The Data Protection Act 1998 is an Act of Parliament of the United Kingdom of Great Britain and Northern Ireland which defines UK law on the processing of data on identifiable living people. It is the main piece of legislation that governs the protection of personal data in the UK. To comply with the Data Protection Act 1998, information must be collected and used fairly, stored safely and not disclosed to any unauthorised person.
The Act provides a framework to ensure that personal information is handled properly. The College must comply with the eight data protection principles which ensure that personal information is:
1. Processed fairly and lawfully
2. Obtained for a specific and lawful purpose
3. Be adequate, relevant and not excessive for those purposes
4. Be accurate and up to date
5. Not kept for longer than necessary
6. Processed in line with the rights of the individuals
7. Safe and secure
8. Not transferred to other countries without adequate protection
Subject Access Requests
A subject access request under the Data Protection Act is a request from an individual to access the information that is held by the College about them. The College may request a fee of up to £10.00 which is not subject to VAT. If you require that this data be released (i.e. Home Office, housing benefit, employment etc.) please complete the Data Protection Request Form (download from the link below) and hand into the College’s Main Reception who will pass it on to the Data Protection Officer. You will need to provide proof of identity.
Data Protection Documents
Data Protection Officer email: firstname.lastname@example.org