The Impact on Marketing-Related Activities of the Data Protection Act and Related Legislation

Size: px
Start display at page:

Download "The Impact on Marketing-Related Activities of the Data Protection Act and Related Legislation"

Transcription

1 The Impact on Marketing-Related Activities of the Data Protection Audience 1. This guidance is intended for all University staff who maintain or use database of contacts for marketing purposes, including publicising events and programmes, fundraising, alumni activities and offering goods for sale Scope 2. The guidance explains the impact of the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 on marketing activities, and identifies the steps necessary for compliance with this legislation. Requirements for all forms of communication 3. At the time that contact information is collected, affected individuals must be made aware that we have the information and of the uses to which we intend to put it. People must be given a clear understanding of the means of contact that we intend to use. For example, if people have just provided a name and address, the expectation is that we will contact them by post. It would be unacceptable to telephone them without having told them of this possibility. 4. If contact information is collected on a form to be returned to the University, we must enable people to opt out of contact on the form itself, and not simply provide them with an additional address they can contact. 5. If the information is collected on a form that is also used for other purposes, but some of the information is only needed for marketing, then this should be made clear on the form. 6. At any time, an individual may say that they do not wish to be contacted for marketing purposes. Within 21 working days of receiving such a notification, we must add their name to a stop list and ensure that we do not contact them again unless they specifically ask us to do so. 7. If we acquire contact details from a third party, we must check the following: What information about the use of the data was provided at the time the data was collected? Did the individuals indicate any preferences about their means of contact? How have unsubscribe requests been handled? How has the list been kept up-to-date? 1

2 8. We must keep the information securely and ensure that access to it is limited to those who need to see it in the performance of their duties. 9. Seek further advice from the Records Management Section if the information is going to be passed outside the European Economic Area. Guidance is available at The University must clearly identify itself in any communication. 11. We are responsible for ensuring that subcontractors also comply with all relevant requirements. Additional requirements for 12. We can contact people on an opt out basis if we are offering them paid goods or services which are similar to ones they have already purchased from us, and they were offered the opportunity to opt out at the time of the purchase. 13. We must have people s consent (ie specific opt in) to contact them by for all other marketing purposes, including free events, fundraising or paid goods or services in which they have not previously shown an interest. 14. If an mailing list was compiled in accordance with privacy legislation in force before 11 December2002 and has been used recently we can continue to use. Each time a communication is sent, the individual must be given an opportunity to opt out addresses must not be harvested from websites and other sources in the public domain. 16. The University's identity must be clearly stated in the "from" header of any we send. It is good practice that the subject line should accurately reflect the subject to purpose and content of the message. Avoid use of "Re" or "Fw" in the title. 17. In every communication, we must provide easily used contact details (including an address) so that people can opt out of receiving further communications if they wish to do so. Additional requirements for postal communications 18. Contact may be on an opt out basis. You should ensure that people are told about the proposed use and given an opt out at the time the contact details are collected. If this was not done, it would still be acceptable to contact people by post, provided that every communication gives them a clear and easy way to opt out of future communications. 2

3 Additional requirements for fax, automated calling or SMS messaging 19. We can only contact people by these means if they have specifically agreed that we may do so (i.e. specific opt in). 20. On all communications we must provide a contact address or a phone number that can be used free of charge to opt out of further contact. Additional requirements for telephone calls 21. All call lists must be screened against a recent Telephone Preference Service listing. We must not contact a person listed with the Telephone Preference Service unless they have specifically said we may do so (ie specific opt in). We may contact other people on an opt out basis. 22. It is good practice to state purpose of the call at the beginning of the conversation. 23. If we record telephone calls, we must tell the contact that the call is being recorded and the uses to which the recording will be put. 24. On request, we must provide a contact address or a telephone number that can be used free of charge to opt out of receiving further calls. Background 25. The Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 both affect how information about living, identifiable individuals for marketing activities. 26. The Data Protection Act is concerned with personal data. For practical day-to-day purposes, personal data is any information held by the University about living, identifiable individuals. It gives people the right to see that information, and sets out 8 principles with which the University must comply whenever it collects, uses or stores personal data. They are: 1. Personal data shall be processed fairly and lawfully. This means that, at the time the data is collected, people must be told what we intend to do with that data. 2. Personal data shall not be processed in any manner incompatible with the purposes for which it was originally collected. This means that unless we have told people that we are going to use their contact details for marketing purposes, then we cannot do so. 3. Personal data shall be adequate, relevant and not excessive for the purposes for which it is processed. In other words, we must be careful to collect only the information we need. 4. Personal data shall be accurate and, where necessary, kept up to date. 3

