The Data Protection Act (1998) protects your individual privacy and ensures that Personal Data about you, which is processed or used by Eastbourne Borough Council, is both collected and processed responsibly for a specific legal purpose.
The Act states that Personal Data must be:
Fairly and lawfully collected and processed,
Relevant, adequate and not excessive to requirements,
Accurate, up to date and kept no longer than is necessary,
Never used or disclosed for any purpose other than what is stated in the Council’s Data Protection Register,
Available to Data Subjects upon request, consistent with their Data Subject Rights,
Secure against unauthorised loss, alteration or disclosure, and
Never transferred to countries that do not adequately protect Personal Data.
The term Personal Data refers to information that can be used to identify you both directly and indirectly. Personal Data can be stored either electronically or in a paper based format and can include details such as:
The Act has also been written to regulate the processing of your Personal Data by the Council. The term processing is difficult to define but can include actions such as storing, viewing, adapting, retrieving, collecting, disclosing, or deleting information.
Eastbourne Borough Council is a Data Controller registered with the Information Commissioner. This means that the Council may legally collect and process information about you so that we can:
Eastbourne Borough Council takes its responsibilities under the Act very seriously and endeavours to be open and transparent about the purposes for which it intends to use Personal Data by following sound and proper practices in order to comply with the eight Data Protection Principles set out in the Act.