How Does the Data Protection Act Apply?


Share on facebook
Share on Twitter
Share on Google+

Data Protection Act dictates how an individual’s ‘personal data’ should be held and ‘processed’ by a business or an organisation. An individual’s data is regarded as personal if:

  • a living individual can be identified from the data, or from other information in your possession, or that likely to come into your possession.
  • the data relates to an identifiable living individual, in person, family life, business or profession.
  • the data is obviously about a particular individual.
  • the data is linked to an individual so that it provides particular information about that individual.
  • the data is used, or is to be used, to inform or influence an action or decision affecting an identifiable individual.
  • the data has any biographical significance in relation to the individual.
  • the data concentrates or focuses on the individual as its central theme rather than on some other person, or some object, transaction or event.
  • the data impacts, or has the potential to impact, an individual whether in a personal, familial, business or professional capacity.

Information about an individual that has any of the above characteristics, including the individual’s race or ethnic group, political or ideological leaning, religious belief, health, address, bank details, membership of trade unions, sexuality, and/or criminal offences, charges or allegations.

The Act also defines the ‘processing of personal data’ as obtaining, recording or holding of said information. So, the Data Protection Act applies since you will be obtaining and recording, that is, processing,  such documents as a passport, work visa, and biometric residence permit, which undoubtedly possesses sensitive information about the person. So, care should be taken not to breach any of the provisions of the Act.

The Act means that anybody whose personal data/information is to be obtained has the right to know that such information about them is being obtained and processed, why it is being processed, and who else it may be to revealed to. So, a potential lodger has to be informed of why their immigration documents and others are being demanded, that a record of it will be kept, and the purpose of doing so.

You must also adhere to the following. (i) Don’t hold the data longer than required. The ‘right to rent act’ allows  landlords to hold the tenants‘ data during the time of tenancy and 12 months after, no longer. (ii) Make sure that the data is processed fairly and lawfully. (iii) Don’t ask for, or hold, more data than relevant. So, information such as ethnicity, sexuality, political standing, and religious belief should not be demanded. (iv) Ensure the security of the data obtained. (v) Make sure not to process it against the right of the individual. These are part of the requirements of the act and must be adhered to.


Share on facebook
Share on Twitter
Share on Google+

Subscribe To Our Newsletter