4 5. Personal data shall not be kept for longer than is necessary. 6. Personal data shall be processed in accordance with the rights of data subjects, including a right to see what information the University holds about them, a right to require the University to stop using information about them, and a right to require the University to amend inaccurate or out-of-date data. 7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. 8. Personal data shall not be transferred outside the European Economic Area unless that country or territory without an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. This means that in most cases where personal data is transferred overseas, we must have a contract in place that includes appropriate safeguards. 27. The Privacy and Electronic Communications (EC Directive) Regulations apply to all organisations that use telephones, s, faxes, SMS messages etc for direct marketing. The definition of direct marketing covers not just the offer for sale of goods or services, but also the promotion of an organisation s aims and ideals. For the purposes of this legislation, fundraising, publicising events and programmes and offering goods for sale all qualify as marketing. 28. The Regulations imply two potential sorts of direct marketing relationships: a cold one whereby the organisation has had no previous contact with the individual or a warm one, where an individual has in the past actively expressed an interest in purchasing an organisation s products and services and has not opted out of further marketing of those, or similar, products or services. The Information Commissioner has said that it is not possible for fundraisers to have a warm relationship with an individual within the terms of this legislation; the relationship has to have been a commercial one involving the sale of something. Publicising free events is also unlikely to qualify as a warm relationship. 29. Under the Regulations it is possible to make solicited or unsolicited contact for direct marketing purposes. In the former case, the individual has specifically asked an organisation to contact them about its products and services, perhaps by filling in a form asking to be sent information. Unsolicited communications are those where the individual has not asked to be contacted at this particular time, but they have positively indicated that they do not mind being contacted. The Information Commissioner s guidance implies that situations where individuals have ticked a box to indicate that they want to receive marketing materials, and situations where they have been offered an opportunity to tick a box to indicate that they do not want to receive marketing materials will both fall into the unsolicited category. Almost all the University s marketing communications will fall into the unsolicited category. 4

5 30. Both pieces of legislation are policed by the Information Commissioner. In the worstcase scenario, failure to comply with these requirements can result in a fine of up to 500,000 or the Information Commissioner requiring the destruction of the entire marketing contacts database. In addition, individuals have a right to compensation if they have been damaged by a breach of these laws, although there is sometimes a defence if the University can demonstrate that all reasonable care has been taken to prevent the breach. About this guidance Version: 01 Date: July 2013 Author: Susan Graham 5

Data Protection and Privacy Policy

Data Protection and Privacy Policy Data Protection and Privacy Policy 1. General This policy outlines Conciliation Resources commitments to respect the privacy of people s personal information and observe the relevant data protection legislation.

More information

1. Introduction. 2. Sectoral Areas Affected. 3. Data Security. 4. Data Breach Requirements. 5. Traffic Data

1. Introduction. 2. Sectoral Areas Affected. 3. Data Security. 4. Data Breach Requirements. 5. Traffic Data 1. Introduction Special data protection rules apply to the protection of Personal Data by Data Controllers in the electronic communications sector. These are in addition to the general obligations that

More information

technical factsheet 176

technical factsheet 176 technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection

More information

How To Know What You Can And Can'T Do At The University Of England Students Union

How To Know What You Can And Can'T Do At The University Of England Students Union HOW WE USE YOUR INFORMATION This privacy notice tells you what to expect when University of Essex Students Union (referred to as the SU herein) collects personal information. It applies to information

More information

UNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY

UNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY UNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY 1. Purpose 1.1 The Data Protection Act 1998 ( the Act ) has two principal purposes: i) to regulate the use by those (known as data controllers) who obtain,

More information

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:

More information

"Direct marketing" is not limited to advertising goods or services for sale. It also includes promoting an organisation s aims and ideals.

Direct marketing is not limited to advertising goods or services for sale. It also includes promoting an organisation s aims and ideals. Direct Marketing Most direct marketing activities must comply with the requirements of the Data Protection Act 2002 (DPA) and, where that direct marketing is communicated by electronic mail, telephone

More information

Merthyr Tydfil County Borough Council. Data Protection Policy

Merthyr Tydfil County Borough Council. Data Protection Policy Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the

More information

Data Protection Policy

Data Protection Policy Internal Ref: NELC 16.60 Review date December 2016 Version No. V04 Data Protection Policy 1 Data Protection Statement Data Protection Policy 1.1 North East Lincolnshire Council recognises that in order

