Data Protection Terms

Dear all

In this era of modern influence it is only right that we have a modern way of protecting our data, its only natural that people will want personal and sensitive data protected in this digital age. You've got to do your own bit of course, by that I mean creating strong passwords for the websites you have an account on, and keeping them to yourself, keeping your personal details updated for instance with your bank, mobile telephone provider and the people who you pay your bills too, it's all part of keeping your information secure and up to date.

What i'd like to discuss with you today is the data protection terms and clarify them a little and i'd like to start with what the GDPR calls 'Data Subject' - that's people! Me and you. 'Personal data' is any data that refers directly or indirectly to you. 'Processing' is a set of operations performed on personal data i.e receiving it, storing it, doing something with it and removing it.

The EU and UK put all kinds of words into describing the term processing but at the end of the day it comes down to receiving information, storing it and deleting it when necessary - something which a lot of companies don't like to do - and this is the problem. Personal data has become like a gift, that sometimes people sell on without permission. Personal data is stored by some companies and they sell it as marketing lists without consent, and that's naughty. But for now we'll focus on these data protection terms, i'd like to talk about the use of personal data another time. What I do know is that people hate to delete data, it's like you've asked people to throw out their personal belongings.

I'll just stay with this subject for now, some companies treat the data they've been given to them by data subjects (people) and treat it with contempt, by that I mean what I said before, they'll sell your details on without permission, even email addresses - which are not so personal to some, but they are to the likes of me and you, spam is a nuisance and it is to be treated as such.

Companies, unwittingly or not, who you have given your details to, become a data controller, in other words become responsible for the safety and security of the data, given to them in trust by us people.

We move onto 'data controller' - the ICO says this, "“data controller” means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be processed". To which I say that a data controller is a person, company or other organisation who holds data, sometimes by consent, sometimes on another specified basis.

'Data processor' is described (by me) as a company, person or other organisation that processes data on behalf of a data controller. I work on behalf of a data processor and they get 'given' information to process, from a data controller, but at the end of the day, the data truly belongs to the data subject and it is to be remembered as such when it comes to receiving, storing and deleting it.

Thanks for reading...

Regards

Steven