Security and Privacy statement of e-vet web application

WHAT IS DATA PROTECTION?

Data protection addresses the safeguarding of the privacy rights of individuals in relation to the processing of personal data. The Data Protection Acts 1988 and 2003 confer rights on individuals as well as responsibilities on those persons processing personal data.

E-vet web application user organisations gathers and stores data about individuals. This is necessary for the purposes of running the operations of the International youth exchange. For the purpose of data protection, such organisations or individuals who control the contents and use of personal data are known as DATA CONTROLLERS. The Data Protection Acts 1988 and 2003 impose obligations on data controllers and give rights to individuals relating to their personal data.


WHAT TYPES OF DATA ARE INCLUDED?

All personal information relating to a living individual is included under the legislation. It covers data that is held on computers as well as data that is held in manual files. It applies to all the data that is held - for example it applies to data in emails and copy letters as well as to data on Files etc.


WHAT ARE THE RESPONSIBILITIES?

Any organisation using e-vet that is involved in the collection, storage or processing of such data has responsibilities under the legislation.

Examples would include people involved in the collection of data from people applying to do projects, those involved in organisation of projects etc.

E-vet application Responsibilities:

  • not to disclose it to others

  • to keep it safe and secure

  • to ensure secure acces to data for organisation and individuals

E-vet application user organisations Responsibilities:

  • to obtain and process information fairly

  • to keep it only for explicit and lawful purposes

  • not to disclose it to others

  • to keep it safe and secure

  • to keep it accurate, complete and up-to-date

  • to ensure that it is adequate, relevant and not excessive

  • to retain it for no longer than is necessary for the explicit purpose

  • to give a copy of the data to an individual, on request (such a request is known as an ACCESS REQUEST).

WHAT ARE YOUR RIGHTS AS AN INDIVIDUAL?

  • to have your personal information obtained and processed fairly, kept securely and not illegitimately disclosed to others

  • to be informed, to know the identity of the Data Controller and for what purpose they have the information

  • to get a copy of the personal information

  • to have your personal data corrected or deleted if inaccurate

  • to prevent your personal information from being used for certain purposes, for example you might want your data blocked for research purposes where it is held for other purposes

  • to have your name removed from a direct marketing list

  • to stop some specific uses of your personal information

  • to Employment Rights, not to be forced to disclose information to a prospective employer. No one can force you to make an access request, or reveal the results of an access request, as a condition of recruitment, employment or provision of a service. Where vetting for employment purposes is necessary, this can be facilitated where the individual gives consent to the data controller to release personal data to a third party

  • to freedom from automated decision making, to have human input in the making of important decisions relating to you. Important decisions about you, for example, work performance, creditworthiness, reliability may not be made solely by automatic means e.g. by computer, unless you consent to this. In general there has to be a human input in such decisions

  • to prevent your phone directory details from being used for direct marketing purposes.


Close this window