More information

PRIVACY POLICY. comply with the Australian Privacy Principles ("APPs"); ensure that we manage your personal information openly and transparently;

PRIVACY POLICY. comply with the Australian Privacy Principles (APPs); ensure that we manage your personal information openly and transparently; PRIVACY POLICY Our Privacy Commitment Glo Light Pty Ltd A.C.N. 099 730 177 trading as "Lighting Partners Australia of 16 Palmer Parade, Cremorne, Victoria 3121, ( LPA ) is committed to managing your personal

More information

Corporate ICT & Data Management. Data Protection Policy

Corporate ICT & Data Management. Data Protection Policy 90 Corporate ICT & Data Management Data Protection Policy Classification: Unclassified Date Created: January 2012 Date Reviewed January Version: 2.0 Author: Owner: Data Protection Policy V2 1 Version Control

More information

DATA PROTECTION POLICY. Examples of personal data which TWM may require from clients include the following and for the reasons ascribed to each;

DATA PROTECTION POLICY. Examples of personal data which TWM may require from clients include the following and for the reasons ascribed to each; DATA PROTECTION POLICY Introduction TWM Solicitors maintain certain personal data about individuals for the purposes of satisfying operational and legal obligations. The Data Protection Act sets rules

More information

DATA AND PAYMENT SECURITY PART 1

DATA AND PAYMENT SECURITY PART 1 STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY DATA PROTECTION POLICY Document Control Information Title Data Protection Policy Version V1.0 Author Diana Watt Date Approved 21 February 2013 Review Date Annually, on the anniversary

More information

START UP LOANS PRIVACY AND DATA PROTECTION TERMS AND CONDITIONS

START UP LOANS PRIVACY AND DATA PROTECTION TERMS AND CONDITIONS START UP LOANS PRIVACY AND DATA PROTECTION TERMS AND CONDITIONS Table of Contents 1. ABOUT THIS POLICY... 3 2. WHO WE ARE AND WHO IS RESPONSIBLE FOR YOUR PERSONAL DATA... 3 3. WHERE WE COLLECT YOUR PERSONAL

More information

Data Protection Act. Privacy & Security in the Information Age. April 26, 2013. Ministry of Communications, Ghana

Data Protection Act. Privacy & Security in the Information Age. April 26, 2013. Ministry of Communications, Ghana Data Protection Act Privacy & Security in the Information Age April 26, 2013 Agenda Privacy in The Information Age The right to privacy Why We Need Legislation Purpose of the Act The Data Protection Act

More information

DATA PROTECTION ACT 1998 COUNCIL POLICY

DATA PROTECTION ACT 1998 COUNCIL POLICY DATA PROTECTION ACT 1998 COUNCIL POLICY Page 1 of 5 POLICY STATEMENT Blackpool Council recognises the need to fully comply with the requirements of the Data Protection Act 1998 (DPA) and the obligations

More information

Guidance on political campaigning

Guidance on political campaigning I ICO guidance Guidance on political campaigning 3 Guidance on political campaigning Data Protection Act Privacy and Electronic Communications Regulations Contents Introduction... 3 A. Why comply?... 5

More information

FISHER & PAYKEL PRIVACY POLICY

FISHER & PAYKEL PRIVACY POLICY FISHER & PAYKEL PRIVACY POLICY 1. About this Policy Fisher & Paykel Australia Pty Limited (ABN 71 000 042 080) and its related companies ('we', 'us', 'our') understands the importance of, and is committed

More information

ESTRO PRIVACY AND DATA SECURITY NOTICE

ESTRO PRIVACY AND DATA SECURITY NOTICE ESTRO PRIVACY AND DATA SECURITY NOTICE This Data Privacy and Security Policy is a dynamic document, which will reflect our continuing vigilance to properly handle and secure information that we are trusted

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Title Author Approved By and Date Review Date Mike Pilling Latest Update- Corporation May 2008 1 Aug 2013 DATA PROTECTION ACT 1998 POLICY FOR ALL STAFF AND STUDENTS 1.0 Introduction 1.1 The Data Protection

More information

CORK INSTITUTE OF TECHNOLOGY

CORK INSTITUTE OF TECHNOLOGY CORK INSTITUTE OF TECHNOLOGY DATA PROTECTION POLICY APPROVED BY GOVERNING BODY ON 30 APRIL 2009 INTRODUCTION Cork Institute of Technology is committed to a policy of protecting the rights and privacy of

More information

Data Protection for Charities

Data Protection for Charities Data Protection for Charities CFG 15 May 2014 Overview Overview and key definitions The data protection principles Fair and lawful processing Data security and outsourcing Rights of data subjects Recent

