The Data Protection Act - A Checklist for Businesses
This information is part of the Data topic.
In this topic:
- The Data Protection Act (DPA)
- What it means for your business
- Using customer data
- Direct marketing using email, mail and phone
- Using information in the public domain
- A checklist for businesses
A checklist for your business
The Data Protection Act applies to everyone. It gives individuals certain rights regarding their personal data and places obligations on everyone who holds personal information about living individuals. The following is intended to offer a checklist of recommended minimum procedures in order for a business to comply successfully with the Data Protection Act.
General
- Make sure your computers, filing systems and buildings are secure.
- Ensure your staff know how to correctly take down customer data and how to ask the data protection question. Ensure that you and they ALWAYS follow procedure.
- Ensure that staff who collect customer data know how that data might be used in the future so that they may confidently explain to a customer who asks.
Customer Data
- Ensure that wherever customer data is taken down, staff ALWAYS ask an appropriate data protection question. This would be along the lines of EITHER "May we send you relevant information in the future?" where the customer data is only ever likely to be used by your own business OR "May we send you relevant information about ourselves and other selected businesses in the future?" if the customer data is likely to be shared with/used by other businesses.
- Ensure that an appropriate opt-in option is given at websites where customer data can be collected, such as "Please tick here to indicate that we may email you further suitable information in the future." Ensure that where customer data is collected electronically as part of an automated request or booking process that at least an opt-out option is offered.
- Ensure that any communication you make to a customer offers a suitable, free of charge option to opt-out of any future marketing communications. This is essential on all unsolicited emails you send to customers. A suitable reply address for unsubscribing MUST be provided.
- Ensure that any emails you send clearly state who the sender is.
- Ensure you only send your customers suitable information about your core business.
- You may buy mailing lists or share appropriate data with other organisations for joint marketing, but ensure that when you do this all data is screened against the Mailing Preference Service Register.
- Ensure that all outbound unsolicited telephone calls to your customers are screened against the Telephone Preference Service Register unless you are conducting follow up calls or research to recent enquirers/customers.
- You are obliged to correct a customer's details quickly if they advise you of a change or request a deletion.
- You are obliged to send to a customer a copy of the details of any data that you hold on them, should they request that you do so. You may charge a small administration fee of up to £10 for this if necessary.
Quick Links
- Use Business Link's interactive tool for checking which regulations you must comply with
- Visit the Health & Safety Executive website
- Visit BERR's website (formerly the DTI)
Find Funding
- Managing Work Related Violence in Licenced and Retail Premises
- 99 Kb
This HSE Guidance Leaflet looks at practical ways to reduce work related violence in licenced and retail premises, based on measures routinely used by real businesses.
- Licensing Act 2003
- 54 Kb
Preliminary points
Premises Licenses
Personal Licenses
Club Premises Certificates
Temporary Event Notices (TENs)- Your Business and Disability Discrimination
- 113 Kb
This factsheet introduces the Disability Discrimination Act and explains the implications for your business. It helps you understand how to successfully comply with the Act, where to get more information and sources of help.
- Data Protection Act
- 54 Kb
Individual rights
obligations of data controllers- Guest Registration Template
- 60 Kb
A guest registration card template for you to download.
- Serviced Terms
- 34 Kb
Sample terms and conditions for all types of serviced accommodation.
- Equipment hire terms
- 29 Kb
Sample equipment hire terms and conditions for all types of businesses that hire out equipment.
- Background Music and Music Events
- 58 Kb
This factsheet covers the licensing information you need to know to legally put on a music event. It covers Performing Rights Society Licences, Phonographic Performance Ltd Licenses, Temporary Events Notices, Premises Licenses and introduces the 2003 Licensing Act.
- Self Catering Terms
- 37 Kb
Sample self catering terms and conditions for all types of self catered accommodation.
- Ticket Terms
- 43 Kb
Sample terms and conditions for all types of businesses that sell tickets or provide events or function room hire.
Rules, Regulations & Licenses
- HSE Release New Guidance on Work Related Violence(10/29/2008)
- New Campaign For Fairer Enforcement of Fire Regulations(10/06/2008)
- New Article: Electronic Performance Certificates and Air Conditioning Inspections(10/05/2008)
- New Food and Drink Waste Training for Staff at All Levels(09/26/2008)
- Employing Workers from Overseas(03/27/2008)
- A Safer Workplace With Safestartup(03/27/2008)
Rules, Regulations & Licenses RSS News Feed
Features and Articles
Tourism in the North East
What's our tourism industry really like here in North East England
Training & Skills
Developing your staff's skills and approach will pay huge dividends to your business - and to your staff themselves.
Being Green & Sourcing Locally
Helping to conserve the environment isn't just a personal responsibility. It can save you money and win you customers.