We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

How's your data protection policy doing?


Forum Editor

Likes # 0

If your business is in the habit of collecting and processing personal data from customers, or potential customers, it's worth thinking about your responsibilities as a data processor.

Broadly speaking, the purpose of the Data Protection Act 1998 is to ensure that individuals and companies who/which process information about living, identified or identifiable individuals do so in a manner that properly safeguards that information from unlawful disclosure to third parties. The kind of personal information that is protected under the act is names and addresses, bank details, and opinions expressed about an individual - perhaps by a senior manager about an individual worker in an internal company assessment document.


There are eight guiding principles as far as Data protection is concerned, and they are that data is/are:

1. processed fairly and lawfully

2. processed for one or more specified and lawful purposes, and not further processed in any way that is incompatible with the original purpose

3. adequate, relevant and not excessive


4. accurate and,where necessary, kept up to date

5. kept for no longer than is necessary for the purpose for which it is being used

6. processed in line with the rights of individuals

7. kept secure with appropriate technical and organisational measures taken to protect the information

8. not transferred outside the European Economic Area (the European Union member states plus Norway, Iceland and Liechtenstein) unless there is adequate protection for the personal information being transferred


Lots more about how to comply with the law here:

click here

Like this post
Forum Editor

Likes # 0

Did you post this in the wrong place?

Like this post
samc123

Likes # 0

Hi we are one of the largest photo printing companies in the UK.

Customers ring up to check on their order status, etc.

We want to know, if we comply with data protection regulations when we ask customers questions to confirm their identity?

We also want to know how many questions are we allowed to ask and what sort of questions are we allowed to ask?

At presenet we ask 3 security questions on all incoming and outgoing calls. These questions can consist of the following:

Order Number
name
postcode
First line of address
What the customer has ordered (Content of images)
Email Address
Telephone number
Items in order

Best regrads.

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Ultimate iOS 8 Tips: 35 awesome and advanced tips for using iOS 8 on iPhone and iPad