More information

Information Governance Policy

Information Governance Policy Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its

More information

UNIVERSITY OF ABERDEEN POLICY ON DATA PROTECTION

UNIVERSITY OF ABERDEEN POLICY ON DATA PROTECTION UNIVERSITY OF ABERDEEN POLICY ON DATA PROTECTION The Data Protection Act 1998 (DPA) was passed in order to implement the EU Data Protection Directive (95/46/EC) and applies to all data relating to, and

More information

Data Protection Consent Clause and Policy Background

Data Protection Consent Clause and Policy Background Data Protection Consent Clause and Policy Background The Singapore Personal Data Protection Act - 2012 (PDPA) establishes a data protection law that comprises various rules governing the collection, use,

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection

More information

Data Protection Policy

Data Protection Policy Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and

More information

Kinds of information that the Company collects and holds

Kinds of information that the Company collects and holds Privacy Policy Verandah Bar & Bistro Pty Limited Introduction 1. From time to time Verandah Bar and Bistro Pty Ltd ("the Company") is required to collect, hold, use and/or disclose personal information

More information

Data Protection Policy

Data Protection Policy 1 Data Protection Policy Version 1: June 2014 1 2 Contents 1. Introduction 3 2. Policy Statement 3 3. Purpose of the Data Protection Act 1998 3 4. The principles of the Data Protection Act 1998 4 5 The

More information

CentralNic Privacy Policy Last Updated: July 31, 2012 Page 1 of 12. CentralNic. Version 1.0. July 31, 2012. https://www.centralnic.

CentralNic Privacy Policy Last Updated: July 31, 2012 Page 1 of 12. CentralNic. Version 1.0. July 31, 2012. https://www.centralnic. CentralNic Privacy Policy Last Updated: July 31, 2012 Page 1 of 12 CentralNic Privacy Policy Version 1.0 July 31, 2012 https://www.centralnic.com/ CentralNic Privacy Policy Last Updated: February 6, 2012

More information

10 DATABASE PRACTICE

10 DATABASE PRACTICE 10 DATABASE PRACTICE Background Marketers must comply with all relevant data protection legislation. Guidance on that legislation is available from the Information Commissioner's Office. Although data

More information

2. Scope 2.1 This policy covers all the activities and processes of the University that uses personal information in whatever format.

2. Scope 2.1 This policy covers all the activities and processes of the University that uses personal information in whatever format. University of Westminster Personal Data Protection Policy For Compliance with the Data Protection Act 1998 1. Background 1.1 The Data Protection Act 1998 (DPA) defines personal data as data and information

More information

Data Protection Act 1998 The Data Protection Policy for the Borough Council of King's Lynn & West Norfolk

Data Protection Act 1998 The Data Protection Policy for the Borough Council of King's Lynn & West Norfolk Data Protection Act 1998 The for the Borough Council of King's Lynn & West Norfolk 1 Contents Introduction 3 1. Statement of Intent 4 2. Fair Obtaining I Processing 5 3. Data Uses and Processes 6 4. Data

More information

Data Protection policy approved by the Governing Body of Ifield Community College. Ifield Community College Data Protection Policy

Data Protection policy approved by the Governing Body of Ifield Community College. Ifield Community College Data Protection Policy Data Protection policy approved by the Governing Body of Ifield Community College Ifield Community College Data Protection Policy Introduction The school collects and uses certain types or personal information

More information

Notification of data security breaches to the Information Commissioner s

Notification of data security breaches to the Information Commissioner s ICO lo Notification of data security breaches to the Information Commissioner s Data Protection Act Contents Overview... 2 What the DPA says... 2 Reporting a breach... 2 Potential detriment to data subjects...

More information

AC&E Insurance Services Pty Ltd Privacy Statement Effective: 1 August, 2010

AC&E Insurance Services Pty Ltd Privacy Statement Effective: 1 August, 2010 AC&E Insurance Services Pty Ltd Privacy Statement Effective: 1 August, 2010 AC&E means AC&E Insurance Services Pty Ltd (ABN 69 137 720 757). AC&E has always valued the privacy of personal information.

