BBC HomeExplore the BBC

4 December 2009
Accessibility help
Text only
Editorial Guidelines logo Editorial Guidelines logo

BBC Homepage
Editorial Guidelines Home
Editorial Guidelines in Full
Online Services Guidelines
A-Z Index
Section Index
The BBC's Editorial Values
Editorial Responsibility
Accuracy
Impartiality
Fairness, Contributors & Consent
Privacy
Crime & Anti-Social Behaviour
Harm & Offence
Children
Politics & Public Policy
War, Terror & Emergencies
Religion
Editorial Integrity & Independence
External Relationships
Interacting with our Audiences
The Law
Accountability
Guidance
Mandatory Referrals
Forms
Newsletter
Contact Editorial Policy
Research Reports
Compliance
How to use this site
Contact Us

Like this page?
Send it to a friend!
 

Online Services Guidelines in Full

The Law

Data Protection Act

Any site that collects personal information will need to comply with the Data Protection Act. Personal information is any information that relates to a living individual who can be identified:

  • from that information or
  • from that and other information in our possession or likely to come into our possession.

Personal information can include:

  • an email address or telephone number, collected for example when people enter competitions, sign up for a newsletter or become part of a programme's database of contributors.
  • information about people's personal experiences and opinions we collect for use online, on TV or on radio.

The BBC should not collect personal information from users and then pass it on to others without their consent. There are specific concerns about collecting personal information on the public service site which might be disclosed to anyone outside the BBC.

Exceptionally, any proposal to give contributors' personal details, comments or other personal information to a third party without the contributor's consent should be referred to the relevant Interactive Executive Editor or equivalent who may wish to consult Regulatory Legal Department.

In addition, personal information should not normally be accessible to other BBC departments outside the production area which has collected it. Any proposal to make an exception should first be referred to Regulatory Legal Department.

Sites that collect personal information should include a "Use of Data" notice, explaining every purpose for which the information will be used. See next page "Use of Data Notice".

Any information requested should be the minimum necessary. Think about :

  • whether collecting a date of birth is really necessary. Use age or age range instead
  • whether a full post code is necessary. The first part is enough to check what region or area of the country the person lives in
  • whether a full address is necessary. For example, it may be necessary to deliver a prize or an information pack.

Personal information should only be kept for the minimum length of time necessary and appropriate to the uses for which it has been agreed. Whilst kept, the BBC is responsible for ensuring it is stored securely, including when it is handled by an agent or partner on our behalf. A written contract between the BBC and the agent or partner must require the information to be used only for the purpose the BBC has agreed. A contract is also needed if personal information is being sent outside the European Economic Area. Once the purpose for which the information has been used has come to an end, it must be disposed of securely. For advice on information security, consult the Information Security intranet site. See: http://www.bbc.co.uk/guidelines/delivering_quality/information_security.shtml.

 | 
Search this site

Content producers must also read

Online Guidelines



About the BBC | Help | Terms of Use | Privacy & Cookies Policy