|
|
The
data protection principles
The
Acts ensure that people comply with eight principles.
- the
information to be contained in personal data shall be
obtained, and personal data shall be processed, fairly and
lawfully;
- personal
data shall be held only for one or more specified and
lawful purposes;
- personal
data held for any purpose or purposes shall not be used or
disclosed in any manner incompatible with that purpose or
those purposes;
- personal
data held for any purpose or purposes shall be adequate,
relevant, and not excessive in relation to that purpose or
those purposes;
- personal
data shall be accurate and, where necessary, kept up to
date;
- personal
data held for any purpose or purposes shall not be kept
for longer than is necessary for that purpose or those
purposes;
- an
individual shall be entitled, at reasonable intervals and
without undue delay or expense, to be informed by any data
user whether he holds personal data of which that
individual is the subject; and to access to any such data
held by a data user; and, where appropriate, to have such
data corrected or erased;
- appropriate
security measures shall be taken against unauthorised
access to, or alteration, disclosure, or destruction of,
personal data and against accidental loss or destruction
of personal data.
|
|
