Data Protection & Copyright – Data Protection of Customer Information

Last Updated
July 20, 2010

The Data Protection Act requires all businesses which handle personal information, including customer information, to comply with a number of important principles regarding privacy and disclosure.

Protecting customer information

The Act states that anyone who processes personal information, including customer information, must make sure that personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

Registering under the data protection act

  • If you take personal details from customers, it is a legal requirement that you register under the Data Protection Act.

Privacy policy

  • A privacy policy informs customers of your registration under the Data Protection Act.
  • It states your procedures for taking, processing and storing customer details.
  • It is not leg al requirement to h ave a privacy policy.

Customer rights

  • A customer has the legal right to know what information your business holds about them.
  • A customer can contact you in writing to request: what information you have; what it is being used for; how it was obtained; and if it is being passed onto third parties.
  • If you do not respond to the customer request, or if the customer feels your response is unsatisfactory, they may contact the Information Commissioner’ s Office to complain.
  • If the customer believes you have breached the Data Protection Act, they may contact the Information Commissioner’ s Office to complain.

More information

Related Articles
Popular Articles in Data Protection