The Data Protection Act was introduced:

• To give individuals right of access to their own personal data
• To regulate and control how individuals and organisations acquire and use personal data by placing certain obligations on data controllers (those who process data).

The purpose of the Act is to ensure that data is processed with the highest level of protection to safeguard the interests of individuals to prevent any cause of harm or suffering to a person.

Top

The Council holds a variety of information about local residents in South Tyneside. Personal data is information that identifies you as a living individual. The Act does not cover personal data about deceased individuals.

Top

It refers to any personal data held about you and can refer to any of the following:

• Videos/tapes
• CCTV footage
• Electronic databases
• Paper filing system
• Photographs (including scanned images)
• Emails

Top

Personal data has to be gathered to allow the Council to provide its services efficiently and effectively e.g. Council Tax, Housing Benefits, Rent, Education, Social Services etc). Some examples of personal data include:

• Personal data e.g. names/addresses/telephone numbers
• Tenancy agreements
• Complaints file
• Photographs
• An expression of an opinion
• A statement from a doctor

Top

Under the Data Protection Act anyone processing personal information must comply with the eight principles of handling information.

The Act stipulates that data processed must be:

• Obtained fairly and lawfully
• Obtained only for the specified purpose it was given and can not be used for any other incompatible purpose
• Should be adequate, relevant and not excessive
• Should be kept up to date and accurate
• Should not be kept for longer than necessary
• Should be processed in accordance with the individuals rights (i.e. data subject)
• Should be secure
• Should not be transferred to countries outside the European Union unless that country has adequate protection for the individual

Top

South Tyneside Council cannot process personal data fairly and lawfully unless one of the following criteria has been met:

• The individual has given his or her consent to the processing
• Processing is necessary for the performance of a contract with the individual
• Processing is required under a legal obligation
• Processing is necessary to protect the vital interests of the individual
• Processing is necessary to carry out public functions e.g. administration of justice
• Processing is necessary in order to pursue the legitimate interests of the data controller or third parties (unless it could unjustifiably prejudice the interests of the individual)

Top

The Act provides you with the following rights:

• The right to a subject access request to find out what personal data is held about you.
• The right to prevent processing of personal data
• The right to prevent process for direct marketing
• Your right in relation to automated decision-taking - for e.g. individuals have a right to object to automated decisions made them where there has been no human involvement
• The right to compensation for damage or distress caused by a breach of the Act.
• The right to rectify, block or erase inaccurate data held on file
• The right to ask the Information Commissioner to assess your case if personal data has not been processed in accordance with the Data Protection Act.

Top

All personal data supplied to the Council must be used for the purpose it was specified for. If we wish to process existing information for a new purpose we are legally abided to inform you of this change and sought your consent.

However, there are a number of exemptions that apply to the Act where we are exempt from obtaining your consent:

• The prevention or detection of crime
• The assessment or collection of taxes/social benefits
• The carrying out of a regulatory function

Under this requirement we are also exempt from Electoral Registration changes or where data consists of our intentions with regards to negotiations with individuals.

Top

Any person, regardless of their age can request information about themselves so long as it is supported with appropriate photo identification, e.g. passport, driving license and they have the capacity to understand the information provided.

Top

You only have right of access to your own personal data. You do not have right of access to personal data about any other individual e.g. your family, friends or neighbours except in the following circumstances:

• You are a parent requesting information about a child under 16 but there is no automatic right to the data. If a child is older to give informed consent and understands the contents of the information, the Council would be guided by their wishes. In all cases disclosure of information would only occur if it were in the best interests of the child.
• A solicitor is requesting information on behalf of a client
• You have obtained written authorisation to act on behalf of someone else.

Top

Yes. The Act has no minimum age requirement for applicants. Children can apply for access to their own records provided they are capable of understanding the nature of the request and the information content disclosed.

Top

Yes usually but there are exemptions under the Data Protection Act that prevent certain records being released. The main exemptions are as follows:

• Law enforcement - catching or prosecuting offenders
• National security
• Assessing or collection of taxes/duties
• Adoption records and reports
• Examinations marks and examinations comments
• Personal data about someone
• Information that would identify someone who has supplied data in confidence about you.

In circumstances where data held on you relates to another person, the Council will need to seek their permission before this information can be released.

Top

A friend, relative or solicitor may request information on your behalf but they must have obtained written authorisation from you to do this.

Top

There is a £10 charge for all data protection requests (up to £50 for Education Records) but this fee is waived for people who have been in care as a child. A £10 fee is also chargeable for any repeated requests within a 12 month period where duplicate documents have to be provided. Costs for postage and photocopying may also apply.

Top

All subject access requests must be responded to within 40 calendar days and must confirm the following data:

• A description of the personal data held
• Why the data is held
• Who else may have been given the data
• A copy of the data
• An explanation of any technical terms or abbreviations
• Any information about the original source of information

If your request is unclear or ambiguous the 40 statutory calendar day period will be suspended and will not commence until we have received clear instructions from you.

Top

Generally you will be given a copy of the records we hold on you. This may be in a form of a computer printout or a photocopy of manual records.

Top

The Council is legally obliged under the Data Protection Act to keep personal data accurate and up to date. If you believe personal data we hold about you is inaccurate you will need to make a request in writing so we can review your case. The Council has 21 days to respond to your notification and agree and update the information. Should the Council disagree with your request you may ask to have the decision recorded on your personal file. If however, you are dissatisfied with this decision you can appeal to the Data Protection Officer. Any further action would have to be taken up by the Information Commissioner where an independent panel of experts will review your case.

Top

If you feel the Council has not abided by the legal requirements of the Act and has caused you unforeseen damage or distress you may in some circumstances be able to make a claim for compensation. Claims of compensation may also be submitted for inaccurate data.

Top

You will need to appoint a solicitor to act on your behalf to make a claim through the courts. Please note all claims made through the Court must be supported by documented evidence that supports the Council has not taken all reasonable steps to ensure compliance with the Act and that as a result damage or distress has been incurred.

Top

The Council will offer guidance and advice about the information you have requested. Just simply contact the person who dealt with your request.

Top

You may request that the information be supplied in a particular format, though this may, in certain circumstances, incur an additional cost. It may also be possible to supply the information in braille, audio format, large type, or another language but you must clearly state this in your request.

Top

Simply write to the Council to request your information be removed from any direct marketing lists. The Council will respond to you within 21 days to confirm if this request can be met.

Top

All subject access requests must be made in writing to the Data Protection Officer at the address below and should clearly state your name, address, date of birth and the reason for your request.

Records Management Team
South Tyneside Council
Town Hall, Westoe Road
South Shields
Tyne and Wear
NE34 6LU

Tel. No: 0191 424 6537/6538
Email: dataprotection@southtyneside.gov.uk

If you require particular information about a service or event then please clearly state this, as this will help us to speed up your request.

A subject access request form is available should you wish to make a your request via the Council's website at www.southtyneside.info

Top

If your subject access request is refused you can appeal against this decision by writing to the Information Commissioner at the address below:

Information Commissioners Office
Wycliffe Lane
Wilmslow
Cheshire
SK9 5AF

Tel. No: 01625 545745
Fax No: 01625 534510
Email: mail@ico.gsi.gov.uk
Website: informationcommissioner.gov.uk

Please note if you contact the Information Commissioner first it is likely your complaint will be redirected back to the Council to give us the opportunity to respond to the request.

Top