The Data Protection Act (DPA) 1998 applies to any organisations which hold and process personal information. The act is designed to protect against the misuse of personal data. You can view our Data Protection Policy here.
There are 8 Data Protection Principles, which exist to ensure that personal information is:
- Fairly and lawfully processed
- Obtained and processed for one or more specific purposes
- Adequate, relevant and not excessive in relation to those purpose(s)
- Accurate, and where necessary kept up to date
- Not kept longer than necessary
- Processed in accordance with the data subject’s rights
- Secure against unauthorised and unlawful processing and accidental loss or destruction
- Not transferred to countries without adequate protection for the rights and freedoms of data subjects in relation to the processing of personal data
The Act requires that we notify the Information Commissioner about what personal information we hold, what purposes we use it for, who we get it from and who we give it to.
If you are the subject of personal data held by the council, then you have the right to expect that we will give it due protection, and to know what the information is. If you would like access to personal information held about you by West Lindsey District Council you can make a Subject Access Request, which we respond to within 40 calendar days.
You can make a Subject Access Request by writing to Democratic Services, West Lindsey District Council, Guildhall, Marshall’s Yard, Gainsborough, Lincolnshire, DN21 2NA, with your name and address as much information as possible to help us locate the information you believe to be held about you. You also need to enclose the fee of £10. We may write back to you requesting that you provide proof of identity and address; this is to ensure that personal information held about you is not sent to anyone who is not entitled to access it.
For more information please visit the Office of Public Sector and GOV.UK/Data Protection