Data Protection and Confidentiality

CFEP activities are fully within the scope of the Data Protection Act 1998. CFEP is registered with the Data Commissioner and the Data Controller is Carolyn Blackburn. CFEP is aware of its obligations and duties under the terms of this Act. In particular, CFEP will ensure that;

  • Personal data is processed fairly and lawfully
  • Personal data is obtained only for one or more specified and lawful purposes, and is not further processed in any manner incompatible with that purpose or those purposes
  • Personal data is adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed
  • Personal data is accurate and, where necessary, kept up to date
  • Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or purposes
  • Personal data is processed in accordance with the rights of the data subjects
  • Appropriate technical and organisational measures are taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data
  • Personal data is not transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection of the rights and freedoms of data subjects in relation to the processing of personal data



All CFEP staff are informed and updated on their responsibilities in regards to Data Protection and Confidentiality by the following methods;

  • Induction training
  • Requirements within their Terms of Employment and Staff Handbook
  • Signing a Confidentiality Agreement
  • Staff meetings
  • Email