Data Protection Act 2018 Alert Sample


Alert Sample

View the Parallel Parliament page for the Data Protection Act 2018

Information since 14 Feb 2025, 5:20 a.m.


Data Protection Act 2018 mentioned

Parliamentary Debates
Renters’ Rights Bill
101 speeches (23,781 words)
Tuesday 1st July 2025 - Lords Chamber
Ministry of Housing, Communities and Local Government
Mentions:
1: Lord Carter of Haslemere (XB - Life peer) I can help the noble Baroness here, because Section 16 of the Data Protection Act—a Henry VIII power, - Link to Speech

Children’s Wellbeing and Schools Bill
134 speeches (36,783 words)
Thursday 19th June 2025 - Lords Chamber
Department for Education
Mentions:
1: None this section“the data protection legislation” and“processing” have the same meaning as in the Data Protection Act - Link to Speech
2: None this section“the data protection legislation” and“processing” have the same meaning as in the Data Protection Act - Link to Speech

Mental Health Bill [ Lords ] (Eighth sitting)
66 speeches (17,764 words)
Committee stage: 8th sitting
Thursday 19th June 2025 - Public Bill Committees
Department of Health and Social Care
Mentions:
1: Stephen Kinnock (Lab - Aberafan Maesteg) processing, including the sharing of data, is subject to data protection legislation, including the Data Protection Act - Link to Speech
2: None Clause 53 helpfully clarifies that any such data sharing under the Bill is subject to the Data Protection Act - Link to Speech

Crime and Policing Bill
152 speeches (57,306 words)
Report stage
Wednesday 18th June 2025 - Commons Chamber
Home Office
Mentions:
1: Tonia Antoniazzi (Lab - Gower) for in this section.(2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act - Link to Speech
2: Judith Cummins (Lab - Bradford South) for in this section.(2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act - Link to Speech

Employment Rights Bill
61 speeches (11,905 words)
Committee stage part two
Wednesday 18th June 2025 - Lords Chamber
Department for Business and Trade
Mentions:
1: None of the passing of this Act and every 12 months thereafter, subject to the provisions of the Data Protection Act - Link to Speech

Employment Rights Bill
99 speeches (25,997 words)
Committee stage part one
Wednesday 18th June 2025 - Lords Chamber
Department for Business and Trade
Mentions:
1: Baroness Jones of Whitchurch (Lab - Life peer) Legally privileged material and confidential information is already protected under the Data Protection Act - Link to Speech
2: None prosecution or other legal proceedings relating to that abuse.(3) Paragraph 4 of Schedule 2 to the Data Protection Act - Link to Speech
3: Baroness Hamwee (LD - Life peer) surprised, because I have a long history of opposition to paragraph 4 of Schedule 2 to the Data Protection Act - Link to Speech

Children’s Wellbeing and Schools Bill
33 speeches (11,353 words)
Tuesday 17th June 2025 - Lords Chamber
Department for Education
Mentions:
1: Baroness Blake of Leeds (Lab - Life peer) landlords, who may be natural persons, for breaching the ban on letting fees being charged, and the Data Protection Act - Link to Speech

Crime and Policing Bill
218 speeches (48,415 words)
Report stage
Tuesday 17th June 2025 - Commons Chamber
Home Office
Mentions:
1: None of information in contravention of the data protection legislation within the meaning of the Data Protection Act - Link to Speech

Human Medicines (Amendments Relating to Hub and Spoke Dispensing etc.) Regulations 2025
18 speeches (4,078 words)
Tuesday 17th June 2025 - Grand Committee
Department of Health and Social Care
Mentions:
1: None that necessary data-sharing between the hub and the spoke must be seen as compliant with the Data Protection Act - Link to Speech



Select Committee Documents
Tuesday 1st July 2025
Government Response - Letter from the Parliamentary Secretary for the Cabinet Office relating to the Legislative Reform (Disclosure of Adult Social Care Data) Order 2025, 25 June 2025

Business and Trade Committee

Found: under data protection legislation (including the UK General Data Protection Regulation and the Data Protection Act

Friday 20th June 2025
Report - 4th Report - Legislative Scrutiny: Border Security, Asylum and Immigration Bill

Human Rights (Joint Committee)

Found: adequate and effective safeguards against abuse and arbitrariness.112 Further, section 37 of the Data Protection Act



Written Answers
NHS: Databases
Asked by: Martin Wrigley (Liberal Democrat - Newton Abbot)
Tuesday 1st July 2025

Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, what steps he has taken to ensure that NHS data handled by Palantir Technologies cannot be accessed or processed by non-UK government entities.

