Data Protection Act

The Data Protection Act 1998 gives legal rights to individuals in respect to personal data held about them. 

The Data Protection Act 1998 is regulated by the information commissioner  who is the independent authority responsible for ensuring compliance with the Act.  You can read more about data protection on the information commissioner's website.

Purpose of the Act

The Data Protection Act 1998 governs how organisations can use the personal information they hold, including how they collect, store, share or dispose of it. The Act includes eight data protection principles.

Organisations must be open about the use of personal data through notification to the Information Commissioner.

Your rights

The Data Protection Act gives people the right to access the information held about them by organisations. This is called a Subject Access Request.  

This applies to all individuals whether they are an employee, elected member or a member of the public.

People also have the right to information about automated decisions taken about their personal data, as well as the right to:

  • take action for compensation if they suffer damage by any contravention of the Act by the organisation  
  • prevent information being passed on for the purposes of direct marketing
  • rectify, block, erase or destroy inaccurate data
  • make a request to the Information Commissioner for an assessment to be made by the data controller if they feel that the Act has been contravened

How to access the information held about you by the council

You can make a subject access request by:

  • filling in our online form.
  • filling in a Data Protection Act Subject Access Request form available from the our ideas stores, libraries and one stop shops.
  • Email:

or by writing to:
The Information Governance Team
Chief Executive’s Directorate
Town Hall
5 Clove Crescent
London E14 2BG

In order to process your request, we will need to receive COPIES of two official documents that between them clearly authenticate your name, and current address. This is a standard practice in all applications for personal data under the Data Protection Act 1998, in order to prevent fraud. 

You will need to provide one document from each list below.

List A

  • driving license
  • medical card
  • birth/ adoption certificate
  • passport

List B

  • bank/building society statement
  • utility bill (gas, water, electric or telephone)
  • council tax bill
  • Inland Revenue
  • benefit agency
  • solicitor
  • mortgage lender
  • professional body
  • employer (payslip/letter of appointment)

Note: Please delete any financial information you do not wish us to see. We will only be examining the name and address portion.

Your request will be placed on hold until we have received the proof of identity and address documentation.

Back to the top

Responding to your request

We will provide the requested information within 40 calendar days as stipulated by the Act, once you have provided us with the required details to processing your request

How we use your information

The information that you provide will be processed according to the Data Protection Act 1998 and relevant legislation.

We have a duty to protect public funds we administer, and may use information held about you for the prevention and detection of fraud and other lawful purposes. 

We will also use the information to perform our statutory enforcement duties. We will make any disclosures required by law and we may also share this information with other bodies responsible for detecting/preventing fraud or auditing/administering public funds. This may include, but is not limited to, matching council tax data with electoral registration records and the passing of the full version of the electoral register to the Audit Commission for the National Fraud Initiative.

We will not disclose your information to third parties for marketing purposes and your data will be secure and confidential at all times.


If you wish to complain about any aspect of the operation of the Data Protection Act you should first contact the Information Governance Team.

The Information Governance Team
Chief Executive’s Directorate
Town Hall
5 Clove Crescent
London E14 2BG

Tel: 020 7364 4354


If the Information Governance team is unable to resolve your complaint, you should contact Ruth Dowden, the council’s corporate complaints manager.

Corporate Complaints
Chief Executive’s Directorate
Town Hall
5 Clove Crescent
London E14 2BG

Tel: 020 7364 4161


If you are still not satisfied with our response to your complaint, you can appeal to the independent Information Commissioner at:

Information Commissioner
Wycliffe House
Water Lane
Cheshire SK9 5AF

Tel: 016 2554 5700

Visit the information commissioner's website.

Back to the top