Data protection and your business

Sure Castle Privacy Policy Security Circuits

Data Protections check points

  1. Recruitment and managing staff records
  2. Monitoring staff at work
  3. Using CCTV
  4. Get advice on data protection

You must follow rules on data protection if your business stores or uses personal information.

This applies to information kept on staff, customers and account holders, eg when you:

  • recruit staff
  • manage staff records
  • market your products or services
  • use CCTV

This could include:

  • keeping customers’ addresses on file
  • recording staff working hours
  • giving delivery information to a delivery company

For information on direct marketing, see marketing and advertising: the law.

Data protection rules

You must make sure the information is kept secure, accurate and up to date.

For example, when you collect someone’s personal data you must tell them:

  • who you are
  • how you’ll use their personal information
  • they have the right to see the information and correct it, if it’s wrong

Also say if the information will be used in other ways – eg if it may be passed to other organisations.

The main data protection rules are set out in the data protection principles.

What you have to do

You must:

  • tell the Information Commissioner’s Office (ICO) how your business uses personal information
  • respond to a data protection request, if someone asks to see what information you have about them

You could be given a heavy fine or made to pay compensation if you misuse personal data.