More information

Clause 1. Definitions and Interpretation

Clause 1. Definitions and Interpretation [Standard data protection [agreement/clauses] for the transfer of Personal Data from the University of Edinburgh (as Data Controller) to a Data Processor within the European Economic Area ] In this Agreement:-

More information

Fighting spam in Australia. A consumer guide

Fighting spam in Australia. A consumer guide Fighting spam in Australia A consumer guide Fighting spam Use filtering software Install anti-virus software Use a personal firewall Download security patches Choose long and random passwords Protect your

More information

Data Protection for the Guidance Counsellor. Issues To Plan For

Data Protection for the Guidance Counsellor. Issues To Plan For Data Protection for the Guidance Counsellor Issues To Plan For Author: Hugh Jones Data Protection Specialist Longstone Management Ltd. Published by the National Centre for Guidance in Education (NCGE)

More information

BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS

BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS Mat Wright www.britishcouncil.org CONTENTS Purpose of the code 1 Scope of the code 1 The British Council s data protection commitment and

More information

Data Protection Workshop: How the Law Affects You Practice Questions

Data Protection Workshop: How the Law Affects You Practice Questions Data Protection Workshop: How the Law Affects You Practice Questions 1. Which of the following is not personal data covered by the Data Protection Act (pick one or more): A. Comments about an individual

More information

Privacy fact sheet 17

Privacy fact sheet 17 Privacy fact sheet 17 Australian Privacy Principles January 2014 From 12 March 2014, the Australian Privacy Principles (APPs) will replace the National Privacy Principles Information Privacy Principles

More information

CORPORATE TRAVEL MANAGEMENT PRIVACY POLICY

CORPORATE TRAVEL MANAGEMENT PRIVACY POLICY CORPORATE TRAVEL MANAGEMENT PRIVACY POLICY 1. About this Policy Corporate Travel Management Group Pty Ltd (ABN 52 005 000 895) (CTM) ('we', 'us', 'our') understands the importance of, and is committed

More information

Spam Act 2003: A practical guide for business

Spam Act 2003: A practical guide for business Spam Act 2003: A practical guide for business This guide provides practical information to businesses that send electronic messages. It explains the main requirements of the Spam Act 2003 (the Spam Act),

More information

Daltrak Building Services Pty Ltd ABN: 44 069 781 933. Privacy Policy Manual

Daltrak Building Services Pty Ltd ABN: 44 069 781 933. Privacy Policy Manual Daltrak Building Services Pty Ltd ABN: 44 069 781 933 Privacy Policy Manual Table Of Contents 1. Introduction Page 2 2. Australian Privacy Principles (APP s) Page 3 3. Kinds Of Personal Information That

More information

Dublin City University

Dublin City University Dublin City University Data Protection Policy Data Protection Policy Contents Purpose... 1 Scope... 1 Data Protection Principles... 1 Disclosure of Personal Data... 2 Summary of Responsibilities... 3 Rights

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY Approval date: June 2014 Approved by: Board Responsible Manager: Executive Director of Resources Next Review June 2016 Data Protection Policy 1. Introduction Data Protection Policy

More information

AASA Online Privacy Policy CRP.020

AASA Online Privacy Policy CRP.020 Introduction Alzheimer s Australia SA Inc values your privacy and takes reasonable steps to protect your personal information (that is, information which identifies or may reasonably be used to identify

More information

Privacy Policy Draft

Privacy Policy Draft Introduction Privacy Policy Draft Please note this is a draft policy pending final approval Alzheimer s Australia values your privacy and takes reasonable steps to protect your personal information (that

More information

BLUE BADGE INSURANCE PTY LTD BLUE BADGE COMMUNITY AUSTRALIA PTY LTD PRIVACY POLICY

BLUE BADGE INSURANCE PTY LTD BLUE BADGE COMMUNITY AUSTRALIA PTY LTD PRIVACY POLICY BLUE BADGE INSURANCE PTY LTD BLUE BADGE COMMUNITY AUSTRALIA PTY LTD PRIVACY POLICY Version 1-1 1 July 2015 Blue Badge Insurance Australia Pty Ltd 2014 ABN 59 162 783 306 A.R. No. 438547 is an Authorised

More information

singapore american school

singapore american school Background The Singapore Personal Data Protection Act - 2012 (PDPA) establishes a data protection law that comprises various rules governing the collection, use, disclosure, and care of personal data.

More information

Australian Privacy Principle 7 direct marketing

Australian Privacy Principle 7 direct marketing Australian Privacy Principle 7 direct marketing Chapter 7 Draft version, September 2013 Key points... 2 What does APP 7 say?... 2 What is direct marketing?... 3 When are agencies covered by APP 7?... 4

More information

WHAT KIND OF PERSONAL INFORMATION DOES NINE COLLECT AND HOW DOES NINE COLLECT IT?