Answered by Karin Smyth - Minister of State (Department of Health and Social Care)

The NHS Federated Data Platform (FDP) has been designed with stringent safeguards to ensure that patient data is protected in full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Access to National Health Service health and social care data within the FDP is tightly controlled. Only authorised users are granted access, and solely for approved purposes that demonstrably benefit patient care or NHS operations. Palantir Technologies, as the software provider, operates strictly under the instruction of NHS England. They do not control the data, nor are they permitted to access, use, or share it for any independent purpose. To further strengthen data protection, the FDP incorporates advanced Privacy Enhancing Technology (NHS-PET), which has been procured from a separate supplier to ensure independence and to mitigate any potential conflicts of interest. This technology ensures that data is processed in a secure and privacy-preserving manner. The contract with Palantir Technologies includes robust confidentiality clauses and is governed by a comprehensive oversight framework. This framework includes regular audits, monitoring, and reporting to ensure compliance with legal and ethical standards. Data Protection Impact Assessments have been conducted to assess and mitigate any risks to individual rights and freedoms.

It is a contractual requirement that personal data stored in the FDP and NHS-PET cannot be accessed by its provider’s personnel or contractors based outside the United Kingdom. In accordance with GDPR principles of transparency and accountability, NHS England has published details which outline how data is protected, who can access it, and under what conditions. Further information is available at the following link:

https://www.england.nhs.uk/long-read/overarching-data-protection-impact-assessment-dpia-for-the-federated-data-platform-fdp/#18-in-which-country-territory-will-personal-data-be-stored-or-processed

These measures collectively ensure that NHS data remains under UK jurisdiction and all processing of patient information will be within the UK only. This is a contractual requirement, and one of the key principles of the FDP Information Governance Framework. Data cannot be accessed or processed by non-UK government entities.

NHS: Databases
Asked by: Martin Wrigley (Liberal Democrat - Newton Abbot)
Tuesday 1st July 2025

Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, what assessment he has made of the security implications of awarding NHS data management contracts to (a) Palantir Technologies Inc. and (b) other companies with significant overseas (i) defence and (ii) intelligence clients.

Answered by Karin Smyth - Minister of State (Department of Health and Social Care)

In awarding the contract for the NHS Federated Data Platform (FDP), NHS England made an assessment of the cyber risk and the protections offered by each bidder. The FDP has extensive security arrangements in place to manage cyber risk, including:

  • strong network security, such as firewalls and intrusion detection systems to monitor all network traffic to and from the platform, which helps to block unauthorised access and detect suspicious activity;
  • data encryption, as all data stored on the platform is encrypted, both when it’s being transferred, or in transit, and when it’s at rest, or stored on servers; and
  • regular security testing, as the platform undergoes regular penetration testing and vulnerability scanning to identify and fix any weaknesses in its security.

It is a contractual requirement that personal data stored in the FDP and its associated services (FDP-AS), including the NHS-Privacy Enhancing Technology, cannot be accessed by the provider’s own personnel or contractors from outside the United Kingdom. The FDP-AS contract stipulates that all data must be held within the UK and is subject to UK Data Protection Law, including the UK General Data Protection Regulation.

All FDP data processes and systems need to comply with the Technology Code of Practice, Government Data Standards, the Department’s Guide to good practice for digital and data-driven health technologies, the Data Protection Act 2018, and the UK General Data Protection Regulation, the Information Commissioner's Office’s guidance, and associated regulations, standards, and guidance.

The contract was awarded in conformance with public sector procurement law, as required. The National Health Service ran an independent procurement exercise. The choice of preferred supplier was not made by a single person, as it was the result of assessment by many different individuals. NHS England has a duty to treat all suppliers the same regardless of the public perception of any organisation, or the opinions held by any of their shareholders.

NHS England cannot exclude any supplier that is lawfully established and able to bid from participating in the procurement. The procurement process received external validation from multiple Government departments, as well as independent evaluations by Infrastructure and Projects Authority reviewers. There were no identified security concerns in relation to the contract awarded for the NHS FDP.

The Procurement Act 2023 has introduced new powers to exclude and debar suppliers from public sector contracts if they pose a national security risk. Cabinet Office has established the new National Security Unit for Procurement, which is responsible for investigating suppliers on national security grounds, both within the Government supply chain and for the wider public sector.

Health: Data Protection
Asked by: Martin Wrigley (Liberal Democrat - Newton Abbot)
Tuesday 1st July 2025

Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, what due diligence steps his Department takes to assess national security risks before awarding public health data contracts to firms with links to (a) foreign intelligence or (b) military operations.

Answered by Karin Smyth - Minister of State (Department of Health and Social Care)

In awarding the contract for the NHS Federated Data Platform (FDP), NHS England made an assessment of the cyber risk and the protections offered by each bidder. The FDP has extensive security arrangements in place to manage cyber risk, including:

  • strong network security, such as firewalls and intrusion detection systems to monitor all network traffic to and from the platform, which helps to block unauthorised access and detect suspicious activity;
  • data encryption, as all data stored on the platform is encrypted, both when it’s being transferred, or in transit, and when it’s at rest, or stored on servers; and
  • regular security testing, as the platform undergoes regular penetration testing and vulnerability scanning to identify and fix any weaknesses in its security.

