"The Data Protection Act doesn't apply to us"
Actually, it does!
If you hold information on your employees, customer or supplier lists or perhaps information on potential target clients, you are required to comply with the DPA. Any information relating to individuals, whether it is as simple as a name, or as sophisticated as a detailed database, is protected under the DPA. Even photographs and CCTV footage are protected. What is more, failure to comply can be a criminal offence punishable by imprisonment and/or a fine.
Did you know that if you engage a third party to process information for you (such as payroll provider, administrator of a health or pension scheme, CCTV operator or tele-marketing provider) you are legally obliged to ensure that the provider is also complying with the DPA?
Our team can assist you in understanding your obligations and how to comply with those requirements in practice. We offer:
- detailed audits of your information processes and compliance advice
- privacy policies, information handling policies, data processor agreements
- advice on what to do if you receive a "subject access request" or a complaint from an individual