What is the DPA (Data Protection Act 1998)?
The DPA came into force on 1 March 2000, and was created to protect the privacy of the customer. It is the principal legislation in the UK governing the way in which personal information is handled, and all credit card companies work within its boundaries.
Hot Topics
- If my premium is “Rated”, what does that mean?
- If your premium is “Rated” it means that the insurance company will only agree to insure you if you pay a higher premium than the one they originally quoted. This happens because, following receipt of your Application and any follow-up information they required, the insurance company believes you to represent an above average risk. (In extreme situations they will simply decline to insure you.)
- If your insurer asks for a higher premium because you are Rated, is it worth applying to another insurance company?
- We do not think so. Why? Read on.
- Will your Mortgage Lender charge a fee if you buy your Life Insurance from someone else?
- No! By law mortgage lenders are not allowed to charge a fee if you buy elsewhere.
- What happens If I stop Paying my Premiums?
- Your policy will be automatically cancelled. If this is what you want you need take no action and your insurance cover will cease. You have no commitments to make further payments.
- How do you go about making a claim under your policy?
- Claims are made directly to the Insurance Company who issued your policy. Details of how to claim will be found within the booklet they provide with your Application form and policy.
The DPA works in two ways. As credit card customer it gives you the right to see a copy of your personal information held by your credit card issuer on payment of a fee. You can challenge it if appropriate and claim compensation in certain circumstances as set out in the Data Protection Act.
Secondly, the DPA imposes certain obligations on those who record and use personal information i.e. your credit card company. They must be open about how the information is used and must comply with the eight data protection principles.
These data protection principles say that personal information must be:
- fairly and lawfully processed
- processed for limited purposes
- adequate, relevant and not excessive
- accurate
- not kept for longer than is necessary
- processed in line with your rights
- secure
- not transferred to countries without adequate protection




