legitimate needs of organisations (data controllers) to collect and use personal data for business and other purposes against the right of individuals (data subjects) to respect for the privacy of their personal details.
It ensures organisations manage the information they hold in a proper way. It also gives you rights to view the information held about you and to correct any information that is wrong.
The Data Protection Act 1998 applies to any organisation which processes personal data.
The Council's Responsibilities
As a Local Authority which processes personal data, Wealden District Council has notified the Information Commissioners Office as such under registration number Z5133126, which expires on 22 January 2013. The registration is renewed annually.
As a 'Data Controller', the Council must obey the eight data protection principles which underpin the Act.
The eight data protection principles state that data must be:
- Fairly and lawfully processed.
- Processed for limited purposes.
- Adequate, relevant and not excessive.
- Accurate and up to date.
- Not kept longer than necessary.
- Processed in accordance with the individual's rights.
- Not transferred to countries outside the European Economic area unless the country has adequate protection for the individual.
Find out more about how you can make a request to view the information the Council holds about you.