It is a contractual requirement that personal data stored in the FDP and its associated services (FDP-AS), including the NHS-Privacy Enhancing Technology, cannot be accessed by the provider’s own personnel or contractors from outside the United Kingdom. The FDP-AS contract stipulates that all data must be held within the UK and is subject to UK Data Protection Law, including the UK General Data Protection Regulation.

All FDP data processes and systems need to comply with the Technology Code of Practice, Government Data Standards, the Department’s Guide to good practice for digital and data-driven health technologies, the Data Protection Act 2018, and the UK General Data Protection Regulation, the Information Commissioner's Office’s guidance, and associated regulations, standards, and guidance.

The contract was awarded in conformance with public sector procurement law, as required. The National Health Service ran an independent procurement exercise. The choice of preferred supplier was not made by a single person, as it was the result of assessment by many different individuals. NHS England has a duty to treat all suppliers the same regardless of the public perception of any organisation, or the opinions held by any of their shareholders.

NHS England cannot exclude any supplier that is lawfully established and able to bid from participating in the procurement. The procurement process received external validation from multiple Government departments, as well as independent evaluations by Infrastructure and Projects Authority reviewers. There were no identified security concerns in relation to the contract awarded for the NHS FDP.

The Procurement Act 2023 has introduced new powers to exclude and debar suppliers from public sector contracts if they pose a national security risk. Cabinet Office has established the new National Security Unit for Procurement, which is responsible for investigating suppliers on national security grounds, both within the Government supply chain and for the wider public sector.

Palantir: Contracts
Asked by: Martin Wrigley (Liberal Democrat - Newton Abbot)
Tuesday 1st July 2025

Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, whether contracts awarded to Palantir Technologies Inc. for NHS data infrastructure permit cross-border data sharing without UK regulatory approval.

Answered by Karin Smyth - Minister of State (Department of Health and Social Care)

In awarding the contract for the NHS Federated Data Platform (FDP), NHS England made an assessment of the cyber risk and the protections offered by each bidder. The FDP has extensive security arrangements in place to manage cyber risk, including:

  • strong network security, such as firewalls and intrusion detection systems to monitor all network traffic to and from the platform, which helps to block unauthorised access and detect suspicious activity;
  • data encryption, as all data stored on the platform is encrypted, both when it’s being transferred, or in transit, and when it’s at rest, or stored on servers; and
  • regular security testing, as the platform undergoes regular penetration testing and vulnerability scanning to identify and fix any weaknesses in its security.

It is a contractual requirement that personal data stored in the FDP and its associated services (FDP-AS), including the NHS-Privacy Enhancing Technology, cannot be accessed by the provider’s own personnel or contractors from outside the United Kingdom. The FDP-AS contract stipulates that all data must be held within the UK and is subject to UK Data Protection Law, including the UK General Data Protection Regulation.

All FDP data processes and systems need to comply with the Technology Code of Practice, Government Data Standards, the Department’s Guide to good practice for digital and data-driven health technologies, the Data Protection Act 2018, and the UK General Data Protection Regulation, the Information Commissioner's Office’s guidance, and associated regulations, standards, and guidance.

The contract was awarded in conformance with public sector procurement law, as required. The National Health Service ran an independent procurement exercise. The choice of preferred supplier was not made by a single person, as it was the result of assessment by many different individuals. NHS England has a duty to treat all suppliers the same regardless of the public perception of any organisation, or the opinions held by any of their shareholders.

NHS England cannot exclude any supplier that is lawfully established and able to bid from participating in the procurement. The procurement process received external validation from multiple Government departments, as well as independent evaluations by Infrastructure and Projects Authority reviewers. There were no identified security concerns in relation to the contract awarded for the NHS FDP.

The Procurement Act 2023 has introduced new powers to exclude and debar suppliers from public sector contracts if they pose a national security risk. Cabinet Office has established the new National Security Unit for Procurement, which is responsible for investigating suppliers on national security grounds, both within the Government supply chain and for the wider public sector.

NHS: Databases
Asked by: Martin Wrigley (Liberal Democrat - Newton Abbot)
Tuesday 1st July 2025

Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, whether his Department has made a cyber risk assessment of the use of Palantir’s software in centralised NHS data platforms.

Answered by Karin Smyth - Minister of State (Department of Health and Social Care)

In awarding the contract for the NHS Federated Data Platform (FDP), NHS England made an assessment of the cyber risk and the protections offered by each bidder. The FDP has extensive security arrangements in place to manage cyber risk, including:

  • strong network security, such as firewalls and intrusion detection systems to monitor all network traffic to and from the platform, which helps to block unauthorised access and detect suspicious activity;
  • data encryption, as all data stored on the platform is encrypted, both when it’s being transferred, or in transit, and when it’s at rest, or stored on servers; and
  • regular security testing, as the platform undergoes regular penetration testing and vulnerability scanning to identify and fix any weaknesses in its security.

