As they openly claim that they are a data controller this means they now become subject to the General Data Protection Regulations(GDPR). So we would like to know who their Data Protection Officer is and what training if any, they may or may not have undertaken?
This means that any member of the public may make a subject access request or ask for the data the local party hold on you to be deleted, or ask them to stop sending you campaigning material among other things.
During the local elections Cllr Ray Field & Cllr Nicola Keen who were elected to the Folkestone Harbour Ward were collecting residents data as is made clear from their election leaflet.
Nowhere on this leaflet does it set out your rights and what they will do with your data, who will process it how long they will store and more.
We have spoken to the Information Commissioner’s Office who informed us that political parties – who are data controllers in their own right – such as the Folkestone & Hythe Labour Party are not exempt from the £40 fee and need to be on the register of fee payers.
As Cllr Field makes clear in the leaflet above: “Actions speak louder than words. Vote Field & Keen to ensure consultation is meaningful, and to reinstate democracy and transparency for our community.”
One of the features of the GDPR which is superficially similar to the old Data Protection Act but turns out to be quite different is the requirement to provide information about how personal data is being used. The word ‘transparency’ is an inherent part of the GDPR first principle, whereas it was absent from the previous version. The DPA 1998 allowed data controllers to decide what information data subjects needed to know, beyond who the controller was and what purposes their data was being processed for. The GDPR has two similar but distinct lists of information that must be provided, one for where data is obtained from the subject, the other where data is obtained from somewhere else, and they dictate what must be provided in scary detail.
The first principle concerns lawfulness, fairness and transparency. It requires that personal data are processed in a lawful, fair and transparent manner in relation to data subjects. Transparency implies that any information and communication concerning the processing of personal data must be easily accessible and easy to understand. Also, clear and plain language needs to be used in this regard. More specifically, this principle ensures data subject receive information on the identity of controllers and purposes of the processing of personal data.
Will Cllr Field (pictured) or any other elected Lab Cllr please inform us who the Folkestone & Hythe Labour Party Data Protection Officer is – as they are a data controller in their own right? And where can members of the public send any subject access request? Please do let us know, as you seem to believe in transparency, and actions speak louder than words.
