Keeps the data safe and secure

Reports directly to parliament

Enforces the Data Protection Act

Determines what data an organization collects and how it is processed

To control how personal information is used by companies and the UK government

To enforce data protection measures

To collect and use data fairly and inside the law

To transfer data outside the European Economic Area

To process data in a manner that ensures security

To lodge a formal complaint with the Information Commissioner's Office

To prevent automatic decisions about individuals being made

To keep accurate and up-to-date records

To transfer data outside the European Economic Area

To collect data for specified reasons

To strengthen and standardize data protection regulations across Europe

To keep data for longer than necessary

To enforce the Data Protection Act

To keep data safe and secure

To prove that their data protection measures are sufficient to protect data

To transfer data outside the European Economic Area

Right of subject access and the right of correction

Right to prevent automatic decisions about themselves being made

Right to prevent distress and right to prevent direct marketing

Right to lodge a formal complaint and right for compensation

To enforce the Data Protection Act

To determine what data an organization collects

To keep accurate and up-to-date records

To report directly to parliament

Sensitive data is stored in a computer or paper

Personal data is used for direct marketing

Personal data includes names, addresses, and bank details

Sensitive data is subject to additional legal protections