It is a contractual requirement that personal data stored in the FDP and its associated services (FDP-AS), including the NHS-Privacy Enhancing Technology, cannot be accessed by the provider’s own personnel or contractors from outside the United Kingdom. The FDP-AS contract stipulates that all data must be held within the UK and is subject to UK Data Protection Law, including the UK General Data Protection Regulation.

All FDP data processes and systems need to comply with the Technology Code of Practice, Government Data Standards, the Department’s Guide to good practice for digital and data-driven health technologies, the Data Protection Act 2018, and the UK General Data Protection Regulation, the Information Commissioner's Office’s guidance, and associated regulations, standards, and guidance.

The contract was awarded in conformance with public sector procurement law, as required. The National Health Service ran an independent procurement exercise. The choice of preferred supplier was not made by a single person, as it was the result of assessment by many different individuals. NHS England has a duty to treat all suppliers the same regardless of the public perception of any organisation, or the opinions held by any of their shareholders.

NHS England cannot exclude any supplier that is lawfully established and able to bid from participating in the procurement. The procurement process received external validation from multiple Government departments, as well as independent evaluations by Infrastructure and Projects Authority reviewers. There were no identified security concerns in relation to the contract awarded for the NHS FDP.

The Procurement Act 2023 has introduced new powers to exclude and debar suppliers from public sector contracts if they pose a national security risk. Cabinet Office has established the new National Security Unit for Procurement, which is responsible for investigating suppliers on national security grounds, both within the Government supply chain and for the wider public sector.

Health Services: Artificial Intelligence
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Tuesday 1st July 2025

Question to the Department of Health and Social Care:

To ask His Majesty's Government what assessment they have made of the use of artificial intelligence for note-taking in the NHS.

Answered by Baroness Merron - Parliamentary Under-Secretary (Department of Health and Social Care)

The Government is committed to supporting and enabling the safe, effective, and ethical deployment and adoption of new technologies for the National Health Service. Ambient voice technologies (AVTs) hold transformative potential for the health and care system as note-taking aides. Their adoption, when used safely and securely, is encouraged to improve both the quality of patient care and operational efficiency. NHS England has published guidance on how digital technologies should be approved for use in the NHS, covering key areas such as implementation, information governance, data, security, privacy, and controls. Additional national guidance has been published explaining how AVT solutions should be selected, deployed, and scaled. These standards are required for any AVT solution to be considered safe, effective, and eligible for NHS adoption.

There are strict safeguards in place throughout the NHS to protect data. All providers of services which handle patient data must protect that data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and every health organisation is required to appoint a Caldicott Guardian to advise on the protection of people’s health and care data, to ensure it is used properly. This includes where artificial intelligence (AI) is used in relation to patient records.

To mitigate the likelihood and severity of any potential harm to individuals arising from the use of data in AI, the Information Commissioners Office has developed detailed AI guidance which provides information on data protection, including Data Protection Impact Assessments and UK GDPR. It has also produced an AI toolkit to support organisations auditing compliance of their AI-based technologies. NHS bodies are expected to make use of this guidance and toolkit, including those using AVTs.

Health Services: Artificial Intelligence
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Tuesday 1st July 2025

Question to the Department of Health and Social Care:

To ask His Majesty's Government whether they plan to develop artificial intelligence note-taking technology for the NHS to safely and securely store patient data.

Answered by Baroness Merron - Parliamentary Under-Secretary (Department of Health and Social Care)

The Government is committed to supporting and enabling the safe, effective, and ethical deployment and adoption of new technologies for the National Health Service. Ambient voice technologies (AVTs) hold transformative potential for the health and care system as note-taking aides. Their adoption, when used safely and securely, is encouraged to improve both the quality of patient care and operational efficiency. NHS England has published guidance on how digital technologies should be approved for use in the NHS, covering key areas such as implementation, information governance, data, security, privacy, and controls. Additional national guidance has been published explaining how AVT solutions should be selected, deployed, and scaled. These standards are required for any AVT solution to be considered safe, effective, and eligible for NHS adoption.

There are strict safeguards in place throughout the NHS to protect data. All providers of services which handle patient data must protect that data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and every health organisation is required to appoint a Caldicott Guardian to advise on the protection of people’s health and care data, to ensure it is used properly. This includes where artificial intelligence (AI) is used in relation to patient records.

To mitigate the likelihood and severity of any potential harm to individuals arising from the use of data in AI, the Information Commissioners Office has developed detailed AI guidance which provides information on data protection, including Data Protection Impact Assessments and UK GDPR. It has also produced an AI toolkit to support organisations auditing compliance of their AI-based technologies. NHS bodies are expected to make use of this guidance and toolkit, including those using AVTs.

Personation
Asked by: Claire Hazelgrove (Labour - Filton and Bradley Stoke)
Friday 27th June 2025

Question to the Home Office:

To ask the Secretary of State for the Home Department, if she will (a) take steps to make identity theft a police-recordable crime and (b) make an assessment of the adequacy of support given to victims of identity theft.

