No announcement yet.

Data protection act?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Data protection act?

    I've received this email. Looks like some sort of scam since it was sent to [email protected] and has a reply address of [email protected] (hardly what you would expect for a government deptartment).

    Data Protection Act Registration Service
    51 Brackley
    St Georges
    M15 4FS.
    Email [email protected].

    Ref: DPAR/RS160358.EM

    Data controller notification

    Dear Sir or Madam

    Failure to notify is a criminal offence. Offences are triable either in the
    Magistrates' Court or the Crown Court In England or Wales. In Scotland
    offences are triable in the Sheriffs' Court or High Court of Justiciary. On
    conviction an offender is liable to a maximum fine not exceeding level 5 on the
    standard scale of fines contained in the Criminal Justice Act 1982 (As amended)
    and the Criminal Procedure (Scotland) Act 1975. At present this is £5,000.00p
    in the Magistrates' and Sheriffs' Court (Scotland) or an unlimited fine in the
    Crown Court and High Court of Justiciary (Scotland).

    If you are registered under the 1984 Act. 1998 Act or exempt.

    There is no reason to contact us.

    The Data Protection Act 1998 requires every Data controller who is processing
    personal data to notify unless exempt. (Data controller means a person who
    determines the purposes for which, and the manner in which, any personal data
    are, or are to be, processed).

    What is notification? The Data Protection Commissioner maintains a public
    register of data controllers. Each register entry includes the
    name and address of the data controller and a general description of the
    processing of personal data by the data controller.
    Individuals can consult the register to find out what processing of personal
    data is being carried out by a particular data controller.

    Am I exempt? If you keep details of individuals, companies, employees, credit
    details, customer lists, CCTV, accounts, membership details etc. On computer
    then you must register.
    (Personal details Included in this category are classes of data which identify
    the data subject and their personal characteristics. Examples are names,
    addresses, contact details, age, sex, date of birth, physical description,
    identifiers issued by public bodies, eg NI number).

    If you were registered under the 1984 Act. You may have been registered under
    the 1984 Act with one or more register entries. If you had a single entry you
    need to notify when your 1984 entry expires unless you are exempt. When you
    notify we need to know your previous registration number to ensure that no
    reminders to notify are sent to you.
    Under the 1998 Act a data controller may only have one register entry. You can
    choose to notify at any time before your last entry expires. When you notify,
    all your remaining 1984 entries will be removed from the register. This is why
    we ask you to provide a list of all your previous registration numbers in this
    section. You can wait until your last entry is due to expire and than notify.

    How do I contact you? Due to manpower restraints we are unable to offer a
    manned telephone service. You can write with your query or email us at:

    [email protected]

    How do I notify? Fill in the enclosed notification form and return it to us
    with the correct fee.

    Please allow up to 60 days for notification

    Useful literature: This can be obtained by phoning the Information
    Commissioners automated Information line on: 01625 545745

    The Guidelines. The Data Protection Registrar. Using the law to protect your
    information Fourth series. Notification Handbook. A complete guide to
    The Data Protection Act: A brief guide for data controllers.
    Using the law to protect your information.
    The Data Protection Act 1998. An introduction CCTV Code of Practice July 2000.
    Available from: Office of the Data Protection Commissioner.

    Yours faithfully

    Gary McNeish
    Data Protection Act Registration Service.

    We are a independently run registration service. We have no connection with
    the Data Protection Commissioner now known as the Information Commissioner. Our
    aim with this letter is to make you aware of your current legal obligation to
    the Data Protection Act 1998 and to offer our service in the registration of
    your business.


    Data Protection Act 1998 Registration details

    Name for contact details only.
    Previous 1984 registration number.
    Schools print Head teachers name.


    Data controller name. Sole trader Full name of individual, eg John Smith.
    Partnership. Trading name of the firm, eg Jeans & Co ( Do not provide name of
    the partners ).
    Limited & PLC Full name of company, eg ABC. Ltd ( Not the trading name ).
    Schools. Name of school, eg Bedford High School.
    Others, eg Voluntary bodies. Name by which you are known to the public.


    Data controller address. Limited company must provide your registered office
    In all other cases you must provide the address of your principal place of


    Company registration number. Limited or PLC are encouraged to provide your
    company registration number as a unique identifier for the company.


    A description of the type of business, eg Accountant, Solicitor.


    Declaration. The information provided is a true and correct description of my



    Fees. There is a fee for notification of £85.00. VAT nil
    ( This includes the mandatory £35.00 government notification fee).
    You can pay by cheque or postal order made payable to:
    The Data Protection Act Registration Service.
    Please allow up to 60 days for notification
    Data Protection Act Registration Service. 51 Brackley St Georges MANCHESTER.
    M15 4FS
    >From the independently run offices of the Data Protection Act Registration

  • #2
    we got that as well. It's basically a company spamming thousands of addresses with a carefully worded email designed to make you think you have to use their services, whereas in fact it's just a waste of money.

    I also wouldn't trust anyone who runs their business through a Freeserve email address (Freeserve is a UK free ISP).


    • #3
      Load of crap

      The Data Protection Act states that a person is entitled to have the information held about them up to date and acurate. Since vB is a piece of software designed to allow users to update this information themselves, there is no such term as "Data Operator" with reference to any vB site. This information has also been provided with prompting, and its merely a self contained. It is merely a self contained membership system.

      The other obvious thing is that no personal information, apart from maybe DOB and location are actual "real details" about anyone that signs up. I wouldn't consider this a worry to anyone using vB in its off-the-shelf form.
      HP DL-380 G6, 2x E5520, 28GB RAM, 4x300GB SAS, VMWare ESXi
      Unreal Tournament : Assault forums - irc:// -


      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.