Data Protection

The Data Protection Act 1988 came into force on 1 March 2000 and applies to information about individuals ('personal data'). CCMS (as a 'Data Controller') must comply with requirements for how organisations should handle personal data. Data must be:

• fairly and lawfully processed
• processed for limited purposes and nor for any manner incompatible with those purposes
• adequate, relevant and not excessive
• not kept for longer than is necessary
• processed in line with the data subject's rights
• secure
• not transferred to countries without adequate data protection.

The Data Protection Act gives an individual ('the data subject') the right to access personal information that CCMS holds about them. This is done by making a 'Subject Access Request'. A valid Subject Access Request should be made in writing, We provide a dedicated Freedom of Information e-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it. which is routed directly to the Communications Officer.

For further information contact our Corporate Information & Communications Officer at our Lisburn Office.