A question regarding the data protection act?
Found 13th Nov 2008
Scenario: credit card company sends a statement, default notice, in fact any personal/sensitive information that could be used for identity theft. It is sent in a bog standard windowed envelope franked by the sender, and the envelope is not sealed at all. Is the company in contravention of the DPA?