Answered by Diana Johnson - Minister of State (Home Office)

The act of stealing personal information, and using it for criminal means and gains, is already outlawed. This includes through legislation such as the Fraud Act 2006, Computer Misuse Act 1990 and the Data Protection Act 2018.

The most effective way of preventing identity theft is to improve the safety and security of the identity systems we use and empower people to protect themselves from identity theft, particularly online.

We have introduced a checklist providing advice and steps on how to prevent the misuse of identities which can be found here:https://data.actionfraud.police.uk/cms/wp-content/uploads/2023/12/Identity-theft-victims-checklist.pdf

Further information about staying safe online and to avoid identity theft-enabled fraud can be found at: https://stopthinkfraud.campaign.gov.uk/

Department for Culture, Media and Sport: Termination of Employment
Asked by: Peter Bedford (Conservative - Mid Leicestershire)
Monday 23rd June 2025

Question to the Department for Digital, Culture, Media & Sport:

To ask the Secretary of State for Culture, Media and Sport, how many permanent civil servants in her Department had their contract of employment terminated as a result of poor performance in the (a) 2022-23, (b) 2023-24 and (c) 2024-25 financial years.

Answered by Stephanie Peacock - Parliamentary Under Secretary of State (Department for Culture, Media and Sport)

From 1st April 2022 - 31st March 2025 there were seven dismissals. Of this total there were less than five poor performance dismissals that occurred between April 2023- March 2024.

We are unable to provide the precise number of poor performance dismissals because this would constitute a breach of the Data Protection Act, this is because the information relates to someone other than the data subjects and the risk of individuals becoming identifiable where case numbers are 5 or less.

AWE: Databases
Asked by: John Hayes (Conservative - South Holland and The Deepings)
Wednesday 18th June 2025

Question to the Ministry of Defence:

To ask the Secretary of State for Defence, if he will place in the Library a list of the (a) titles, (b) file names and (c) dates of creation of each document held by the Atomic Weapons Establishment on the Merlin database.

Answered by Al Carns - Parliamentary Under-Secretary (Ministry of Defence) (Minister for Veterans)

Officials are working at pace to formally transfer the records on the Merlin database to The National Archives (TNA), whilst ensuring that sensitive information is protected in line with the Data Protection Act 2018 and national security requirements. Once transferred, the records will be listed and accessible on TNA’s website.

Cybersecurity: Training
Asked by: Kevin Bonavia (Labour - Stevenage)
Wednesday 18th June 2025

Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, if he will make an assessment of the potential merits of bringing forward legislative proposals to require employers to provide cyber security training, in the context of the recent cyber security incidents in the retail sector.

Answered by Feryal Clark - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)

The cyber security of the UK economy is a priority, which is why the government already offers free cyber security training via the National Cyber Security Centre website. This includes the “Top Tips for Staff”, an online, accessible cyber security training package for organisations of all sizes and sectors, and the new Cyber Governance Code of Practice, which includes a training package to help boards and directors manage digital risks in their organisations. More widely, the government offers a range of guidance to help organisations improve their cyber resilience and many of these products recommend staff training. Existing legislation - including the Security of Network & Information Systems Regulations (2018) and the Data Protection Act (2018) - includes recommendations for organisations in scope to provide appropriate training for their staff. This year we will introduce the Cyber Security and Resilience Bill to improve UK cyber defences and better secure our essential services and the IT infrastructure they rely upon. Later this year, the government will publish a new National Cyber Strategy setting out how we will approach the challenges and opportunities of cyber security.



Parliamentary Research
Crime and Policing Bill 2024-25: Progress of the bill - CBP-10281
Jun. 09 2025

Found: data 236 DVLA records can be disclosed for non-road traffic offences under schedule 2, Data Protection Act



Bill Documents
Jul. 03 2025
Bill 273 2024-25 (as amended in Public Bill Committee) - large print
Bus Services (No. 2) Bill [HL] 2024-26
Bill

Found: protection legislation”, “personal data” and “processing” have the same meanings as in the Data Protection Act

Jul. 03 2025
Bill 273 2024-25 (as amended in Public Bill Committee)
Bus Services (No. 2) Bill [HL] 2024-26
Bill

Found: protection legislation”, “personal data” and “processing” have the same meanings as in the Data Protection Act

Jun. 26 2025
Bill 274 2024-25 (as introduced)
Supply and Appropriation (Main Estimates) (No. 2) Bill 2024-26
Bill

Found: recovered or received for work done for other departments, freedom of information receipts, Data Protection Act

Jun. 26 2025
Bill 274 2024-25 (as introduced) - large print
Supply and Appropriation (Main Estimates) (No. 2) Bill 2024-26
Bill

Found: recovered or received for work done for other departments, freedom of information receipts, Data Protection Act

Jun. 25 2025
Bill 272 2024-25 (as amended in Public Bill Committee) - large print
Mental Health Bill [HL] 2024-26
Bill

