Data Protection Act 1998

The use of personal information by businesses and other organisations is subject to the requirements of the Data Protection Act.

The Act governs the use of personal information through eight data protection principles, which require that the information is:

  • processed fairly and lawfully;
  • processed for one or more specified and lawful purposes, and not further processed in any way that is incompatible with the original purpose;
  • adequate, relevant and not excessive;
  • accurate and, where necessary, kept up to date;
  • kept for no longer than is necessary for the purpose for which it is being used;
  • processed in line with the rights of individuals;
  • kept secure with appropriate technical and organisational measures taken to protect the information; and
  • not transferred outside the European Economic Area (EU member states plus Norway, Iceland and Liechtenstein) unless there is adequate protection for the personal information being transferred.

BRB (Residuary) Limited is fully committed to ensuring compliance with the Act and with other data handling requirements issued by the Cabinet Office. Accordingly, the Company has produced an Information Charter which is available on this web site.

General enquiries to this Company should be made via the Contact Us section of the web site. Subject access requests (ie requests for information held about oneself) and complaints under the Act should be addressed to:

Mr Peter Trewin
Director, Legal and Secretariat
BRB (Residuary) Ltd
4th Floor
One Kemble Street
London WC2B 4AN

Telephone: 020 7904 5027