My initial thought is to wonder whether other details can be legitimately
used for audit purposes, once the use for keeping any card details has
passed? It does seem a little exessive to keep these sorts of data.
I do some data work for the LSC and suggest that before talking to the UKIC,
you talk to him . He is very good and always considers the privacy of the
individual first and works from there. I think it would be worth a talk.
I'll send you his details when I get my dodgy phone to work!
Simon.
-----Original Message-----
From: Tim Trent [mailto:[log in to unmask]]
Sent: 06 February 2006 16:59
To: [log in to unmask]
Subject: Re: [data-protection] financial details retained longer then is
necessary
Under these circumstances it is valid to ask the UKIC for definitive advice
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of PETER SELENIC
Sent: 06 February 2006 16:56
To: [log in to unmask]
Subject: [data-protection] financial details retained longer then is
necessary
As a college we take postal enrolments.
Our course application form requires the student to fill in their credit
card number and the 3 digit code.
These forms are then kept in order to provide audit records for our LSC
(Learning & Skills Council who provide the college it's revenue) auditor
(life of student +5 years). I am becoming increasingly nervous with this
practice but I cannot see how else this information can be gathered and
retained.
Our IC DP register entry is standard for education, data classes include
financial details, but in reality we are retaining these financial details
longer then is necessary for the processing of this data.
Any reassuring comments would be appreciated.
Regards
Peter Selenic
DP/FOI Officer
Epping Forest College
**********************EFC disclaimer *********************
This message is sent in confidence for the addressee only. It may contain
confidential or sensitive information. The contents are not to be disclosed
to anyone other than the addressee. Unauthorised recipients are requested to
preserve this confidentiality and to advise us of any errors in
transmission. Thank you.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|