Data Protection

Any business operating in Northern Ireland and holding information from which living individuals can be identified will be subject to data protection legislation. This legislation regulates the collection, processing and disposal of personal data, and sets a higher standard of protection for sensitive personal data (for example, medical information). Read the Data Protection Act here

Some of the key obligations under data protection legislation include:

  • Developing a Privacy Policy: Notifying customers, users of your website and others as to how you will obtain, record, hold, use, disclose and erase their personal data.
  • Drawing Up Employee Data Protection Policies: Providing the requisite information to employees through employee handbooks or employment contracts or a combination of both.
  • Register with the Information Commissioner’s Office or ICO: Unless you are exempt, all data controllers are currently required to register with the ICO via the website