Data Protection Act
The Data Protection Act 1998 is designed to cover the collecting, storing, processing and distribution of personal data. It gives rights to individuals about whom information is recorded
The Act applies to all individuals whether they are an employee, elected member or a member of the public. Each individual has the right to access personal data, prevent processing likely to cause damage or distress and prevent processing for the purposes of direct marketing.
They also have rights in relation to automated decision taking, to take action for compensation if they suffer damage by any contravention of the Act by the data controller, to rectify, block, erase or destroy inaccurate data and to make a request to the Information Commissioner for an assessment to be made if they feel that the Act has been contravened.
Data protection principles
There are eight principles put in place by the Data Protection Act 1998 to make sure that personal information is handled properly.
These state that data must be:
- fairly and lawfully processed
- processed for limited purposes
- adequate, relevant and not excessive
- accurate
- not kept for longer than is necessary
- processed in line with your rights
- secure
- not transferred to countries without adequate protection
Subject Access Request
Under the Data Protection Act 1998, individuals are entitled to access all of the information held by the Council about themselves. These are known as 'Subject Access Requests'.
If you wish to make a Subject Access Request, you must:
- make your request in writing, preferably using the form that can be downloaded below
- pay a fee of £10
The Council will then respond to you, with the information, in 40 calendar days.
Click here to download the form
Further information
Data Protection
Stevenage Borough Council
Daneshill House
Danestrete
Stevenage
SG1 1HN
dataprotection@stevenage.gov.uk
A copy of the act can be viewed at the Office of Public Sector Information website.