Data Protection Act 2018 - Legislation.gov.uk

4 days ago - (6) Until the repeal of Part 1 of the Regulation of Investigatory ... paragraphs 45 and 54 of Schedule 10 to the Investigatory Powers Act 2016 is.
3MB Sizes 1 Downloads 110 Views
Data Protection Act 2018 DATA PROTECTION ACT 2018

CHAPTER 12

Explanatory Notes have been produced to assist in the understanding of this Act and are available separately

Published by TSO (The Stationery Office), part of Williams Lea Tag, and available from: Online www.tsoshop.co.uk Mail, Telephone, Fax & E-mail TSO PO Box 29, Norwich, NR3 1GN Telephone orders/General enquiries: 0333 202 5070 Fax orders: 0333 202 5080 E-mail: [email protected] Textphone: 0333 202 5077

£39.25

[email protected] and other Accredited Agents

ukpgacvr_20180012_en.indd 1

24/05/2018 10:47

Data Protection Act 2018 CHAPTER 12

CONTENTS PART 1 PRELIMINARY 1 2 3

Overview Protection of personal data Terms relating to the processing of personal data PART 2 GENERAL PROCESSING CHAPTER 1 SCOPE AND DEFINITIONS

4 5

Processing to which this Part applies Definitions CHAPTER 2 THE GDPR Meaning of certain terms used in the GDPR

6 7

Meaning of “controller” Meaning of “public authority” and “public body” Lawfulness of processing

8 9

Lawfulness of processing: public interest etc Child’s consent in relation to information society services

ii

Data Protection Act 2018 (c. 12)

Special categories of personal data 10 11

Special categories of personal data and criminal convictions etc data Special categories of personal data etc: supplementary Rights of the data subject

12 13 14

Limits on fees that may be charged by controllers Obligations of credit reference agencies Automated decision-making authorised by law: safeguards Restrictions on data subject's rights

15 16

Exemptions etc Power to make further exemptions etc by regulations Accreditation of certification providers

17

Accreditation of certification providers Transfers of personal data to third countries etc

18

Transfers of personal data to third countries etc Specific processing situations

19

Processing for archiving, research and statistical purposes: safeguards Minor definition

20

Meaning of “court” CHAPTER 3 OTHER GENERAL PROCESSING Scope

21

Processing to which this Chapter applies Application of the GDPR

22 23

Application of the GDPR to processing to which this Chapter applies Power to make provision in consequence of regulations related to the GDPR Exemptions etc

24 25 26 27 28

Manual unstructured data held by FOI public authorities Manual unstructured data used in longstanding historical research National security and defence exemption National security: certificate National security and defence: modifications to Articles 9 and 32 of the applied GDPR

iii

Data Protection Act 2018 (c. 12)

PART 3 LAW ENFORCEMENT PROCESSING CHAPTER 1 SCOPE AND DEFINITIONS Scope 29

Processing to which this Part applies Definitions

30 31 32 33

Meaning of “competent authority” “The law enforcement purposes” Meaning of “controller” and “processor” Other definitions CHAPTER 2 PRINCIPLES

34 35 36 37 38 39 40 41 42

Overview and general duty of controller The first data protection principle The second data protection principle The third data protection principle The fourth data protection principle The fifth data protection principle The sixth data protection principle Safeguards: archiving Safeguards: sensitive processing CHAPTER 3 RIGHTS OF THE DATA SUBJECT Overview and scope

43

Overview and scope Information: controller's general duties

44

Information: controller’s general duties Data subject's right of access

45

Right of access by the data subject Data subject's ri