Website Legal Requirements 3 – The Data Protection Act

5th October, 2009 in Website Policy 3 Comments

In the third part of my Website Legal Requirements series, I explain how the Data Protection Act affects your website and what you need to do to adhere to it.


The Data Protection Act defines UK law on the processing of people’s data and is the main piece of legislation that governs the protection of personal data in the UK. It gives people the right to know what information is held about them and provides a framework to ensure that personal information is handled properly.

The Act states that anyone who processes personal information must comply with eight principles, which make sure that personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

It also provides individuals with important rights, including the right to find out what personal information is held on computer and most paper records.

How Does This Affect My Website?

If your website collects users data, even a simple enquiry form asking for Name, Email and Phone Number, you should include a Privacy Policy that informs website visitors how you retain, process, disclose and purge their data in line with the requirements above.

Sources & More Info:

Picture of Adam Camplin

Adam Camplin 3rd July, 2014 at 11:51 am

Could we link this page on our website? E.g:

We adhere to the U.K's Data protection act, Details of which can be found here:

Picture of Laurence

Laurence 3rd July, 2014 at 13:14 pm

Hi Adam. I would advise that you link to the Data Protection Act site itself if you state you adhere to it, rather than a third party company that summarises it, and then links to it. But by all means you can link to this site if you want, just make sure you are not making it sound like this site is what defines the data protection act, as we don't.

Picture of Torie

Torie 4th March, 2017 at 22:44 pm

Hi Laurence,

Would you have a solicitor that you would recommend to provide the correct legal "stuff" (e.g. copyright, T&C, etc) for my website? There's heaps of information out there, much of which I don't trust/is not relevant to the UK! I've found that it's possible to download some templates, but I'm not convinced of their value.

Many thanks.

Leave a Reply