WHAT KIND OF PERSONAL INFORMATION DOES NINE COLLECT AND HOW DOES NINE COLLECT IT? Privacy Policy Nine Network Australia Pty Ltd (Nine) understands that privacy is important to our viewers, business contacts, and people who appear in our television programs. At Nine we are committed

More information

Data Protection Policy

Data Protection Policy Data Protection Policy This policy applies to the national office of Special Olympics GB; athletes, volunteers, and paid staff its clubs and regions; all Special Olympics GB donors, sponsors, and supporters;

More information

Data Protection. Policy and Application July 2009

Data Protection. Policy and Application July 2009 Data Protection Policy and Application July 2009 Produced for staff of the House of Commons Service by the Department of Resources Information Rights and Information Security (IRIS) Service Data Policy:

More information

Privacy Charter. Protecting Your Privacy

Privacy Charter. Protecting Your Privacy Privacy Charter Protecting Your Privacy 1 1. Introduction 3 2. Collection of personal information 3 What sort of personal information do we collect and hold? 3 Anonymity and Pseudonymity 3 Why do we collect

More information

ZEN Telecom Pty. Ltd. Privacy Policy

ZEN Telecom Pty. Ltd. Privacy Policy ZEN Telecom Pty. Ltd. Privacy Policy ZEN Telecom provides broadband internet, mobile voice & data, and PSTN fixed landline telephone, products and services, to residential and small to medium business

More information

1.4 For information about our management of your other personal information, please see our Privacy Policy available at www.iba.gov.au.

1.4 For information about our management of your other personal information, please see our Privacy Policy available at www.iba.gov.au. Indigenous Business Australia Credit Information Policy 1 Purpose and application of this policy 1.1 This credit reporting policy (Credit Information Policy) describes and establishes how Indigenous Business

More information

STATUTORY INSTRUMENTS. S.I. No. 336 of 2011

STATUTORY INSTRUMENTS. S.I. No. 336 of 2011 STATUTORY INSTRUMENTS. S.I. No. 336 of 2011 EUROPEAN COMMUNITIES (ELECTRONIC COMMUNICATIONS NETWORKS AND SERVICES) (PRIVACY AND ELECTRONIC COMMUNICATIONS) REGULATIONS 2011 (Prn. A11/1165) 2 [336] S.I.

More information

Data Protection Policy

Data Protection Policy Data Protection Policy September 2015 Contents 1. Scope 2. Purpose 3. Data protection roles 4. Staff training and guidance 5. About the Data Protection Act 1998 6. Policy 7. The Information Commissioner's

More information

OBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data;

OBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; OBJECTS AND REASONS This Bill would provide for (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; (b) the protection of the privacy of individuals in relation

More information

23/1/15 Version 1.0 (final)

23/1/15 Version 1.0 (final) Information Commissioner s Office response to the Cabinet Office s consultation on the proposal to amend the Privacy and Electronic Communications (EC Directive) Regulations 2003 ( PECR ), to enable the

More information

Spam Act 2003: An overview for business

Spam Act 2003: An overview for business Spam Act 2003: An overview for business This overview has been designed for: small businesses that wish to gain an understanding of the Spam Act; and senior managers within firms that send electronic messages.

More information

Privacy and Electronic Communications Regulations

Privacy and Electronic Communications Regulations ICO lo Notification of PECR security breaches Privacy and Electronic Communications Regulations Contents Introduction... 2 Overview... 2 Relevant security breaches... 3 What is a service provider?... 3

More information

Overview of the Impact of the Privacy Reforms on Credit Reporting

Overview of the Impact of the Privacy Reforms on Credit Reporting Overview of the Impact of the Privacy Reforms on Credit Reporting June 2012 Andrew Galvin, Partner 1 OVERVIEW 1.1 Credit Reporting Reform - Background When initially passed, the Privacy Act 1988 essentially

More information

Personal Data Protection Policy

Personal Data Protection Policy Personal Data Protection Policy Please take a moment to read the following Policy. If there is anything you do not understand then please contact us. We are committed to protecting privacy. This Personal

More information

PRIVACY POLICY. "Personal Information" comprising:

PRIVACY POLICY. Personal Information comprising: PRIVACY POLICY Uniqlo is committed to respecting the privacy rights of visitors to its website. This privacy policy ("Policy") explains how we collect, store and use personal data about you when you browse

More information

John Leggott College. Data Protection Policy. Introduction

John Leggott College. Data Protection Policy. Introduction John Leggott College Data Protection Policy Introduction The College needs to keep certain information about its employees, students and other users to allow it to monitor performance, achievements, and

More information

Data Protection Policy June 2014

Data Protection Policy June 2014 Data Protection Policy June 2014 Approving authority: Consultation via: Court Audit and Risk Committee, University Executive, Secretary's Board, Information Governance and Security Group Approval date:

More information

The Privacy Act 1988 contains 10 National Privacy Principles (the NPPs) which specify how organisations should handle personal information.

