The Data Protection Act 1998 (DPA) is a United Kingdom Act of Parliament which defines UK law on the processing of data on identifiable living people. It is the main piece of legislation that governs the protection of personal data in the UK, protects people’s fundamental rights and freedoms and, in particular, their right to privacy with respect to the processing of personal data.

With over 75 provisions to adhere to, the DPA can be divided into the following main categories:

• Part I Preliminary

• Part II Rights of data subjects and others

• Part III Notification by data controllers

• Part IV Exemptions

• Part V Enforcement

• Part VI Miscellaneous and General Data Protection Act Details