The Data Protection Act 1998 is a piece of legislation designed to safeguard details relating to living people.
It controls what organisations are allowed to find out about you, limits how they store and process this knowledge, and gives you the right to inspect your details and to correct them if they are wrong.
Data Protection Principles
The Data Protection Act sets out eight principles that form its basis. In basic terms, these principles are as follows, each relating to personal data:
It shall be processed in a fair way.
The purpose for which it was obtained shall be specified, and it shall not be processed for some other purpose.
It shall be adequate and relevant, and not excessive for its purpose.
It shall be accurate and kept up to date.
It shall not be kept for longer than is necessary.
Subjects have the right to access and correct what is held about them.
Appropriate technical and organisational measures shall be put in place to protect it.
It shall not be transferred to a country outside the European Economic Area unless that country has adequate laws of its own.
What Is Personal Data?
The protection principles apply to personal data. So, what is it?
In short, it is anything that can be used to identify a living person. This includes both information directly stored with an individual’s credentials, and more loosely bound records that could be matched up with an individual by subsequent processing.
Such personal data includes, but is not limited to, the following:
names
addresses
dates of birth
telephone numbers
email addresses
religion
race
political allegiance
medical history
Except for some specific exceptions, the Act relates to records held on computers.
Your Rights
Under this legislation, you have the following rights:
to gain access to computerised records about you and to some manual records
to correct, block, remove or destroy inaccurate records
to ask a data controller not to process information if that processing could cause you “substantial unwarranted damage or distress” (although they are not always bound to comply with such requests)
to request that your details not be used for unsolicited direct marketing
to object to automatic decisions made without human involvement and based on your data
to ask the Information Commissioner’s Office to investigate a perceived breach, and the right to claim compensation for damage, and possibly distress, if one is found to have taken place
Applications of the Act in your Workplace
There are two main reasons why you should make sure you understand the basics of this law. First, it applies directly to you. Your employer holds information about you, and it is in your own interests to ensure that they are complying with this legislation. This will ensure that the data they hold on you is not excessive, but is correct and is kept confidential. A second consideration is that if you are handling other people’s records you have a responsibility to treat their privacy with respect, and to comply with this law. By doing this, you keep your company’s customers happy and protect yourself and your employer from the threat of legal action.
*The EU General Data Protection Regulation (GDPR) superseded the UK Data Protection Act 1998 on May 25, 2018. The new policy expands the rights of individuals to control how their personal data is collected and processed. It places a range of new obligations on organisations to be more accountable for data protection.
Organisations are obliged to have technical and procedural measures in place to safeguard the personal information they hold.
Is my employer able to force me to wear a name badge displaying my full name? I feel it’s too much personal identifying information
Angelina Gibson - 23-Feb-21 @ 11:03 PM
A friend in a call centre is concerned as the new manager has started emailing weekly stats which show all her teammates toilet break times, call times etc as she feels this is none of her business. Is this a breach of GDPR? (Thinking if people are unwell and suddenly use the toilet more / menstruating / pregnant etc)
Mel - 12-Feb-21 @ 6:29 PM
Hi there,
Can my employer share my address with a line manager as I have had a line manger come to my house to call me into work as I’mflexi furlough and my mobile was switched off does this breach GDPR
Steve - 9-Feb-21 @ 12:25 PM
My HR manger gave another employee my personal mobile number is this alowed, against GDPR?
NC43 - 27-Jan-21 @ 8:54 AM
At college in the nursery I work in has recently given a parent of a child I care for my personal home address, is this right?
GB - 25-Jan-21 @ 11:24 AM
Does my manager have the right to share my personal mobile number with a director without my permission?
MB - 21-Jan-21 @ 6:56 AM
A team member shared I was having the vaccine with her family and friends - is this a GDPR breach?
MH - 11-Jan-21 @ 1:27 PM
On two occasions recently my employer has given a fellow employee, my address to hand deliver letters to me is this legal? As I’m concerned they are giving out my address without my permission.
