Overview Who we are Products & Services mySatcom® Details News
Register
MS2M is committed to meeting its obligations under the Data Protection Act of 1998. MS2M will strive to observe the law in all collection and processing of subject data and will meet any subject access request in compliance with the law. MS2M will only use data in ways relevant to carrying out its legitimate purposes and functions in a way that is not prejudicial to the interests of individuals. MS2M will take due care in the collection and storage of any sensitive data. MS2M staff will do their utmost to keep all data accurate, timely and secure.

MS2M will share its data with MS2M staff and partners but will work to ensure that all staff understand they are required to observe UK data protection laws when handling data transferred overseas.

All MS2M staff (permanent or temporary) and voluntary workers, must be aware of the requirements of the Data Protection Act when they collect or handle data about an individual. MS2M staff must not disclose data except where there is subject consent, or legal requirement. Data sent to outside agencies must always be protected by a written contract. All collection and processing must be done in good faith.

The Data Protection Desk will keep records of all complaints by data subjects and the follow up. It will also keep a record of all data access requests. There will be a repository of all MS2M statements of Data Protection Law compliance and information about any contacts made with the Data Protection Registrar. This information will be available to staff and data subjects on request.

MS2M will inform subjects of any processing, disclosure or overseas transfer that does not fall within MS2M's purpose in a way that any individual supplying could be expected to understand. MS2M will keep registration (now called notification) up to date. 

Principles of data protection outlined in the Data Protection Act

Anyone processing personal data must comply with the eight enforceable principles of good practice. These state that data must be:
  • fairly and lawfully processed;
  • processed for limited purposes;
  • adequate, relevant and not excessive;
  • accurate;
  • not kept longer than necessary;
  • processed in accordance with the data subject's rights;
  • secure; and
  • not transferred to countries without adequate protection.