Data protection
This page is about the Data Protection Act 1998 and how it applies to accessing personal records.
The Data Protection Act 1998 defines the law on the processing of data on identifiable living people (personal data). It sets rules for processing personal information. This includes information held in paper files as well as that held electronically.All private companies and public organisations are legally obliged to comply with the Act.
The rules of good information handling – the principles
The Act defines eight data protection principles. They say that data must be:
- fairly and lawfully processed
- only used for the specific purposes for which it was collected
- adequate, relevant and not excessive
- accurate and kept up to date
- not kept for longer than necessary
- processed in line with the data subject’s rights
- held securely
- not transferred to other countries without adequate protection.
Personal data covers both facts and opinions about the individual; it also includes information regarding the intentions of the holder of the information towards the individual.
Sensitive data:
Some particular types of information about the individual require special treatment within the Data Protection Act, and are known as ‘sensitive data.’ This includes information relating to:
- racial or ethnic origin
- political opinions religious or other beliefs
- trade union membership
- health
- sex life
- criminal proceedings or convictions.
The Data Protection Act makes specific provision for the collection and processing of 'sensitive data'. To process it you must:
- having the explicit consent of the individual (written consent obtained when the information is collected) or,
- being required by law to process the data for employment purposes
- needing to process the information in order to protect the vital interests of the data subject
- dealing with the administration of justice or legal proceedings.
Individual rights
The Data Protection Act gives rights to individuals in respect of personal data that the Council holds about them. These are:-
- to ask the Council if it holds personal information about you
- to ask what it uses the information for
- to be given a copy of the information
- to be given details about the purposes for which the Council uses the information and of other organisations or persons to whom it was disclosed
- to ask for incorrect data to be corrected
- to ask the Council not to use personal information about you for direct marketing
- to ask the Council not to make decisions about you based solely on the automatic processing of data
- to compensation for damage or distress should these be caused by the Council’s failure to comply with certain requirements of the Act.
Subject Access Requests
If you wish to receive a copy of the information that the Council holds about you please download and complete this form: Subject Access form . Return it to the Information Officer (at the address below) together with the identity documents detailed on the form, and the £10 administration fee to:
Information Officer
Reigate & Banstead BC
Town Hall, Castlefield Road
Reigate RH2 0SH
Telephone: 01737 276141
Email: information.officer@reigate-banstead.gov.uk
Data Protection Policy
You can view the same document here in either Word or PDF format:Reigate and Banstead Borough Council Corporate Policy for the Data Protection Act 1988 (Word)
Reigate and Banstead Borough Council Corporate Policy for the Data Protection Act 1988 .
Last updated : 15/11/2011
