Data protection act

Trafford Council is fully committed to compliance with the requirements of the Data Protection Act 1998 which came into force on 1 March 2000. As with the 1984 Act, the Act gives legal rights to individuals (data subjects) in respect of personal data held about them.

Statement of Policy

In order to operate efficiently, Trafford Council has to collect and use information about people with whom it works. These may include members of the public, current, past and prospective employees, clients and customers, and suppliers. In addition it may be required by law to collect and use information in order to comply with the requirements of central government.

This personal information must be handled and dealt with properly, however it is collected, recorded and used, and whether it be on paper, in computer records or recorded by any other means. There are safeguards within the Act to ensure this.

Trafford Council regards the lawful and correct treatment of personal information as very important to its successful operations and to maintaining confidence between the council and those with whom it carries out business. The council will ensure that it treats personal information lawfully and correctly.

To this end the council fully endorses and adheres to the principles of Data Protection as set out in the Data Protection Act 1998.

Purpose of the Act

The Data Protection Act 1998 is designed to cover the collecting, storing, processing and distribution of personal data. It gives rights to individuals about whom information is recorded.

This applies to all individuals whether they are an employee, elected member or a member of the public. Each individual has the right to access personal data, prevent processing likely to cause damage or distress and prevent processing for the purposes of direct marketing.

They also have rights in relation to automated decision taking, to take action for compensation if they suffer damage by any contravention of the Act by the data controller, to rectify, block, erase or destroy inaccurate data and to make a request to the Information Commissioner for an assessment to be made of the data controller if they feel that the Act has been contravened.

The Act places obligations on those who record and use personal data (data controllers). They must be open about the use of such personal data through notification to the Information Commissioner and they must follow sound and proper practices by applying the Data Protection Principles.

Further details of the act can be viewed on the GOV.UK Legislation website.