Bookmark us Help Search our site Site Map
theopenworld.com
 Company Home

Data Protection Act
Company overview
Contact us
Feedback
Official Affiliates
Press Centre
Recent updates
Site map
 
Linking:
Endorsing us
Banner links to us
Logos
 
Policies & the Law:
Acceptable Use
Computer Misuse Act
Data Protection Act
Privacy Policy
Spam Policy
Terms & Conditions
Terms of Use
Toolbar Privacy Policy
 
Other businesses
& Sites:
thelexicon.com
theopenworld
technician.com
theopenworld.net
 

You're in: Home   >   Company Information   >  Policies  >  Data Protection Act

theopenworld.com must, under the law of the United Kingdom, clearly state to all of its users (whether or not residents or users in the United Kingdom) the Data Protect Act 1998. For your own reference we have summarised the larger document into a clear and comprehensible summary. We would like to remind all of our users that we do not pass-on any of your details to anyone else.

Key Points to Note

  • Personal data must be obtained fairly and lawfully. The data subject should be informed of who the data controller is (the institution); who the data controller's representative is; the purpose or purposes for which the data are intended to be processed; and to whom the data will be disclosed. For users this is done by the theopenworld.com during registration. Personal data processing may only take place if specific conditions have been met- these include the subject having given consent or the processing being necessary for the legitimate interests of the data controller. Additional conditions must be satisfied for the processing of sensitive personal data, that relating to ethnicity, political opinion, religion, trade union membership, health, sexuality or criminal record of the data subject
  • The new Act covers personal data in both electronic form and manual form (e.g. paper files, card indices) if the data are held in a relevant, structured filing system
  • Personal data must be kept accurate and up to date and shall not be kept for longer than is necessary
  • Appropriate security measures must be taken against unlawful or unauthorised processing of personal data and against accidental loss of, or damage to, personal data. These include both technical measures, e.g. data encryption and the regular backing-up of data files and organisational measures, e.g. staff data protection training
  • Personal data shall not be transferred to a country outside the European Economic Area unless specific exemptions apply (e.g. if the data subject has given consent) this includes the publication of personal data on the internet

Data Subject Rights

The Act gives significant rights to individuals in respect of personal data held about them by data controllers. These include the rights:-

  • To make a subject access request - an individual is entitled to be supplied with a copy of all personal data held.
  • To require the data controller to ensure that no significant decisions that affect them are based solely upon an automated decision-taking process
  • To prevent processing likely to cause damage or distress
  • To prevent processing for the purposes of direct marketing
  • To take action for compensation if they suffer damage by any contravention of the Act by the data controller
  • To take action to rectify, block, erase or destroy inaccurate data, and
  • To request the Data Protection Commissioner to make an assessment as to whether any provision of the Act has been contravened
◊ Top of page del.icio.us Add to del.icio.us Add Slashdot