Eddie - 11-Dec-20 @ 6:17 PM
Hi there, I was off due to an illness and my employer was telling everyone down where we take our vans to get repaired about how and why I was off sic....is this a breach in data protection or not
Rich007 - 3-Dec-20 @ 1:41 PM
Is it legal for your manager to carry your details ie wage slips on their phone or is it a breach also I'm not being given wage slips he is keeping them unable to check pay etc is right
H - 2-Oct-20 @ 7:11 AM
Previously my wage slips were available through Xero and is password protected.I have left this job and he has sent my payslips along with my P45 via email and copied a member of his family and a co worker who is not a Director.As you can imagine my DOB, address N.I. Is that appropriate under GDPR
Jayne - 4-Sep-20 @ 7:12 AM
Can a agency consultant share information given by the temp worker {email} to the employer either verbally or by email...
Pauline - 14-Jul-20 @ 10:07 AM
Hello
On my eife work place
Som one ar send privet personal information to somone
Wat shuld we do now..
Misiek - 25-Jun-20 @ 7:11 PM
My ex employer told my ood colleagues that they had not passed my probation and had let me go, is this allowed? I feel humiliated and angry that they have discussed what should have been a personal and private discussion with my old colleagues. Is this allowed?
My boss also sent my personal mobile number to my colleagues without my consent prior to letting me go, is this allowed?
KA - 22-May-20 @ 10:24 AM
Does my line manager have the right to share my mobile number with other staff without my permission?
Mhystie26 - 25-Mar-20 @ 5:01 PM
I have recently had to take time off work because of personal reasons, and think my boss has explained to customers why I was off and for how long for. I feel like he or any of my colleagues should be talking about my personal circumstances with the general public.
HB - 23-Jan-20 @ 4:33 PM
I work in retail premises a work colleague spotted a diary on a shelf on shop floor he handed it to me thinking it was mine as he read a medical certificate that was in it (a fit for work note I presented to my manager about a month ago) I was absolutely horrified as it had my personal details as well as medical complaint on it .I approached my boss said I wasnt happy with his negligence said it breached my data protectionbut he just took it and placed it in a file in safe
Should he still have this on premises after a month and is this a breach of my rights ?
Aridon - 7-Jan-20 @ 7:22 PM
My employer has repeatedly given out my personal phone number to customers etc, despite me having said several times i do not want my personal mobile number given out. Is this a breach of the data protection act? And, what if any action can i take against my employer
C - 7-Dec-19 @ 10:18 AM
At my work place our absence/holiday request forms are stored in a clear polypocket stuck on the wall by the manager's desk. Our overtime record sheets are stored in the same way.
Is this acceptable HR?
MA - 17-Oct-19 @ 9:57 PM
At my workplace we have a folder with names and phone numbers in which is only meant to be used to contact people while we are at work for work purposes and it says do not copy or photo copy it is part of data protection, but a staff member took a photo of this and shared it on a group chat with other work colleges and she only got a warning for this, surly she should have got the sack and could I take this further as I didn’t want my phone number shared in this way.
Elaine1 - 3-Sep-19 @ 11:18 AM
I pressed 'i do not consent' to my exit interview being shared, but HR have shared it with management in my office who are now giving me the cold shoulder - is this legal?
EO - 16-Jul-19 @ 5:14 PM
I asked last week if my boss could help me with a personal loan or a loan from the company of £7000, this was for me and my partner to help us get on the property ladder.This discussion was in private and confidential.
Today he was angry with other employees and blurted out in front of other employees that if I or other employees keep wasting money running vehicles around empty there was no way he could give me the £7000 I asked to borrow.Even tho in private last week he said there was nothing he could do to help.
It was private information that my co-works now know about which shouldn’t have happened.Where do I stand?
