The UK Rules
'Follow the Regulations'
Data Protection

Data Protection for British Citizens

This guide explains the 8 principles of the Data Protection Act 1998 section c 29. The Act of Parliament protects personal data stored in paper filing systems and on computers.

DPA PRINCIPLES: The guidelines control how your personal information gets stored and used. The government, businesses, and organisations must all follow the rules of the Data Protection Act.

Stronger legal protection applies to the most sensitive information such as an individual's:

Anyone who uses people's personal data must follow the strict 'data protection principles'. That means ensuring the information is:

  1. Obtained and processed 'fairly' and according to the law.
  2. Kept and used for limited and specified stated purposes.
  3. Used and disclosed in a way that is adequate, relevant to the purpose, and not excessive.
  4. Kept safe and secure (and give a copy of the data on request).
  5. Kept accurate, complete, and up-to-date.
  6. Stored and used for no longer than is 'absolutely' necessary.
  7. Handled according to the data protection rights for all citizens.
  8. Not transferred outside the European Economic Area without adequate protection.

Requesting Data Organisations Store about You

The Data Protection Act 1998 gives individuals several rights. One of them allows you to find out what details the government and organisations store about you and use.

You can write to an organisation and ask them for a copy of the information that they hold about you. Address the letter to the 'company secretary' if you are unsure who to send the letter to.

Note: If you request it, the law forces an organisation to give you a copy of the information that they hold about you.

Data Protection Principles for Citizens Living in the United KingdomWithholding Information 'Legally'

In some cases, organisations can withhold the information altogether from you. There is no requirement for them to inform you why they withhold it. Examples include situations that involve:

Cost to get Your Data Information

Organisations often charge a fee to provide the data information they store. As a rule, most will charge around £10 to produce a copy. But, the cost could be higher if it is either:

Complain about Data Protection Breaches

What if you believe your data got misused or an organisation holding it failed to keep it secure? In cases such as these you should contact the organisation and inform them.

What if you are not satisfied with their response? Contact the Information Commissioner’s Office if you need further advice. They also have an 'ICO live chat' facility if you prefer an online conversation.

Information Commissioner's Office (ICO) Helpline
Telephone: 0303 123 1113
Check phone call charges to 0303 numbers.

Note: The ICO can investigate your claim on your behalf. They can also take action against anyone who misuses personal data. The ICO website has further information on how to make a data protection complaint.

Data Protection Principles for Citizens Living in the United Kingdom