In
accordance with the provisions of
the European Union Directive on the
Protection of Personal
Data (95/46/EC) Member States
were required to pass their own national
legislation.
The Government of the United
Kingdom passed a Data Protection Act
in 1998.
The
owner of this site is therefore bound
to comply with the eight enforceable
principles of good practice in the
processing of personal data.
In brief the principles say
that data must be:
-
fairly
and lawfully processed;
-
processed
for specified and lawful purposes
and shall not be further processed
in a manner incompatible with
those purposes;
-
adequate,
relevant and not excessive in
relation to those purposes;
-
accurate:
where necessary kept up
to date;
-
not
kept longer than necessary;
-
processed
in accordance with the data subjects
rights under the Act which includes
the right to know what personal
information is being held by us,
and the right to have personal
data corrected or deleted;
-
secure:
appropriate technical and organisational
measures to be taken against unlawful
and unauthorised processing and
access to personal data and against
loss, destruction and damage;
-
not
transferred to other countries
that do not have adequate protection
for the rights and freedom of
data subjects in relation to the
processing of personal data.
N.B.
'Processing' incorporates the concepts
of 'obtaining', 'holding' and 'disclosing'.
