數據控制者目錄
數據控制者目錄(英語:Register of data controllers)是英國依據《1998年數據保護法案》設立的數據庫。目錄由資訊專員辦公室管理,[1]用於登記數據控制者(數據收集者)的信息以及收集和處理數據的目的。[2][3][4]
根據《數據保護法案》,在某些情況下,數據控制者可豁免登記。[5]當無法達到豁免要求[6]時,在開始收集數據前未能通知資訊專員辦公室(即登記到目錄)是一項無過失責任罪行,可被資訊專員辦公室刑事檢控。[7]
登記加入目錄繳納的費用被直接用於英國資訊專員辦公室的運作。任何人均可免費查詢此目錄。
參考文獻
編輯- ^ Data Protection Act 1998. Office of Public Sector Information. [2009-11-18]. (原始內容存檔於2010-08-24).
- ^ Register of data controllers. UK Information Commissioner's Office. [2015-07-16]. (原始內容存檔於2015-07-17).
We publish the name and address of these data controllers, as well as a description of the kind of processing they do.
- ^ Register of Data Controllers. The Advertising Protection Agency. [22 March 2012]. (原始內容存檔於2011年1月7日).
The ICO then publishes certain details from the registration data in the register of data controllers which is available to the public for inspection.
- ^ Notifying the Information Commissioner's Office about personal information. Business Link. [22 March 2012]. (原始內容存檔於2012-10-15).
The Data Protection Act 1998 requires businesses to give details about the way they process personal information to the Information Commissioner's Office (ICO) for inclusion in a public register, unless they are exempt. This is called notification.
- ^ Register (notify) under the Data Protection Act. UK Information Commissioner's Office. [2015-07-16]. (原始內容存檔於2015-07-16).
The Data Protection Act 1998 requires every data controller (eg organisation, sole trader) who is processing personal information to register with the ICO, unless they are exempt.
- ^ In brief – are there any exemptions from the Data Protection Act?. UK Information Commissioner's Office. [2015-07-16]. (原始內容存檔於2015-07-16).
... there are some exemptions from the Act to accommodate special circumstances.
- ^ Register of Data Controllers - University of Strathclyde. University of Strathclyde. [22 March 2012]. (原始內容存檔於2018-03-13).
Every organisation that processes, i.e. holds and uses, personal information must be registered with the UK Information Commissioner's Office (ICO), unless they are exempt. This registration is a statutory requirement under the Data Protection Act and failure to notify the ICO is a criminal offence.