Data protection glossary
Data is information which is stored electronically, on a computer, or in certain paper-based filing systems.
Data controllers are the organisations who process data. They have a responsibility to protect data and use it lawfully.
Data subjects living individuals about whom we hold personal data. A data subject need not be a UK national or resident. All data subjects have legal rights in relation to their personal data.
DPA the Data Protection Act 1998
Data Protection Policy a written document which provides the employees of a business with details of how their data will be processed and collected, including how the employer will deal with Subject Access Requests.
Data protection principles Part 1 of Schedule 1 to the DPA proving the guiding principles for the protection of personal data.
EEA The countries within the European Economic Area which conform to European Community Regulations on social security and have individual social security agreements with the United Kingdom.
Personal data means data relating to a living individual who can be identified from that data. Personal data can be factual i.e. a date of birth or it can be an opinion i.e. a performance appraisal.
Processing is any activity that involves use of the data. It includes obtaining, recording holding organising, amending, retrieving, using, disclosing, erasing, transferring or destroying the data
Sensitive personal data includes information about a person’s racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health or condition or sexual life, or about the commission of, or proceedings for, any offence committed or alleged to have been committed by that person. Sensitive personal data can only be processed under strict conditions, and will usually require the express consent of the person concerned.