Data protection policy

Definitions

The following definitions shall apply:

Data Protection Legislation means:

  • The UK General Data Protection Regulation ("UK GDPR")
  • The Data Protection Act 2018
  • The Privacy and Electronic Communications Regulations 2003 (as amended), and
  • Any other applicable law concerning the processing of personal data and privacy

Data means information which:

  • is processed wholly or partly by automated means
  • is processed other than by automated means and forms part of a filing system.  For example a structured set of data which are accessible by specific criteria
  • is processed other than by automated means and is intended to form part of a filing system

Personal data means any information, which either directly or indirectly, relates to an identified or identifiable living individual. Identifiers include:

  • name
  • address
  • date of birth
  • postcodes
  • unique identification numbers
  • location data
  • online identifiers (such as an IP address)
  • pseudonymised data
  • information relating to a person's social or economic status

Special Category Data means personal data consisting of information as to:

  • the racial or ethnic origin of the data subject
  • political opinions
  • religious beliefs or other beliefs of a similar nature
  • whether a person is a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992)
  • physical or mental health or condition
  • biometric and, or genetic data
  • sex life or sexual orientation

Criminal Convictions Data means personal data relating to:

  • the alleged commission of offences by the data subject, or
  • proceedings for an offence committed or alleged to have been committed by the data subject or 
  • the disposal of such proceedings, including sentencing.

Processing in relation to information or data, means any operation(s) performed on personal data or sets or personal data (whether automated or not) such as:

  • collection
  • use
  • Storage
  • disclosure 
  • dissemination
  • destruction

Data subject means an individual who is the subject of personal data.

Controller means a person or organisation who (either alone or jointly with others) determines the purpose and means of processing.

Processor, in relation to personal data, means any person or organisation (other than an employee of the controller) that processes data on behalf of the controller.

Law Enforcement Processing means processing for the purpose of:

  • the prevention, investigation, detection or prosecution of criminal offences, or
  • the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security.