The Privacy Act 1988 contains 10 National Privacy Principles (the NPPs) which specify how organisations should handle personal information. Privacy policy Abstract Page 1 Preamble The Privacy Act 1988 contains 10 National s (the NPPs) which specify how organisations should handle personal information. The Anglican Church Diocese of Sydney

More information

Human Resources and Data Protection

Human Resources and Data Protection Human Resources and Data Protection Contents 1. Policy Statement... 1 2. Scope... 2 3. What is personal data?... 2 4. Processing data... 3 5. The eight principles of the Data Protection Act... 4 6. Council

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY The information and guidelines within this Policy are important and apply to all members, Fellows and staff of the College 1. INTRODUCTION Like all educational establishments, the

More information

Pacific Smiles Group Privacy Policy

Pacific Smiles Group Privacy Policy Pacific Smiles Group Privacy Policy Pacific Smiles Group Limited and its related bodies corporate (PSG, we, our, us) recognise the importance of protecting the privacy and the rights of individuals in

More information

Protecting your business from spam

Protecting your business from spam Protecting your business from spam What is spam? Spam is the common term for electronic junk mail unwanted messages sent to a person s email account or mobile phone. Spam messages vary: some simply promote

More information

Scottish Rowing Data Protection Policy

Scottish Rowing Data Protection Policy Revision Approved by the Board August 2010 1. Introduction As individuals, we want to know that personal information about ourselves is handled properly, and we and others have specific rights in this

More information

Personal Data Act (523/1999)

Personal Data Act (523/1999) 1 NB: Unofficial translation Personal Data Act (523/1999) Chapter 1 General provisions Section 1 Objectives The objectives of this Act are to implement, in the processing of personal data, the protection

More information

LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT

LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT 2300 Pursuant to its authority from Article 59 of the Rules of Procedure of the Croatian Parliament, the Legislation Committee determined the revised text

More information

PRIVACY POLICY Personal information and sensitive information Information we request from you

PRIVACY POLICY Personal information and sensitive information Information we request from you PRIVACY POLICY Business Chicks Pty Ltd A.C.N. 121 566 934 (we, us, our, or Business Chicks) recognises and values the protection of your privacy. We also understand that you want clarity about how we manage

More information

Data Protection Act a more detailed guide

Data Protection Act a more detailed guide Data Protection Act a more detailed guide What does the Act do? The Data Protection Act 1998 places considerable duties on organisations which process personal data; increases the rights of access by data

More information

Surveying with CustomerGauge - Legal Considerations:

Surveying with CustomerGauge - Legal Considerations: Resource Sheet Surveying with CustomerGauge - Legal Considerations: Adam Dorrell Please Note this is not a legal document, and should be used for guidance only. You are advised to seek legal advice before

More information

Acceptable Usage Policy

Acceptable Usage Policy Contents 1. INTRODUCTION... 2 2. PURPOSE... 2 3. APPLICATION... 2 4. YOUR OBLIGATIONS AND PROHIBITED USE... 2 5. SPAM... 3 6. EXCESSIVE USE... 3 7. SECURITY... 4 8. COPYRIGHT... 4 9. CONTENT... 4 10. REGULARTORY

More information

Chapter 7: Australian Privacy Principle 7 Direct marketing

Chapter 7: Australian Privacy Principle 7 Direct marketing Chapter 7: APP 7 Direct marketing Version 1.0, February 2014 Chapter 7: Australian Privacy Principle 7 Direct marketing Version 1.0, February 2014 Key points... 2 What does APP 7 say?... 2 Direct marketing...

