"KMA" <km*@schneeberger.ch> wrote in message
news:ds**********@atlas.ip-plus.net...
To be honest, not sure. But I imagine not. Otherwise people would simply
avoid their obligations by hosting in Vanuatu. I believe the crucial
responsability lies with the owner of the data, which would normally be
the registered owner of the domain. A precise definition is sure to be
found by reading through the docs for the DPA, if you have time.
Sounds like *another* valuable topic for a post when you've finished
digesting the material.
I was faced with this very issue about 18 months ago when I was developing
my on-line timesheet web app. Basically, it's a portal / conduit primarily
aimed at self-employed contractors, their agents and their clients.
Because I was capturing personal information about the users, there was no
option but to register with the DPA. It was a simple and fairly inexpensive
process. Obviously this allowed me to advertise the fact that the data
captured through the site was held in accordance with UK law which, judging
by the feedback, certainly gives potential users that warm feeling of
reassurance...
I got the following proforma privacy policy from them which I had to adapt
only slightly:
http://www.contracting-online.com/ap...acypolicy.aspx