Found: legislation). (3) In this section “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 25 2025
Bill 272 2024-25 (as amended in Public Bill Committee)
Mental Health Bill [HL] 2024-26
Bill

Found: (3) In this section “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 25 2025
HL Bill 114 (as amended in Grand Committee)
Public Authorities (Fraud, Error and Recovery) Bill 2024-26
Bill

Found: (9) In this section— “data protection legislation” has the same meaning as in the Data Protection Act

Jun. 24 2025
HL Bill 101-I Marshalled list for Committee
Border Security, Asylum and Immigration Bill 2024-26
Amendment Paper

Found: following new Clause— “Exemption from UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Jun. 24 2025
HL Bill 113 (as amended in Committee)
Employment Rights Bill 2024-26
Bill

Found: ) 5 In subsection (3)(a) “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 23 2025
HL Bill 101 Running list of amendments – 23 June 2025
Border Security, Asylum and Immigration Bill 2024-26
Amendment Paper

Found: following new Clause— “Exemption from UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Jun. 23 2025
HL Bill 112 Explanatory Notes
Terminally Ill Adults (End of Life) Bill 2024-26
Explanatory Notes

Found: notes that “the data protection legislation” under this Bill has the same definition as in the Data Protection Act

Jun. 23 2025
HL Bill 112 (as brought from the Commons)
Terminally Ill Adults (End of Life) Bill 2024-26
Bill

Found: ). 30(3) In this section “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 20 2025
HL Bill 101 Running list of amendments – 20 June 2025
Border Security, Asylum and Immigration Bill 2024-26
Amendment Paper

Found: following new Clause— “Exemption from UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Jun. 20 2025
HL Bill 84-VII Seventh marshalled list for Committee
Children’s Wellbeing and Schools Bill 2024-26
Amendment Paper

Found: (2) In subsection (1), “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 20 2025
Crime and Policing Bill: Delegated Powers Memorandum
Crime and Policing Bill 2024-26
Delegated Powers Memorandum

Found: with data protection legislation ( UK General Data Protection Regulation and Part 3 of the Data Protection Act

Jun. 20 2025
Bill 266 2024-25 (as amended in Public Bill Committee) - large print
Football Governance Bill [HL] 2024-26
Bill

Found: (8) In this section— 15“the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 20 2025
Bill 266 2024-25 (as amended in Public Bill Committee)
Football Governance Bill [HL] 2024-26
Bill

Found: General (8) In this section— “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 19 2025
HL Bill 101 Running list of amendments – 19 June 2025
Border Security, Asylum and Immigration Bill 2024-26
Amendment Paper

Found: following new Clause— “Exemption from UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Jun. 19 2025
HL Bill 111 (as brought from the Commons)
Crime and Policing Bill 2024-26
Bill

Found: meaning as in section 104; “data protection legislation” has the same meaning as in the Data Protection Act

Jun. 19 2025
HL Bill 111(Corrected) (as brought from the Commons)
Crime and Policing Bill 2024-26
Bill

Found: meaning as in section 104; “data protection legislation” has the same meaning as in the Data Protection Act

Jun. 19 2025
HL Bill 111 Explanatory Notes
Crime and Policing Bill 2024-26
Explanatory Notes

Found: by these restrictions provided that the disclosure is compliant with Human Rights Act 1998, Data Protection Act

Jun. 18 2025
HL Bill 101 Running list of amendments – 18 June 2025
Border Security, Asylum and Immigration Bill 2024-26
Amendment Paper

Found: following new Clause— “Exemption from UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Jun. 18 2025
HL Bill 84-VI Sixth marshalled list for Committee
Children’s Wellbeing and Schools Bill 2024-26
Amendment Paper

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Jun. 18 2025
All proceedings up to 18 June 2025 at Report Stage
Crime and Policing Bill 2024-26
Bill proceedings: Commons

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act

Jun. 18 2025
Consideration of Bill Amendments as at 18 June 2025 - Large print
Crime and Policing Bill 2024-26
Amendment Paper

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (

Jun. 18 2025
Consideration of Bill Amendments as at 18 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Jun. 17 2025
Consideration of Bill Amendments as at 17 June 2025 - Large print
Crime and Policing Bill 2024-26
Amendment Paper

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act

Jun. 17 2025
Consideration of Bill Amendments as at 17 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act

Jun. 17 2025
Report Stage Proceedings as at 17 June 2025
Crime and Policing Bill 2024-26
Bill proceedings: Commons

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act

Jun. 17 2025
HL Bill 81-X Tenth marshalled list for Committee
Employment Rights Bill 2024-26
Amendment Paper

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Jun. 17 2025
Written evidence submitted by Mind (further submission) (MHB36)
Mental Health Bill [HL] 2024-26
Written evidence

Found: (5)In subsection (4) “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 16 2025
Notices of Amendments as at 16 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act

Jun. 13 2025
HL Bill 84-V Fifth marshalled list for Committee
Children’s Wellbeing and Schools Bill 2024-26
Amendment Paper

