Register of data controllers
The Register of data controllers is a United Kingdom database under the control of the UK Information Commissioner's Office mandated by the UK Data Protection Act 1998[1] (The Act) which records the name of the data controller[2] and the purpose(s) for the processing of the data processed by that controller within the meaning of The Act.[3]
Under The Act a data controller may, under some circumstances be exempt from registration, termed notification. When not exempt, failure to notify the Information Commissioner's Office formally prior to the commencement of processing data is a strict liability offence for which a prosecution may be brought by the Information Commissioner's Office in the criminal court of the UK
Amendments to a data controller's notification may be made at any time, and must be made prior to commencement of a new processing purpose.
Registration carries a fee, the proceeds of which fund the UK Information Commissioner's Office directly.
Notes
- ^ "Data Protection Act 1998". Office of Public Sector Information. Retrieved 2009-11-18.
- ^ "Data Protection Act 1998 - Part 1, Basic Interpretive Provisions - Section 1". Office of Public Sector Information.
'data controller' means, subject to subsection (4), a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed;
{{cite web}}: Unknown parameter|acessdate=ignored (|access-date=suggested) (help) - ^ "Register of data controllers". UK Information Commissioner's Office. Retrieved 2009-11-17.
The register contains the name and address of data controllers and a description of the kind of processing they do
External Links
  | This article relating to law in the United Kingdom, or its constituent jurisdictions, is a stub. You can help Wikipedia by expanding it. |