Data Protection Act 1998


Data Protection Act 1998

What is data protection?

Data protection laws protect your privacy and ensure that your personal data is processed fairly and lawfully.

Personal data is information that can identify you. This can include:

  • your name
  • address
  • other information the Council may hold about you such as library records or social care information.

Personal data can be stored electronically or in a paper-based filing system. 'Processing' personal data involves it being held, obtained, organised, adapted, retrieved, consulted, disclosed or deleted.

How can I access information about me?

If you would like to see information you think we hold about you, you can print out a Subject Access Request Form and send it to us with two pieces of identification and a cheque for £10 made payable to Rother District Council.

Depending on the sensitivity of the data being released, we may ask for further documentation such as a passport or photo ID driving licence.

Once we have received your request with the appropriate identification and fee, we have a duty to respond to you within 40 days.

If you have any questions about identification requirements or any other aspect of a subject access request, you can email us at

If information is held about me, what are my rights?

You have the right to:

  • find out what information is held about you
  • ask for inaccurate data to be corrected, erased or destroyed. If you believe that inaccurate data has caused you damage or distress, you may be able to claim compensation.
  • request that your personal data is not used to send you junk mail
  • request that decisions about you are not made solely by an automated process, e.g. credit scoring on a computer
  • request that your data stops being processed, if you believe that the processing will cause you damage or distress.

What is the Data Protection Act 1998?

The Data Protection Act 1998 updated and extended the Data Protection Act 1984. It has been further updated by the Freedom of Information Act 2000. It states that personal data must be:

  • fairly and lawfully collected and processed
  • relevant, adequate and not excessive to requirements
  • accurate, up to date and kept no longer than necessary
  • not used or disclosed for any other purpose other than stated in the Register
  • available to data subjects upon request, consistent with their rights
  • secure against unauthorised loss, alteration or disclosure
  • not transferred to countries that don't protect personal data adequately.

Rother District Council is a data controller registered with the Information Commissioner. This means we may collect and process information about you so that we can:

  • provide you with services you require
  • maintain records of services that we provide.

Data controllers must comply with the Data Protection Act 1998 and the Data Protection Principles. We keep your personal data safe and secure. We do not share it with other organisations without your knowledge, unless we are required by law to do so, e.g. the Electoral Register which the law says must be available to the public.

The Data Protection Act 1998 is concerned with information we hold about you as a person.  You may be entitled to obtain other information held by us (but not private information about another person) under the Freedom of Information Act 2000 (see right).  Effectively, the two pieces of legislation are mutually exclusive.

How to find out more about the Data Protection Act 1998

If you would like to find out more, you will find helpful resources on the website of the Information Commissioner.

Who can I contact?

Customer Services by phone on 01424 787000*

*Applications under the Data Protection Act 1998 cannot be made by telephone, but you can ask us to send you our application form.

Service Manager - Corporate and Human Resources, Town Hall, Bexhill-on-Sea, East Sussex, TN39 3JX.


Powered by GOSS iCM