The Data Protection Act 2018 and the General Data Protection Regulation came into force on 25th May 2018. These replaced the Data Protection Act 1998. This new data protection legislation gives legal rights to individuals (data subjects) in respect of personal data held about them.
Purpose of the Act
The Data Protection legislation is designed to cover the collecting, storing, processing and distribution of personal data. It gives rights to individuals about whom information is recorded.
This applies to all individuals whether they are an employee, elected member or a member of the public. Each individual has the right to access personal data, and other rights.
They also have rights in relation to automated decision taking, to take action for compensation if they suffer damage by any contravention of the Act by the data controller, to rectify, block, erase or destroy inaccurate data and to report the data controller to the Information Commissioner to be made of if they feel that the legilation has been contravened.
The Act places obligations on those who record and use personal data (data controllers). They must be open about the use of such personal data through privacy notices and they must follow sound and proper practices by applying the Data Protection Principles.
To contact the Council in relation to a data protection issue, please write to:
Data Protection Officer
Burnley Borough Council
To make a subject access request, please complete the Subject Access Request Form and please supply suitable evidence of your identity.