Cookies and this website

This website uses cookies to give you the best online experience. If you'd like to know more please read our cookie policy

Skip to content

Privacy Policy

Privacy and data protection:

The Data Protection Act gives individuals certain rights regarding information held about them. It places obligations on those who process information (data controllers) while giving rights to those who are the subject of that data (data subjects). Personal information covers both facts and opinions about the individual.

The purpose of the Data Protection Act is to protect personal information about living individuals. The act places legal obligations on organisations that handle personal data. Councils must comply with the act and does so by applying the eight 'principles of data protection', which are legally enforceable.

Organisations that hold personal information have a duty under the act to provide individuals with access to information about themselves if they request it. Under the act you have a legal right to ask:

  • what personal information the council holds about you (subject to some exemptions)
  • why the council holds personal information about you
  • to whom the information is disclosed
  • that inaccurate information is corrected

For any enquiries which are related to the Data Protection Act 1998, please contact one of the participating Councils.

The eight principles of good practice

Anyone processing personal information must comply with eight enforceable principles of good information handling practice.

These say that data must be:

  1. fairly and lawfully processed
  2. processed for limited purposes
  3. adequate, relevant and not excessive
  4. accurate and up to date
  5. not kept longer than necessary
  6. processed in accordance with the individual''s rights
  7. secure
  8. not transferred to countries outside European Economic Area unless the country has adequate protection for the individual