More information

The kinds of personal information we collect and hold vary depending on the services we are providing, but generally can include:

The kinds of personal information we collect and hold vary depending on the services we are providing, but generally can include: ABN 47 001 768 190 AFSL 244526 Our Privacy Policy At Capital Insurance Brokers, we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian

More information

An overview of UK data protection law

An overview of UK data protection law An overview of UK data protection law Our team Vinod Bange Partner +44 (0)20 7300 4600 v.bange@taylorwessing.com Graham Hann Partner +44 (0)20 7300 4839 g.hann@taylorwessing.com Chris Jeffery Partner +44

More information

12th January 2011. Dear Mr. Graham, Complaint: Internet Eyes

12th January 2011. Dear Mr. Graham, Complaint: Internet Eyes 12th January 2011 Mr Christopher Graham Information Commissioner The Office of the Information Commissioner, Water Lane, Wycliffe House, Wilmslow, Cheshire SK9 5AF UNITED KINGDOM Dear Mr. Graham, Complaint:

More information

Acceptable Usage Policy

Acceptable Usage Policy Version 2.1 20141230 Acceptable Usage Policy Acceptable Usage Policy Contents 1. PURPOSE OF THIS POLICY... 2 2. GENERAL... 2 3. APPLICATION... 2 4. UNREASONABLE USE... 2 5. UNACCEPTABLE USE... 3 6. SPAM...

More information

Credit Reporting Privacy Policy of Baybrick Pty Ltd

Credit Reporting Privacy Policy of Baybrick Pty Ltd Credit Reporting Privacy Policy of Baybrick Pty Ltd Introduction 1. This Credit Reporting Privacy Policy is the official privacy policy of Baybrick Pty Ltd and its subsidiaries which includes JBS Australia

More information

Office of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers

Office of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers Office of the Data Protection Commissioner of The Bahamas Data Protection (Privacy of Personal Information) Act, 2003 A Guide for Data Controllers 1 Acknowledgement Some of the information contained in

More information

Data Protection Good Practice Note

Data Protection Good Practice Note Data Protection Good Practice Note This explanatory document explains what charities and voluntary organisations need to do to comply with the Data Protection Act 1988 as amended by the Data Protection

More information

Privacy and Cloud Computing for Australian Government Agencies

Privacy and Cloud Computing for Australian Government Agencies Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy

More information

Best Practice Standards for Email Marketing

Best Practice Standards for Email Marketing Best Practice Standards for Email Marketing Updated January 2008 Scope The Marketing Association s emarketing Network (emn) champions the adoption of industrywide standards of best practice and ethical

More information

Data Sharing Protocol

Data Sharing Protocol Data Sharing Protocol Agreement for Sharing Data Between Partners of the South Dublin Childrens Services Committee Version 0.4 Final Draft June 2009 Contents 1 Preface...3 2 Introduction & Overview...3

More information

HIPSSA Project. Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Second Mission -Namibia

HIPSSA Project. Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Second Mission -Namibia HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Second Mission -Namibia PRESENTATION OF THE DRAFT DATA PROTECTION POLICY FOR NAMIBIA Pria Chetty, ITU International Legal

More information

How To Understand The Data Protection Act

How To Understand The Data Protection Act DATA PROTECTION ACT 2002 The Basics Purpose of the Act Balance the rights of an individual with an organisation s legitimate need to process personal data Promote openness and transparency Establish and

More information

Data protection compliance checklist

Data protection compliance checklist Data protection compliance checklist What is this checklist for? This checklist is drawn up on the basis of analysis of the relevant provisions of European law. Although European law aims at harmonizing

More information

SHAREYOURJOB.COM PRIVACY POLICY

SHAREYOURJOB.COM PRIVACY POLICY SHAREYOURJOB.COM PRIVACY POLICY (last updated 9th October 2014) 1. Introduction 1.1 Shareyourjob.com Ltd ( Shareyourjob.com or we ) respects the privacy of our users and has developed this Privacy Policy

More information

Data Protection Policy

Data Protection Policy Data Protection Policy April 2014 Author: Jennifer McLaren, Assistant Principal, Curriculum Support & Finance Impact Assessment Date: 15 February 2010 Date: April 2014 Contents 1 Purpose... 2 2 Policy...

More information

ACCEPTABLE USAGE PLOICY

ACCEPTABLE USAGE PLOICY ACCEPTABLE USAGE PLOICY Business Terms - February 2012 ACCEPTABLE USAGE POLICY Business Terms Version February 2012 Acceptable Usage Policy Feb12.Docx 1 Contents 1. INTRODUCTION... 3 2. PURPOSE... 3 3.

More information

Table of Contents. Introduction 3 What is Title Insurance? What are mortgage processing and loan servicing services? 3 This Privacy Policy 3

Table of Contents. Introduction 3 What is Title Insurance? What are mortgage processing and loan servicing services? 3 This Privacy Policy 3 Privacy Policy First American Title Insurance Company of Australia Pty Ltd First Mortgage Services Pty Ltd First Mortgage Services Australia Pty Ltd 1 P a g e Table of Contents Page Introduction 3 What

More information