Why ...
... is a business that sells replacement uPVC windows able to claim
exemption from notification under the "Exemptions for advertising, marketing
and public relations", but a business that provides professional advice on
IT systems has to notify because it is a "consultancy"!
Or am I misreading the advice being given by the ODPC in their "Notification
Handbook - A Complete Guide to Notification"
They state in the opening paragraphs ...
"The principal purpose of having notification and the public register is
transparency or openness. It is a basic principle of data protection that
the public should know or should be able to find out who is carrying out
processing of personal data and other information about the processing, such
as, for what purposes the processing is carried out. The Data Protection
Act 1998 places obligations on data controllers in order to satisfy this
principle."
Perhaps this should read ...
"The principal purpose of having notification and the public register is
transparency or openness [in certain circumstances]. It is [almost] a basic
principle of data protection that the public should know or should be able
to find out who is carrying out processing of personal data and other
information about the processing, such as, for what purposes the processing
is carried out [unless there are too many out there, in which case it might
be a bit difficult]. The Data Protection Act 1998 places obligations on
data controllers in order to satisfy this principle."
Duncan S Smith
Principal Consultant
Company Profiles
"The process of Improvement"
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|