Poohbear - 25-Jun-19 @ 9:24 AM
My ex employer has posted my P45 to another ex employee she didn’t work at the same home as me but had contacted me to say she has half my p45 containing all my personal details
N/A - 3-Jun-19 @ 11:36 AM
Is it right for a senior or leader to give you're number to a member of staff without your permission
alidowell - 24-May-19 @ 8:45 PM
The account for employees' wages is set up as a customer account on the computer and anyone processing invoices has access to everyone's wage history/payments. Is this legal, acceptable, or an infringement on employee privacy rights?
Jeff J - 29-Mar-19 @ 6:00 PM
My current employer has issued my national insurance number on another employees payslip for 3 continuous months, and a letter was sent to the same employee from the hmrc in my name notifying them of future tax channges for the coming year, the same employee whilst trying to register for a company benefit couldn't register his employee account as it was stating they had the incorrect d.o.b, low and behold it was my d.o.b they needed to enter to gain access. These 3 soerate incidents happened over a 5 month period where neither incident was brought to my attention by my employer, I've had no apology or advice on how this happened and what's being done to rectify this breach. I've made a complaint to my hr team over a week ago and I personally still haven't had any correspondence from them other than an automated email saying they'll be in touch within 72 hours, they've contacted my operations manager but not myself. I'm very annoyed that this has happened and they've not apologised or seemingly fulfilled they're duty to notify me, what should I do? And are these grounds to make a compensation claim against my employer for not safeguarding my personal data and causing undue stress?
Nj - 19-Feb-19 @ 10:33 PM
I have just moved to a new property within the space of a week my ex employer has sent me a letter looking for payment from an overpaymebt, but I can't understand how they got my address it make another sense, I am not on the electoral roll at my address as I have just moved in. One of my ex employees used to stay in this property what are my rights ?
Cal - 11-Jan-19 @ 1:15 PM
My employer has released my personal data in a mass email. To say that I'm upset is an understatement. What are my legal rights ? do I have any ? am I entitled to compensation ? You advice would be much appreciated.
Hubert - 25-Sep-18 @ 11:54 AM
@Teamtrave - it's unlikely anything will happen or that the other person is going to sell your number. But it is something you should speak to your company about.
DNN - 3-Sep-18 @ 9:48 AM
My employer/pensions dept has sent me another persons pension statement but has also sent that person mines - We have the same name. However this means my national insurance number, date of birth, pension contributions and salary are on the document which really worries me.
Nico Re: Contacting Employees in Their Homes
A week ago my manager phoned my mobile whilst i was relaxing at home before a 12 hour night shift. She proceeded to…
Rebel Re: Worker-Manager Confidentiality
My former employer told the police about a serious medical condition I have. They only have this knowledge in their role within…
Meme714 Re: Worker-Manager Confidentiality
I have recently had to take time off work due to a miscarriage, and the loss of a family member both in a timescale of a…
Re: Introduction to the Data Protection Act
Is my employer able to force me to wear a name badge displaying my full name? I feel it’s too much personal…
Re: Introduction to the Data Protection Act
A friend in a call centre is concerned as the new manager has started emailing weekly stats which show all her…
Re: Introduction to the Data Protection Act
Hi there, Can my employer share my address with a line manager as I have had a line manger come to my house to…
Re: Rumours About Sick Leave: Has My Privacy Been Invaded?
I have been signed off work for 2 weeks with stress and have had a team member message me and…
Re: Contacting Employees in Their Homes
A week ago my manager phoned my mobile whilst i was relaxing at home before a 12 hour night shift. She proceeded to…
Re: What to Do If Your Privacy is Invaded at Work
My boss left his password protected account left open I went on thinking it was a works account and found…
Re: Introduction to the Data Protection Act
My HR manger gave another employee my personal mobile number is this alowed, against GDPR?
Re: Worker-Manager Confidentiality
My former employer told the police about a serious medical condition I have. They only have this knowledge in their role within…
Re: Access Information Your Employer Holds About You
Asking in behalf of my son who has been asked to leave his previous employer 12 months ago, due to a fb…
Re: Worker-Manager Confidentiality
I have recently had to take time off work due to a miscarriage, and the loss of a family member both in a timescale of a…