My Rights

What is the Data Protection Act 1998?

It is a law which came into force at the end of October 1998. It was introduced to protect personal data, that is data about living individuals (you and me) no matter how it is processed, what it is processed for or who processes it.

 

How does it protect personal data about me?

By setting rules and conditions which all users of personal information such as the CCTV System you are querying (known as Data Controllers) must obey when obtaining storing and using information about you. The Act also provides you with certain rights that the Controllers must respect.

 

What are my rights?

  • To ask the organisation if it holds personal information about you.
  • To ask what it uses the information for.
  • To be given a copy of the information (subject to certain restrictions).
  • To be given details about the purposes for which the organisation uses the information and of other organisations or persons to whom it is disclosed.
  • To ask for incorrect data to be corrected.
  • To ask the organisation not to use personal information about you for direct marketing; which is likely to cause damage or distress or to make decisions about you based on the automatic processing of the data.
  • To compensation for damage or distress should these be caused by our failure to comply with certain requirements of the Act.

 

Why does the Organisation keep personal information?

So that we can provide you with the services you require, by monitoring for theft by both customers and staff and protecting customers and staff from health safety mishaps by collecting and monitoring key areas and maintain a record of the services provided.

 

What services do we provide?

  • Management services
  • Compliance databases
  • Consultancy
  • Licensing
  • Training
  • Installation
  • Environmental Health
  • Planning
  • Service cover
  • Legal support

 

Does CCTV Controller need my consent to use information about me for any of these purposes?

We require your consent only if we are going to process data about you for purposes other than those we are required to provide by law, or where we intend using data required for one legal purpose for another. All requests for information explain why we require the information requested and whether or not we need your consent.

 

Do I have to pay to see your information?

There is a charge of £10 for each request under the Act. Please enclose a cheque or Postal Order made payable to CCTV Controller.

 

What information will I receive?

Within forty days you will be given all of the information available and requested about you on both its computer and CCTV records, a description of the purposes for which we process your data, a list of others to whom it is disclosed and information about sources.

 

How will I be given the information?

You will be given a copy to keep and check for accuracy. This will either be a printout from the computer or a DVD of the requested incident.

 

What do I do if the data is incorrect?

You must write to the Data Protection Officer telling them what data is incorrect and asking for the data to be corrected. The Controller must tell you what it has done within 21 days of receiving your request. If the Controller does not agree that the information is incorrect you can ask it to record your disagreement on your records. You can also appeal to the Data Protection Commissioner or the court if the Controller does not correct the information.

 

How will I know if the Controller has done as I asked?

The Act requires us to respond no later than 21 days after we have received your request. If we do not do so or refuse to do as you ask you can appeal to the court.

 

How will I know if decisions about me have been made by automatic means?

The Controller will write to you and tell you. If requested the Controller will explain the rational behind the decision making process.

 

What can I claim compensation for?

If the Controller has broken any of the rules or conditions established by the Act and you have suffered damage or distress you may be able to claim compensation. You may also be able to claim compensation if the damage or distress was caused by the Controllers use of inaccurate data.

 

How do I make a claim for compensation?

Claims are made through the court which will only support a claim if you can show that the Controller had not taken reasonable care to ensure it complied with the Act. The Court has to be satisfied that you have suffered damage as a result of our use of inaccurate data.

 

Does the Controller provide help in understanding the information?

Yes, if you need help with the information provided, the application form or this leaflet, if you let the Data Protection Officer know and they will provide someone to assist you.

 

What do I do if I think I have not been given all of the information I asked for?

In the first instance contact the Oragnisations's Data Protection Officer who will research your complaint and attempt to provide the information you request. If you are still not satisfied contact the Information Commissioner's office will look into the matter on your behalf.

 

Contacting Information Comissioners

The Information Commissioners can be contacted at:

Information Line

01625 545745

 

Website

www.ico.gov.uk/

 

Email

mail@ico.gsi.gov.uk (don't forget to give your address if you expect a postal reply)

Switchboard

01625 545700

 

Fax

01625 524510

 

Postal address

Data Protection Commissioner

Wycliffe House

Water Lane

Wilmslow

Cheshire SK9 5AF