Some cookies are essential to make our website work. To help us improve, we'd like to set other cookies to show us how our website is being used.

View cookies.

Data protection and GDPR

The law and principles regarding the information we collect and how we use it.

We collect and use personal information to carry out our work.

We must handle this information properly, no matter how it is collected, recorded or used.

We follow the rules set out in the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. These laws are known together as data protection law.

Data protection law sets strict rules for how organisations must process personal information. It says personal data must be:

•    processed lawfully, fairly and transparently
•    collected for specific, clear and legitimate reasons
•    relevant and limited to what is needed
•    accurate and kept up to date
•    kept only for as long as necessary
•    protected using appropriate security measures

These are known as the data protection principles.

We must also have a lawful reason to process personal data. This could be:

  • the person has given consent
  • we have a legal obligation
  • we need to carry out a task in the public interest

How we manage personal data

To make sure personal data is handled properly, we:

•    assess data protection risks
•    understand and document data sharing requirements
•    explain how we process data to customers
•    respond to requests for personal data
•    identify, contain and manage data breaches

Request personal data

The UK General Data Protection Regulations (UKGDPR) provide you with the right to access the personal, special category personal or criminal/law enforcement data we hold about you.

If we get a valid request we will:

  • provide you with a response within one month
  • let you know if your request is subject to an extension
  • make reasonable efforts to comply with the format of your request
  • inform you if your request is going to be refused or a charge is payable

We will not disclose:

  • any information that relates to a third party as this will breach their rights under UKGDPR/Data Protection Act 2018
  • where a professional thinks disclosure would cause serious harm to you or someone else
  • information that may hinder the prevention or detection of crime.

For more information contact us:

Email: [email protected]