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Jun. 13 2025
Notices of Amendments as at 13 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act

Jun. 12 2025
Notices of Amendments as at 12 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act

Jun. 12 2025
HL Bill 81-IX Ninth Marshalled list for Committee
Employment Rights Bill 2024-26
Amendment Paper

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Jun. 12 2025
HL Bill 81-IX Corrected Ninth Marshalled list for Committee
Employment Rights Bill 2024-26
Amendment Paper

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Jun. 12 2025
HL Bill 110 (as brought from the Commons)
Planning and Infrastructure Bill 2024-26
Bill

Found: (7) In subsection (6), “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 12 2025
HL Bill 110 Explanatory Notes
Planning and Infrastructure Bill 2024-26
Explanatory Notes

Found: under section 38A do not authorise the disclosure or use of information that contravenes the Data Protection Act

Jun. 12 2025
Written evidence submitted by Mind (MHB35)
Mental Health Bill [HL] 2024-26
Written evidence

Found: (5)In subsection (4) “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 11 2025
Bill 261 2024-25 (as amended in Public Bill Committee) - large print
Absent Voting (Elections in Scotland and Wales) Bill 2024-26
Bill

Found: In this paragraph— 10 1 “the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 11 2025
Bill 261 2024-25 (as amended in Public Bill Committee)
Absent Voting (Elections in Scotland and Wales) Bill 2024-26
Bill

Found: (6) In this paragraph— 20“the data protection legislation” has the same meaning as in the Data Protection Act

Jun. 11 2025
Notices of Amendments as at 11 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act

Jun. 11 2025
HL Bill 84-IV(Rev) Revised fourth marshalled list for Committee
Children’s Wellbeing and Schools Bill 2024-26
Amendment Paper

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Jun. 10 2025
Notices of Amendments as at 10 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Jun. 10 2025
HL Bill 84-IV Fourth marshalled list for Committee
Children’s Wellbeing and Schools Bill 2024-26
Amendment Paper

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Jun. 09 2025
Notices of Amendments as at 9 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Jun. 06 2025
Notices of Amendments as at 6 June 2025
Crime and Policing Bill 2024-26
Amendment Paper

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Jun. 06 2025
HL Bill 81-VIII Eighth Marshalled list for Committee
Employment Rights Bill 2024-26
Amendment Paper

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to



APPG Publications

Modernising Employment APPG
Wednesday 11th June 2025


Document: Artificial Intelligence in Hiring

Found: addressed by other regulations, such as the UK General Data Protection Regulations (UK GDPR) and Data Protection Act



Department Publications - Guidance
Thursday 3rd July 2025
Department for Work and Pensions
Source Page: Get help with your Universal Credit claim
Document: Get help with your Universal Credit claim (webpage)

Found: All requests for information will be considered under the Data Protection Act

Wednesday 2nd July 2025
Department for Transport
Source Page: HS2 site restoration requests
Document: (webpage)

Found: The Planning Inspectorate is registered under the Data Protection Act, so that we may hold information

Tuesday 1st July 2025
Department for Environment, Food and Rural Affairs
Source Page: Hedgerow survey handbook
Document: (PDF)

Found: database on contact details of land managers should be established within the constraints of the Data Protection Act

Monday 30th June 2025
Department of Health and Social Care
Source Page: DHSC group accounting manual 2025 to 2026
Document: (PDF)

Found: special severance payments conflicting with a legal obligation arising as a result of the Data Protection Act

Friday 27th June 2025
Department for Science, Innovation & Technology
Source Page: Data (Use and Access) Act 2025: data protection and privacy changes
Document: Data (Use and Access) Act 2025: data protection and privacy changes (webpage)

Found: The DUAA will not replace the UK General Data Protection Regulation (“UK GDPR”), Data Protection Act

Friday 27th June 2025
Foreign, Commonwealth & Development Office
Source Page: UK sanctions guidance for Kyrgyz businesses
Document: licence for oil and oil products (PDF, 142 KB) (PDF)

Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act

Friday 27th June 2025
Foreign, Commonwealth & Development Office
Source Page: Nepal mental health support abroad
Document: (webpage)

Found: Office holds and uses data for purposes notified to the Information Commissioner under the Data Protection Act

Tuesday 17th June 2025
HM Treasury
Source Page: OFSI General Licence INT/2025/6403704
Document: (PDF)

Found: third parties only in compliance with the UK General Data Protection Regulation and the UK Data Protection Act

Tuesday 10th June 2025
Department for Education
Source Page: Safe use of generative AI in education: module 3
Document: (PDF)

Found: over their personal data under the UK General Data Protection Regulation or UK GDPR and the Data Protection Act

Tuesday 10th June 2025
Department for Education
Source Page: Using AI in education: support for school and college leaders
Document: (PDF)

Found: Follow legal guidance, such as the Data Protection Act and UK GDPR.

