The Data Protection Act
All Approval Holders Letter 32/2002
27 November 2002
The Data Protection Act of 1998 (DPA) provides statutory rights that give protection to individuals about whom data are obtained, stored, processed or supplied while balancing those needs against the legitimate needs of the data controller. The Act is the UK’s implementation of the EC Directive EC/95/46 that harmonised data protection legislation throughout the EU. The Act received Royal Assent on 16 July 1998 and, together with the secondary legislation required to support it, was brought into force on 1 March 2000.
In order to comply with the DPA, the Pesticides Safety Directorate (PSD) will add the following ‘Data Protection Statement’ to all application forms. The electronic form on the website will be updated immediately, the revised paper copy of the form should be available by December 2002.
Data Protection Act 1998
The Personal data submitted with this application will be handled in compliance with the Data Protection Act 1998. Personal data will be used for the purpose of processing your application for approval(s), and as part of the information supporting any approval granted it may be referred to in any subsequent regulatory action concerning that approval. In the event of a breach of the conditions of that approval, or any other breach of statutory requirements, these personal data may be used for enforcement purposes, including their disclosure to enforcing officers in local authorities and the Health and Safety Executive.
The following statement will be added to the PSD Website and will be used in response to members of public who are logged as having contacted the PSD Information/Enquiry Division:
Data Protection Act 1998
"In accordance with the Data Protection Act, the Pesticides Safety Directorate (PSD), an executive agency of Defra, informs you that any personal data will be handled in compliance with that Act. Where it is supplied during the course of an application it will be used to process your application for approval. PSD will process these data for the purpose of pesticides regulation. PSD may disclose these data to any person or organisation for the purposes for which they were collected or where the Act allows disclosure. Personal data submitted for the purpose of an application to PSD as a regulatory authority, may also be used for enforcement purposes, including its disclosure to enforcing officers in local authorities and the Health and Safety Executive.
Furthermore, information (including personal data) may be released on request under a number of legislative and administrative provisions. These include the Environmental Information Regulations, the Control of Pesticides and Plant Protection Products Regulations, the Code of Practice on Access to Government Information and the Freedom of Information Act."
If you have any queries concerning the contents of this letter, please contact Information Services at PSD by telephoning 01904 455775, by fax on 01904 455733, by e-mail to pesticides@hse.gsi.gov.uk, or in writing.
The data controller is the person who, either alone or jointly, determines the purpose for which, and the manner in which, personal data is processed. For data protection purposes, the Department for Environment, Food & Rural Affairs is the Data Controller