Information about Data Protection, and access to personal information
The Data Protection Act
The Data Protection Act 1998 gives legal rights to individuals (data subjects) who have personal data held about them.
The Act is designed to cover the collecting, storing, processing and distribution of personal data.
If you have information stored about you, the Act gives you certain rights. These rights apply to everyone, whether they're an employee, elected member, or a member of the public.
Each individual has the right to:
- access personal data
- prevent processing likely to cause damage or distress
- prevent processing for the purposes of direct marketing
They also have rights to:
- take action for compensation if they suffer damage by any contravention of the Act by the data controller
- take action to rectify, block, erase or destroy inaccurate data
- make a request to the Information Commissioner for an assessment of the data controller (if they feel that the Act has been contravened)
The Act places obligations on those who record and use personal data (data controllers). They must:
- be open about the use of such personal data
- follow sound and proper practices
- apply the Data Protection Principles in line with our own Data Protection Policy
You can find our Data Protection Policy document at the bottom of the page.
Access to Personal Information
The Data Protection Act provides individuals with a right of access to personal information held about them. The right applies to both:
- personal information held in computerised form
- non-computerised form held in most filing systems
You can make requests for access to your own personal information. Please complete and return our form.
Please note; you must complete the final section of the form:
- in the presence of a Council Officer
- at our offices at King's Court, Chapel Street, King's Lynn
To complete our application you'll need:
proof of identity
The Freedom of Information Act does not permit your own personal information to be made public. And it does not override the protection built into the Data Protection Act.
Data matching exercise
We're required by law to protect the public funds we administer. We may share information we are given with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.
The Cabinet Office is responsible for carrying out data matching exercises.
Data matching involves comparing computer records held by one body, against records held by the same or another body. It checks to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found, it may indicate that there is an inconsistency which requires further investigation. We can't assume there is fraud, error or another explanation until an investigation is carried out.
We participate in the Cabinet Office’s National Fraud Initiative; a data matching exercise to assist in the prevention and detection of fraud.
We're required to provide particular sets of data to the Minister for the Cabinet Office for matching for each exercise. These are detailed on the GOV.UK website. The use of such data is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under the Data Protection Act 1998.
Data matching by the Cabinet Office is subject to a Code of Practice.
View further information on the Cabinet Office’s legal powers and the reasons why it matches particular information. For further information on data matching at this authority contact us using the details below.