Businesses that hold customer information may be subject to data protection legislation governing the acquisition and use of this data. The Data Protection Acts of 1984 and 1998 derive from a Council of Europe Convention and apply to any entity which collects data on individuals by which such individuals can be identified.
Included in this legislation are obligations to ensure that such data is obtained fairly and lawfully and only for registered purposes, that it is held securely and that it not be transferred to a third party without the consent of its subject. Furthermore, data subjects have rights of access and, where applicable, various ancillary rights in the event of the inaccuracy or misuse of their information.
Pactum Law offers advice to companies wishing to ensure compliance with existing data protection laws and also to data subjects who wish to enforce their rights against data users.