Home > Privacy Law > Introduction to the Data Protection Act

Introduction to the Data Protection Act

By: Matthew Strawbridge - Updated: 20 Mar 2024 | comments*Discuss
Data Protection Act Personal Information

The Data Protection Act 1998 is a piece of legislation designed to safeguard details relating to living people.

It controls what organisations are allowed to find out about you, limits how they store and process this knowledge, and gives you the right to inspect your details and to correct them if they are wrong.

Data Protection Principles

The Data Protection Act sets out eight principles that form its basis. In basic terms, these principles are as follows, each relating to personal data:

  • It shall be processed in a fair way.
  • The purpose for which it was obtained shall be specified, and it shall not be processed for some other purpose.
  • It shall be adequate and relevant, and not excessive for its purpose.
  • It shall be accurate and kept up to date.
  • It shall not be kept for longer than is necessary.
  • Subjects have the right to access and correct what is held about them.
  • Appropriate technical and organisational measures shall be put in place to protect it.
  • It shall not be transferred to a country outside the European Economic Area unless that country has adequate laws of its own.

What Is Personal Data?

The protection principles apply to personal data. So, what is it?

In short, it is anything that can be used to identify a living person. This includes both information directly stored with an individual’s credentials, and more loosely bound records that could be matched up with an individual by subsequent processing.

Such personal data includes, but is not limited to, the following:

  • names
  • addresses
  • dates of birth
  • telephone numbers
  • email addresses
  • religion
  • race
  • political allegiance
  • medical history

Except for some specific exceptions, the Act relates to records held on computers.

Your Rights

Under this legislation, you have the following rights:

  • to gain access to computerised records about you and to some manual records
  • to correct, block, remove or destroy inaccurate records
  • to ask a data controller not to process information if that processing could cause you “substantial unwarranted damage or distress” (although they are not always bound to comply with such requests)
  • to request that your details not be used for unsolicited direct marketing
  • to object to automatic decisions made without human involvement and based on your data
  • to ask the Information Commissioner’s Office to investigate a perceived breach, and the right to claim compensation for damage, and possibly distress, if one is found to have taken place

Applications of the Act in your Workplace

There are two main reasons why you should make sure you understand the basics of this law. First, it applies directly to you. Your employer holds information about you, and it is in your own interests to ensure that they are complying with this legislation. This will ensure that the data they hold on you is not excessive, but is correct and is kept confidential. A second consideration is that if you are handling other people’s records you have a responsibility to treat their privacy with respect, and to comply with this law. By doing this, you keep your company’s customers happy and protect yourself and your employer from the threat of legal action.

*The EU General Data Protection Regulation (GDPR) superseded the UK Data Protection Act 1998 on May 25, 2018. The new policy expands the rights of individuals to control how their personal data is collected and processed. It places a range of new obligations on organisations to be more accountable for data protection.

Organisations are obliged to have technical and procedural measures in place to safeguard the personal information they hold.

