Data Protection Policy
Data Protection Policy
The Data Protection Act controls how your personal information is used by organisations, businesses or the government.
Everyone responsible for using data has to follow strict rules called ‘data protection principles’. They must make sure the information is:
- used fairly and lawfully
- used for limited, specifically stated purposes
- used in a way that is adequate, relevant and not excessive
- accurate
- kept for no longer than is absolutely necessary
- handled according to people’s data protection rights
- kept safe and secure
- not transferred outside the European Economic Area without adequate protection
There is stronger legal protection for more sensitive information, such as:
- ethnic background
- political opinions
- religious beliefs
- health
- sexual health
- criminal records
For full Data Protection Act 1998 please click here.