Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data, in both paper and electronic format. The General Data Protection Regulation (GDPR) and Data Protection Act 2018 (collectively referred to as the Data Protection Legislation hereinafter) state the principles governing how personal data is collected, accessed, used and disclosed. To access the full text of the GDPR see here. (The Council is not responsible for errors with external websites)
GDPR Principles
The Council is obliged to demonstrate that personal data is:
- Obtained lawfully, fairly and in a transparent manner
- Obtained for only specified, identified and legitimate purposes
- Processed for purposes which we have identified or purposes compatible with the purposes that we have identified.
- Adequate, relevant and limited to what is necessary for purpose for which it was obtained
- Personal data collected and processed must be accurate and kept up to-date.
- Kept only for as long as is necessary for the purposes for which it was obtained.
- Processed in a manner that ensures the appropriate security of the personal data including protection against unauthorised or unlawful processing.
Data Protection Legislation also confers a range of rights for individuals relating to their personal data. See Your Rights for more information on this.