Privacy and Data Protection
Privacy Notices and Data Protection
Personal data held by the Registrar and Office is subject to the provisions of data protection law currently in force in England, being the European Union’s General Data Protection Regulation (‘GDPR’), and the ‘applied GDPR’ regime established by the Data Protection Act 2018.
We have different privacy notices, outlining the personal data we collect, the basis on which we do that, what we do with it, and your rights:
- Privacy Notice for data collected as part of the statutory duties of the Registrar;
- Privacy Notice for data collected through general correspondence;
- Privacy Notice for data collected through Freedom of Information and Subject Access Requests;
- Privacy Notice for data collected through external business contacts.
Electronic data held by the Registrar and Office is held on IT systems provided and managed by the sponsoring government Department, so they are considered joint data controllers. The shared data controller responsibility is governed by a Memorandum of Understanding.
Our policy document on special category and criminal convictions personal data can be viewed here.
You may request a copy of any personal data we hold on you, at any time, by emailing firstname.lastname@example.org, or by writing to us at the address on our ‘Contact us’ page.