Using data collected on individuals
• Your business is generally allowed to use someone’s personal data if they have given their consent. The data can also be used in other circumstances, for example, if your business:
• needs to use the data to fulfil a contract with a customer (such as using their address to deliver goods to them); or • has a legitimate interest in using it, although this must be balanced with the individual’s rights. For example, if a part of your business has been sold to a third party and you need to transfer customer data to it.
• Data should only be used for the reason that it was collected (for example, if calls between staff and customers are recorded for training purposes only, they should not be used to discipline a member of staff).
• If you want a third party to manage data (such as carrying out payroll services) you should take legal advice. Your business will still be responsible for protecting the data and will need to enter into a written contract with the third party.
• Your business should also take legal advice if it is considering transferring any data outside the countries in the European Economic Area. It is very easy to transfer data outside of your own country (for example, by sending an e-mail to an office outside of the UK).
• If the data is being used in marketing material, check that the recipient is aware that their data may be used for this reason and confirm they do not object. You will generally need the individual’s explicit consent (opt-in) for e-mail, fax and text marketing. If the individual is an existing customer, you may be able to market similar products to them by these means without prior explicit consent. You should take legal advice if you want to do this.
• If your business is considering using sensitive personal data (for example, information about ethnic origin, trade union membership or criminal records), you should take legal advice.
Storing personal data
All data must be accurate and up to date. Databases should be regularly cleaned and out-of-date information must be deleted.
• Data should only be held for as long as it is required and for the reason it was collected. For example, if personal data was collected to deliver a product a year ago and not used since, it should not be held on the basis that it may be needed for another reason at some time in the future. Keeping data secure and confidential
• Personal data must be kept secure at all times. For example:
• computers and files should be password protected; • personal data on laptops and other portable devices should be kept to a minimum;
• manual filing cabinets containing personal data should be locked and only accessible to authorised personnel;
CS 340 Milestone One Guidelines and Rubric Overview: For this assignment, you will implement the fundamental operations of create, read, update,
Retail Transaction Programming Project Project Requirements: Develop a program to emulate a purchase transaction at a retail store. This
7COM1028 Secure Systems Programming Referral Coursework: Secure
Create a GUI program that:Accepts the following from a user:Item NameItem QuantityItem PriceAllows the user to create a file to store the sales receip
CS 340 Final Project Guidelines and Rubric Overview The final project will encompass developing a web service using a software stack and impleme
