Users of your website (known as data subjects) have a right to ask you whether you are processing any personal data about them and, if so, to be given:
The eight data protection principles are central to the Data Protection Act 1998. The Data Protection Act is the main body of legislation setting out data protection law in the UK and is based on a European Community Directive. You must comply with these principles at all times in your information-handling practices. The most practically relevant principles say that personal data must be:
(a) Processed fairly and lawfully
(b) Obtained only for one or more specified and lawful purposes and not processed in a manner incompatible with those purposes
(c) Adequate, relevant and not excessive
(d) Accurate and kept up-to-date
(e) Not kept for longer than is necessary
(f) Processed in accordance with the rights of data subjects under the Act
(g) Gathered and processed only where appropriate technical and organisational measures are taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
(h) Not transferred to a country or territory outside the European Economic Area unless that country ensures an adequate level of protection for the processing of personal data
Cookies are text files containing small amounts of information. They are downloaded to a user's device when they visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user's device.
Any website using cookies must: