Data Protection at Derwentside Homes
- We will process your information in accordance with the Data Protection Act (DPA).
- We will use the information that you have provided for the purpose(s) for which it has been provided and ensure the accuracy and completeness of all Derwentside Homes records and ensure that our records are kept up to date.
- We may also use the information to inform you of other Derwentside Homes services to which you may be entitled.
- We may also share the information you have provided with other agencies where it is in the interests of your health, safety or welfare.
- We will not ask you for more information than necessary.
- We will not keep the information for longer than necessary.
- We will take all reasonable measures to keep your information safe.
- We may use your information both within Derwentside Homes and with external statutory agencies for the prevention and detection of crime.
- You may obtain details of the information held about you from: The Data Protection Controller.
- The Data Controller for Derwentside Homes is Anthony Cooke, Company Secretary.
- To access the Data Protection Act Subject Access Request Application form, please see attached document on the left hand side.
Data Protection Principles
The Data Protection Act 1998 (DPA) is based on 8 principles for good information handling.
- Personal data shall be processed fairly and lawfully.
- Personal data shall be obtained only for one or more specific and lawful purposes and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant, and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and where necessary kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or purposes.
- Personal data shall be processed in accordance with the rights of data subjects under this Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to processing of the personal data.