That's not my understanding of how the legislation works - obviously I don't know the details of how you're operating here (and don't want or need to), but under the DPA the data controller is 'a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.' Which would surely cover the developer of a website with access to the db.
So - again, on my understanding, and I'm not a lawyer and this is not legal advice - if I (a UK citizen) were to set up a website collecting personal data from other UK citizens, I'd be regarded as the data controller for DPA purposes regardless of where the site was hosted.
One last quick point (which was also my first): 'political opinions' is explicitly one of the sorts of data that count as 'sensitive personal data' under the DPA which require extra care.
I'm not trying to argue that you are or aren't covered (obviously, I suspect you probably are) - that has to be for you to decide. I just don't want someone who's spent some genuine effort building an interesting tool for others to enjoy to get in to trouble because they didn't know about the legal situation.
Best of luck, anyway - it's a fun service, and people are obviously enjoying it.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
When the user enters their data it is not me (legally) who is entering it in a country outside of the UK, it's them.
no subject
So - again, on my understanding, and I'm not a lawyer and this is not legal advice - if I (a UK citizen) were to set up a website collecting personal data from other UK citizens, I'd be regarded as the data controller for DPA purposes regardless of where the site was hosted.
One last quick point (which was also my first): 'political opinions' is explicitly one of the sorts of data that count as 'sensitive personal data' under the DPA which require extra care.
I'm not trying to argue that you are or aren't covered (obviously, I suspect you probably are) - that has to be for you to decide. I just don't want someone who's spent some genuine effort building an interesting tool for others to enjoy to get in to trouble because they didn't know about the legal situation.
Best of luck, anyway - it's a fun service, and people are obviously enjoying it.