Access to information about you
The General Data Processing Regulations (GDPR) and Data Protection Act 2018 gives you certain rights to access data that organisations hold about you. It also says those who record and use personal information must be open about how the information is used and must follow the six principles of ‘good information handling’.
The 6 data protection principles say that an individual's data must be:
Principle 1 - Lawful, Fair and Transparent
Principle 2 – Specified, explicit, legitimate
Principle 3 – Adequate, relevant and Limited to what is Necessary.
Principle 4 – Accurate, up to date
Principle 5 – Kept no longer than necessary
Principle 6 – Processed in a secure manner
- Appendix 1 - Administration and Processing of Subject Access Requests
- Appendix 2 - Subject Access Request form
- Appendix 3 - General Processing Rectification process
- Appendix 4 - General Processing Restriction process
- Appendix 5 - General Processing Erasure & Objection process