Data Protection

The Data Protection Act 1998:
• Regulates the way data controllers process personal data
• Provides stronger protection for sensitive information
• Requires certain organisations to notify the Information Commissioner about their processing of personal data
• Gives individuals to whom the data relates various rights (including: right of access, ability to prevent direct marketing
• Establishes an enforcement regime

Certain expressions are given special meanings by the Act.

Data Controllers
A data controller is the person who determines the purposes for which, and the manner in which, any personal data is/are, or is/are likely to be processed.

Personal data

Personal data means data which relates to a living individual who can be identified from that data.

Processing

The Act applies when personal data is processed by a computer or is recorded in a structured manual filing system. The term "processing" covers virtually any use which can be made of personal data e.g. collecting, storing, using and destroying it.

Sensitive personal data

Sensitive personal data consists of information relating to the racial or ethnic origin of a data subject, his political opinions, religious beliefs, trade union membership, sexual life, physical or mental health condition or criminal offences or record. Where clubs and centres collect sensitive personal data (as will often be the case) , e.g. special dietary needs, health declarations on booking forms etc. additional criteria need to be fulfilled in order to ensure compliance. The most straightforward means to ensure compliance with these additional criteria is to include a consent statement within the data protection notice on the relevant collection form (see example data protection and consent notice below).

The Eight Data Protection Principles

In order to comply with the Act, a data controller must comply with the eight data protection principles which makes sure that the personal information is:
• Fairly and lawfully processed
• Obtained only for specified and lawful purposes
• Adequate, relevant and not excessive
• Accurate and kept up to date
• Not kept longer than necessary
• Processed in line with the rights of data subjects under the Act
• Secure
• Not transferred to other countries without adequate protection

Information Commissioner

The Information Commissioner´s Office ("ICO") is an independent authority set up to promote access to official information and to protect individual´s personal information. The Commissioner has enforcement responsibilities for the Data Protection Act 1998 and related regulations such as the Privacy and Electronic Communications Regulations and the Freedom of Information Act. The ICO website is very helpful and includes detailed guidance notes on many aspects of the Act.

for organisations, a guide to the general data protection regulation gdpr

As a club we are obliged to protect your data, you may have had emails from big businesses asking you to agree to continue to receive their promnotional emails etc. In the same way we hold limited data opn your selves as members.

Fisherrow Woodworking Group holds your personal information for the purposes of admistration and running the club. This information can only be accessed by the current office bearers of the club. Members emails, mobile phone numbers etc will not be given out by the club without your consent. You are of course welcome to exchange your contact details with any member(s) you wish. Fisherrow Woodworking Group emails will now be sent using the BCC function.

If your contact details change please let us know so we can keep our records accurate. If you have any questions regarding the data held by us please get in touch.

Data Protection Act 1998 - Declaration
By completing this form, I give permission for my data to be held in the club database and agree that the club may process personal data relating to me for personnel, administration and/or management purposes, make such date available to its advisers and as required by law.