WORTHING BUSINESS CRIME REDUCTION PARTNERSHIP
Data Integrity Agreement
Confidentiality Agreement incorporating
1.0 The Data Protection Act 1998
1.1 The act regulates the use and handling of information (personal data) processed by computers and information held on manual records. It provides a framework by establishing data protection principles. The purpose of the Data Protection Act 1998 is to make provision for the regulation of the processing of information relating to individuals including the obtaining, holding, use or disclosure of such information. All processing must be in compliance with the provisions of the act and in the event of non-compliance the Information Commissioner may take enforcement action.
1.2 Particular obligations are placed upon the partnership, its members, the data controller and you, as a member of the partnership must comply with the data protection principles.
2.0 Definition of Terms
2.1 The partnership is an initiative operated by businesses in partnership with police and other agencies and organisations, through an agreement with each of the members, who have agreed to the principles outlined in the protocols document, specifically, the constitution, code of practice, operating procedures, data integrity agreement and other agreed partnership procedures and protocols contained therein.
2.2 Authorised Persons
For the purpose of this agreement are the signatories to the agreement.
2.3 Data Controller
The board of management of the partnership is the data controller and is responsible for all matters concerning the management of the partnership. The BoM will determine the purposes for which, and the manner in which, any personal data are, or are to be, processed.
2.4 Personal Data
Data consisting of information, which relates to a living individual, who can be identified from that information.
“Data” means information which –
a) is being processed by means of equipment operating automatically in response to instructions given for that purpose.
b) is recorded with the intention that it should be processed by means of such equipment.
c) is recorded as part of a relevant filing system, or with intention that it should form part of a relevant filing system, or
d) does not fall within paragraph a), b) or c) but forms part of an accessible record.
2.6 Data Subject
A living individual who is subject of personal data
2.7 In or Near
The town of Worthing.
2.8 Disclosure of Information
The Data controller will approve disclosure of personal data and information about data subjects to signatories of this agreement, where relevant and appropriate, for the purposes of:
- The prevention and detection of crime or:
- The apprehension or prosecution of offenders or suspected offenders
Information should only be passed where it is relevant to do so.
2.9 The Data controller will disclose personal data to signatories, where it is relevant to do so in connection with:
- Person(s) who are identified as legitimate “targets” under the partnership protocols or:
- Person(s) who are strongly believed to be in the operating area and in respect of whom there is clear evidence of their propensity to commit crime in the area.
Data processor means any person who processes the data on behalf
of the data controller.
Processing, in relation to information or data, means obtaining, recording or
holding information or data or carrying out any operation in relation to the
information or data, including-
- organisation, adaptation or alteration of the information or data.
- retrieval, consultation or use of the information or data.
- disclosure of the information or data by transmission, or otherwise making available
- alignment, combination, blocking, erasure or destruction of the information or data.
3.0 Definition of a Target
For the purpose of this agreement a target means and includes:
- A person who is known (from a reliable source) to be currently, persistently and actively involved in committing or attempting to commit crime or disorder, in or near the area of operation. This will be the main criteria. In addition, a target will have a criminal record, e.g.
- A person who has been convicted within the previous twelve months of any offence in or near the area of operation which may impact on the business environment. The conviction must be relevant and appropriate to the purpose (that is the prevention and detection of crime, disorder and anti-social behaviour and the apprehension and prosecution of offenders). This would not include parking offences and or other minor incidents which are not relevant.
- A person who lives in or near the area of operation and who has been convicted within the previous twelve months of any crime which may impact on the business environment and whose activities or antecedents indicate that they are currently engaged in crime or are believed to be involved in crime. The conviction must be relevant and appropriate to the purpose (that is the prevention and detection of crime, disorder and anti-social behaviour and the apprehension and prosecution of offenders). This would not include parking offences and or other minor incidents which are not relevant.
- A person who has been served with an exclusion notice preventing him/her from entering any member premises.
3.2 Personal data shall be periodically reviewed and shall not be retained for any longer than necessary. In particular target photographs and target information shall be reviewed every 3 months to ensure that the data reflects the data subject’s current circumstances. Personal data shall not normally be retained for any longer than twelve months unless subject to review.
4.0 Data Security
4.1 Data shall not be disclosed to any non-signatory, either directly or indirectly unless required to do so by law or by the order or ruling of a court, tribunal or regulatory body. If required to do so, the member should notify the partnership manager promptly, prior to making such disclosure.
4.2 Personal data shall be transmitted to authorised persons through secure channels.
4.3 Appropriate security measures will be employed to prevent unauthorised access to, or alteration, disclosure, accidental loss or destruction of personal data. Such consequences may be seen as a breach of the data protection principles and may lead to further action.
4.4 Personal data relating to targets or other data subjects shall immediately be returned or destroyed when requested to do so in writing or otherwise.
4.5 Personal data relating to targets or other data subjects will be retained in accordance with the procedures outlined by the partnership protocols and documentation.
5.0 The Commitment
5.1 In consideration of the personal data being made available between the data controller and the data signatories, both parties undertake the following:
- To keep the data received confidential at all times
2. To obtain and process data and information fairly and lawfully
3. To collate the data solely for the purposes of prevention and detection of crime, or the apprehension or prosecution of offenders
4. Data held will consist solely of descriptions, habits, movement details, and criminal intelligence relating to target offenders and person(s) who are strongly suspected of committing crime, nuisance and/or disorder in or near the area of operation
5. Police data will consist of the circulation of photographs or other information as agreed locally.
6. Data held will relate to target offenders, current and past and person(s) who are strongly suspected of committing crime, nuisance and/or disorder in or near the area of operation.
7. Data may be disclosed to police, prosecutors and courts
8. Data shall be adequate, relevant, and not excessive for the purpose it is intended
- Data shall only be accessed or disclosed by or to authorised persons.
5.2 Any breach of this agreement will be dealt within accordance to the disciplinary procedures outlined in the partnership protocols and documentation. Making an unauthorised disclosure of data may lead to criminal prosecution.