Keeping Personal Information Online

The Code for Keeping Personal Information Online explains how the Data Protection Act 1998 (the DPA) applies to the collection and use of personal data online. The UK Information Commissioner's Office publishes the Code.

The Code provides good practice advice for organisations doing business online and must comply with the Data Protection Act.

Today, more people are conducting their personal affairs online. For example, online shopping, social networking, job hunting, renewing car tax or contacting local councils and government departments online are now an everyday part of life.

Launched in 2010, the Code for Keeping Personal Information Online explains how the Data Protection Act 1998 applies to the collection and use of personal data online.

The Code explains the privacy risks that may arise when operating online and suggests ways for organisations to deal with them. It stresses how important it is to treat consumers’ information properly and being transparent about how you are using their information.

The Code for Keeping Personal Information Online

What does the Code for Keeping Person Information Online cover?

The Code for Keeping Personal Information Online covers topics including online marketing, operating internationally, and applying individuals’ rights in an online environment. It applies equally to the public and private sectors.

The Code also covers the collection and use of personal data online, whether you collect it via a PC, games console, mobile device, media player or any other equipment that connects to the internet. It covers obvious identifiers, such as names, email addresses or account numbers obtained, such as, through an electronic application form. It also covers less obvious identifiers, such as information indicating individuals’ online activity generated by cookies and other identifiable monitoring, such as the analysis of IP addresses.

The Code for Keeping Personal Information Online covers activities such as:

  • collecting a person’s details through an online application form;
  • using cookies or IP addresses to target content at a particular person;
  • using personal data to market goods or to deliver public services; and
  • using cloud computing facilities to process personal data.

The Code for Keeping Personal Information Online does not cover the use of information that does not, or could not, identify an individual. For example, collecting anonymised or statistical information. The DPA does not apply to these activities. Nor does it apply to activities such as displaying the same broadcast-type content to everyone who visits a website. For example, showing the same adverts for flight deals to everyone who visits a travel site.

Reference

Download the Code of Practice for Keeping Personal Data Online

Visit the UK Information Commissioner's Website