You might also like...
Share Your Story, Join the Discussion or Seek Advice..
[Add a Comment]
I have an altercation with someone at work and it has gone to a disciplinary hearing and I’ve received a case file and it has letters that the person I had an altercation with had received with their address on that means they now have my address they would’ve received the same file is this against the data protection act considering there was an aggressive altercation ?
L - 20-Mar-24 @ 5:41 PM
My manager gave my personal phone number to somebody outside of the company. Is this allowed?
Chris - 20-Feb-24 @ 5:43 PM
My work place changed locks after I left the building yesterday (I open the building and was the only one on that shift that week). I received phone calls and text messages from my work out with working hours telling me to come collect the new key. I was busy so couldn’t. When asked where they got my mobile number (personal) they informed me that they got this off the Track and Trace information provided by myself. I came in this morning (there is another way of getting into the building that avoids the door with the new lock). A couple of hours later the building manager comes in and asks me if I got the key. I asked her what she was talking about and she informed me that a member of staff got my address and was coming to my door to give me the key. I have since found out they phoned my line manager who willingly gave them my address (which luckily turned out to be incorrect) without my permission but informed them that she would contact me. I had no attempt of contact from my manager yesterday to tell me this. Where do I stand with this? I am an extremely private person who has had to create boundaries with my work previous but now both my number and address have been used by people I do not know. Help!
SRM95 - 10-Sep-21 @ 11:00 AM
I resigned from my post and on my last day, my manager was off so he gave access to my data to his subordinates who also had a manager title. Can managers give access of another employee to another subordinate just because they also have the manager title ? Does this constitute a breach of data.
Mikki - 29-May-21 @ 6:08 AM
My work has given my address out to another work colleague to hand deliver letters on a couple of occasions and a colleague knocked on my door and then delivered the same letter.
Dav - 5-May-21 @ 10:28 AM
A colleague invited me to read (but I declined) another colleagues personal file which had been left in a box in archives. A room freely accessed for numerous reasons e.g resources etc. This person left the company at Christmas and I am still in touch with him. Surely his private data is not for public viewing ? I was disgusted as the person reading it disclosed sensitive information. Now I am stuck what to do.The manager gave her permission to read it but surely this is not allowed.
Churchill - 28-Mar-21 @ 7:38 AM
Is my employer able to force me to wear a name badge displaying my full name? I feel it’s too much personal identifying information
Angelina Gibson - 23-Feb-21 @ 11:03 PM
A friend in a call centre is concerned as the new manager has started emailing weekly stats which show all her teammates toilet break times, call times etc as she feels this is none of her business. Is this a breach of GDPR? (Thinking if people are unwell and suddenly use the toilet more / menstruating / pregnant etc)
Mel - 12-Feb-21 @ 6:29 PM
Hi there, Can my employer share my address with a line manager as I have had a line manger come to my house to call me into work as I’mflexi furlough and my mobile was switched off does this breach GDPR
Steve - 9-Feb-21 @ 12:25 PM
My HR manger gave another employee my personal mobile number is this alowed, against GDPR?
NC43 - 27-Jan-21 @ 8:54 AM
At college in the nursery I work in has recently given a parent of a child I care for my personal home address, is this right?
GB - 25-Jan-21 @ 11:24 AM
Does my manager have the right to share my personal mobile number with a director without my permission?
MB - 21-Jan-21 @ 6:56 AM
A team member shared I was having the vaccine with her family and friends - is this a GDPR breach?
MH - 11-Jan-21 @ 1:27 PM
On two occasions recently my employer has given a fellow employee, my address to hand deliver letters to me is this legal? As I’m concerned they are giving out my address without my permission.
Eddie - 11-Dec-20 @ 6:17 PM
Hi there, I was off due to an illness and my employer was telling everyone down where we take our vans to get repaired about how and why I was off sic....is this a breach in data protection or not
Rich007 - 3-Dec-20 @ 1:41 PM
Is it legal for your manager to carry your details ie wage slips on their phone or is it a breach also I'm not being given wage slips he is keeping them unable to check pay etc is right
H - 2-Oct-20 @ 7:11 AM
Previously my wage slips were available through Xero and is password protected.I have left this job and he has sent my payslips along with my P45 via email and copied a member of his family and a co worker who is not a Director.As you can imagine my DOB, address N.I. Is that appropriate under GDPR
Jayne - 4-Sep-20 @ 7:12 AM
Can a agency consultant share information given by the temp worker {email} to the employer either verbally or by email...
Pauline - 14-Jul-20 @ 10:07 AM
Hello On my eife work place Som one ar send privet personal information to somone Wat shuld we do now..
Misiek - 25-Jun-20 @ 7:11 PM
My ex employer told my ood colleagues that they had not passed my probation and had let me go, is this allowed? I feel humiliated and angry that they have discussed what should have been a personal and private discussion with my old colleagues. Is this allowed? My boss also sent my personal mobile number to my colleagues without my consent prior to letting me go, is this allowed?
KA - 22-May-20 @ 10:24 AM
Does my line manager have the right to share my mobile number with other staff without my permission?
Mhystie26 - 25-Mar-20 @ 5:01 PM
I have recently had to take time off work because of personal reasons, and think my boss has explained to customers why I was off and for how long for. I feel like he or any of my colleagues should be talking about my personal circumstances with the general public.
HB - 23-Jan-20 @ 4:33 PM
I work in retail premises a work colleague spotted a diary on a shelf on shop floor he handed it to me thinking it was mine as he read a medical certificate that was in it (a fit for work note I presented to my manager about a month ago) I was absolutely horrified as it had my personal details as well as medical complaint on it .I approached my boss said I wasnt happy with his negligence said it breached my data protectionbut he just took it and placed it in a file in safe Should he still have this on premises after a month and is this a breach of my rights ?
Aridon - 7-Jan-20 @ 7:22 PM
My employer has repeatedly given out my personal phone number to customers etc, despite me having said several times i do not want my personal mobile number given out. Is this a breach of the data protection act? And, what if any action can i take against my employer
C - 7-Dec-19 @ 10:18 AM
At my work place our absence/holiday request forms are stored in a clear polypocket stuck on the wall by the manager's desk. Our overtime record sheets are stored in the same way. Is this acceptable HR?
MA - 17-Oct-19 @ 9:57 PM
At my workplace we have a folder with names and phone numbers in which is only meant to be used to contact people while we are at work for work purposes and it says do not copy or photo copy it is part of data protection, but a staff member took a photo of this and shared it on a group chat with other work colleges and she only got a warning for this, surly she should have got the sack and could I take this further as I didn’t want my phone number shared in this way.
Elaine1 - 3-Sep-19 @ 11:18 AM
I pressed 'i do not consent' to my exit interview being shared, but HR have shared it with management in my office who are now giving me the cold shoulder - is this legal?
EO - 16-Jul-19 @ 5:14 PM
I asked last week if my boss could help me with a personal loan or a loan from the company of £7000, this was for me and my partner to help us get on the property ladder.This discussion was in private and confidential. Today he was angry with other employees and blurted out in front of other employees that if I or other employees keep wasting money running vehicles around empty there was no way he could give me the £7000 I asked to borrow.Even tho in private last week he said there was nothing he could do to help. It was private information that my co-works now know about which shouldn’t have happened.Where do I stand?
Poohbear - 25-Jun-19 @ 9:24 AM
My ex employer has posted my P45 to another ex employee she didn’t work at the same home as me but had contacted me to say she has half my p45 containing all my personal details
N/A - 3-Jun-19 @ 11:36 AM
Is it right for a senior or leader to give you're number to a member of staff without your permission
alidowell - 24-May-19 @ 8:45 PM
Share Your Story, Join the Discussion or Seek Advice...
(never shown)
(never shown)
(never shown)
(never shown)
Enter word:
Latest Comments