1. UK Data Protection Law
  2. Legislation (UK)
  3. Acts
  4. 2018
Date-stamp loading
  1. Data Protection Act 2018 (c. 12)
  2. Part 3 Law enforcement processing (ss. 29-81)
Previous Next

Part 3 Law enforcement processing (ss. 29-81)
Chapter 1 Scope and definitions (ss. 29-33)
Scope (s. 29)
In force
 29. Processing to which this Part applies
Definitions (ss. 30-33)
In force
 30. Meaning of "competent authority"
In force
 31. "The law enforcement purposes"
In force
 32. Meaning of "controller" and "processor"
In force
 33. Other definitions
Chapter 2 Principles (ss. 34-42)
In force
 34. Overview and general duty of controller
In force
 35. The first data protection principle
In force
 36. The second data protection principle
In force
 37. The third data protection principle
In force
 38. The fourth data protection principle
In force
 39. The fifth data protection principle
In force
 40. The sixth data protection principle
In force
 41. Safeguards: archiving
In force
 42. Safeguards: sensitive processing
Chapter 3 Rights of the data subject (ss. 43-54)
Overview and scope (s. 43)
In force
 43. Overview and scope
Information: controller's general duties (s. 44)
In force
 44. Information: controller's general duties
Data subject's right of access (s. 45)
In force
 45. Right of access by the data subject
Data subject's rights to rectification or erasure etc (ss. 46-48)
In force
 46. Right to rectification
In force
 47. Right to erasure or restriction of processing
In force
 48. Rights under section 46 or 47: supplementary
Automated individual decision-making (ss. 49-50)
In force
 49. Right not to be subject to automated decision-making
In force
 50. Automated decision-making authorised by law: safeguards
Supplementary (ss. 51-54)
In force
 51. Exercise of rights through the Commissioner
In force
 52. Form of provision of information etc
In force
 53. Manifestly unfounded or excessive requests by the data subject
In force
 54. Meaning of "applicable time period"
Chapter 4 Controller and processor (ss. 55-71)
In force
 55. Overview and scope
General obligations (ss. 56-65)
In force
 56. General obligations of the controller
In force
 57. Data protection by design and default
In force
 58. Joint controllers
In force
 59. Processors
In force
 60. Processing under the authority of the controller or processor
In force
 61. Records of processing activities
In force
 62. Logging
In force
 63. Co-operation with the Commissioner
In force
 64. Data protection impact assessment
In force
 65. Prior consultation with the Commissioner
Obligations relating to security (s. 66)
In force
 66. Security of processing
Obligations relating to personal data breaches (ss. 67-68)
In force
 67. Notification of a personal data breach to the Commissioner
In force
 68. Communication of a personal data breach to the data subject
Data protection officers (ss. 69-71)
In force
 69. Designation of a data protection officer
In force
 70. Position of data protection officer
In force
 71. Tasks of data protection officer
Chapter 5 Transfers of personal data to third countries etc (ss. 72-78)
Overview and interpretation (s. 72)
In force
 72. Overview and interpretation
General principles for transfers (ss. 73-76)
In force
 73. General principles for transfers of personal data
Omitted
 74. Transfers on the basis of an adequacy decision
In force
 74A. Transfers based on adequacy regulations
In force
 74B. Transfers based on adequacy regulations: review etc
In force
 75. Transfers on the basis of appropriate safeguards
In force
 76. Transfers on the basis of special circumstances
Transfers to particular recipients (s. 77)
In force
 77. Transfers of personal data to persons other than relevant authorities
Subsequent transfers (s. 78)
In force
 78. Subsequent transfers
Chapter 6 Supplementary (ss. 79-81)
In force
 79. National security: certificate
In force
 80. Special processing restrictions
In force
 81. Reporting of infringements
Previous Next