Data Protection Act overview

We collect, hold and use data about people and organisations with whom we work and in order to conduct our business. This may include members of the public, current, past and prospective employees, clients, customers, contractors, partners and suppliers. In addition, we may be required to collect and use personal data in order to comply with our statutory obligations.

Data Protection principles

We must abide by the principles of the Data Protection Act which make sure that personal information is:

  • Processed lawfully, fairly, and in a transparent manner
  • Collected for specified, explicit, and legitimate purposes
  • Adequate, relevant, and limited to what is necessary
  • Accurate and, where necessary, kept up to date
  • Kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which those data are processed
  • Processed in a manner that ensures appropriate security of the personal data 

Accountability

Accountability is central to the data protection act.  Data controllers are responsible for compliance with the principles and must be able to demonstrate this to data subjects and the Information Commissioners Office.

The ICO publishes certain details in the register of data controllers, which is available to the public for inspection. Our entry in the Data Protection Public Register is available at Data Protection Public Register. Enter Z649690X, which is the Council's Data Protection Registration number.

Further information