The UK Rules
Data Protection Act 2018: Your Rights

Data Protection for British Citizens

This guide explains the principles of the Data Protection Act 2018 citation c 12. The UK Act of Parliament protects personal data stored in paper filing systems and on computers.

DPA PRINCIPLES: The guidelines control how your personal information gets stored and used. The government, businesses, and organisations must all follow the rules of the Data Protection Act.

Stronger legal protection applies to the most sensitive information such as an individual's:

Note: United Kingdom uses the Data Protection Act 2018 to update and implement the General Data Protection Regulation (GDPR).

Anyone who uses people's personal data must follow the strict 'data protection principles'. That means they have a duty to ensure that the information is:

  1. Obtained and processed 'fairly' and according to the law.
  2. Kept and used for limited and specified stated purposes.
  3. Used and disclosed in a way that is adequate, relevant to the purpose, and not excessive.
  4. Kept safe and secure (and give a copy of the data on request).
  5. Kept accurate, complete, and up-to-date.
  6. Stored and used for no longer than is 'absolutely' necessary.
  7. Handled in a way that ensures an appropriate level of security. That includes a level of protection against unlawful or unauthorised access, damage, destruction, loss, or processing.

Requesting Data Organisations Store about You

The Data Protection Act 2018 gives individuals several rights. One of them allows you to find out what details the government and organisations store about you and use.

Data Protection Act 2018 Your Rights

According to the laws on data protection, you have the right to:

Your rights also apply when an organisation uses your personal data for:

You can write to an organisation and ask them for a copy of the information that they hold about you. Address the letter to the Data Protection Officer (DPO) or company secretary if you are unsure who to send the letter to.

Note: If you request it, the law forces an organisation to give you a copy of the information that they hold about you. As a rule, you should get it without delay and no longer than one (1) month (unless there is a delay).

Data Protection Principles for Citizens Living in the United KingdomWithholding Information 'Legally'

In some cases, organisations can withhold the information altogether from you. There is no requirement for them to inform you why they withhold it. Examples include situations that involve:

Cost to get Your Data Information

In most cases, organisations will not charge you a fee to provide the data information they store. But, some may make a charge to produce a large amount of information or if it is either:

Complain about Data Protection Breaches

What if you believe your data got misused or an organisation holding it failed to keep it secure? In cases such as these you should contact the organisation and inform them.

What if you are not satisfied with their response? Contact the Information Commissioner's Office if you need any further advice. They also have an 'ICO live chat' facility if you prefer an online conversation.

Information Commissioner's Office (ICO) Helpline
Wycliffe House Water Lane
Wilmslow
Cheshire
SK9 5AF

Email: casework@ico.org.uk
Telephone: 0303 123 1113
Textphone: 01625 545860
Monday to Friday: 9am to 4:30pm
Check call charges to 0303 numbers.

ALSO IN THIS SECTION

Data Protection for Small Business | How enterprise must respond to the stay within the new GDPR laws.

Your Rights and the Law | A section of parliamentary regulations activated by authorized legal entities.

Note: The ICO can investigate your claim on your behalf. They can also take action against anyone who misuses personal data. The ICO website has further information on how to make a data protection complaint.


Data Protection Principles for Citizens Living in the United Kingdom

© 2019 | ALL RULES | CONTACT | PRIVACY | SITEMAP