Friday 6th June 2025
Home Office
Source Page: Bulk personal datasets - low or no reasonable expectation of privacy: code of practice
Document: (PDF)

Found: Services Act 1994 43 The Counter-Terrorism Act 2008 44 The Human Rights Act 1998 44 The Data Protection Act

Friday 6th June 2025
Home Office
Source Page: Third party bulk personal datasets: code of practice
Document: (PDF)

Found: personal data’ for the purposes of the Act is as defined in section 86(7)(a) to (e)of the Data Protection Act

Thursday 5th June 2025
Home Office
Source Page: Forensic science activities: statutory code of practice - version 2
Document: (PDF)

Found: case is concluded. 32.1.4 Material supplied by the initial forensic unit is subject to the Data Protection Act



Department Publications - Transparency
Thursday 3rd July 2025
HM Treasury
Source Page: National Savings and Investments Annual Report and Accounts 2024 to 2025
Document: (PDF)

Found: to customer data, as well as destruction of data, in line with our obligations under the Data Protection Act

Thursday 3rd July 2025
HM Treasury
Source Page: National Savings and Investments Annual Report and Accounts 2024 to 2025
Document: (PDF)

Found: to customer data, as well as destruction of data, in line with our obligations under the Data Protection Act

Wednesday 2nd July 2025
HM Treasury
Source Page: Financial Ombudsman Service Annual Report 2024 to 2025
Document: (PDF)

Found: and freedom of information (FOI) requests The Financial Ombudsman Service is covered by the Data Protection Act

Thursday 19th June 2025
Department for Science, Innovation & Technology
Source Page: Met Office Framework 2025
Document: (PDF)

Found: under the Freedom of Information Act 2000, Environmental Information Regulations 2004 or the Data Protection Act

Tuesday 17th June 2025
Cabinet Office
Source Page: Census 2021: General report for England and Wales
Document: (PDF)

Found: staff, and suppliers must protect the confidentiality of census data by law, including the: • Data Protection Act

Tuesday 17th June 2025
Cabinet Office
Source Page: Census 2021: General report for England and Wales
Document: (PDF)

Found: staff, and suppliers must protect the confidentiality of census data by law, including the: • Data Protection Act



Department Publications - Consultations
Wednesday 2nd July 2025
Department for Energy Security & Net Zero
Source Page: ​​Improving the Energy Efficiency of Socially Rented Homes in England
Document: (PDF)

Found: Section 8(d) of the Data Protection Act 2018 states that this will include processing of personal data

Wednesday 25th June 2025
Department for Energy Security & Net Zero
Source Page: Climate-related transition plan requirements
Document: (PDF)

Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act

Monday 9th June 2025
Ministry of Justice
Source Page: Regulation of the debt enforcement sector
Document: (PDF)

Found: to information regimes (these are primarily the Freedom of Information Act 2000 (FOIA), the Data Protection Act



Department Publications - Policy and Engagement
Friday 27th June 2025
Department for Science, Innovation & Technology
Source Page: Evaluation survey for the Software Security Code of Practice
Document: (PDF)

Found: as set out in Articles 13 and 14 of UK General Data Protection Regulation (UK GDPR) and the Data Protection Act



Department Publications - Policy paper
Tuesday 10th June 2025
Department for Transport
Source Page: Transport artificial intelligence action plan
Document: (PDF)

Found: DfT is also committed to ensuring that its policies and practices comply with the Data Protection Act



Non-Departmental Publications - Guidance and Regulation
Jul. 03 2025
UK Visas and Immigration
Source Page: Detention centre rule 35 and Short term Holding Facility rule 32
Document: (PDF)
Guidance and Regulation

Found: health is considered to be special category data under UK data protection law - UKGDPR and Data Protection Act

Jul. 03 2025
UK Visas and Immigration
Source Page: Criminal investigations: indecent and obscene materials
Document: (PDF)
Guidance and Regulation

Found: their obligations under the UK General Data Protection Regulation (UK GDPR) and Part 3 of the Data Protection Act

Jul. 02 2025
High Speed Two (HS2) Limited
Source Page: HS2 site restoration requests
Document: (webpage)
Guidance and Regulation

Found: The Planning Inspectorate is registered under the Data Protection Act, so that we may hold information

Jul. 01 2025
Defence and Security Accelerator
Source Page: Competition: Defence and Security Accelerator (DASA) Open Call for Innovation - CY2025 - Cycle 3
Document: (PDF)
Guidance and Regulation

Found: In this clause, "data protection legislation" has the same meaning as in the Data Protection Act 2018

Jun. 30 2025
Maritime and Coastguard Agency
Source Page: Remote Operator Training and Certification Pilot Framework
Document: (PDF)
Guidance and Regulation

Found: safeguarding regulations are complied with. 15.0 GDPR 15.1 TPs must comply with the UK General Data Protection Act

Jun. 25 2025
UK Space Agency
Source Page: Unlocking Space for Business: Call 2
Document: (webpage)
Guidance and Regulation

Found: commissions or agencies from time to time carrying out functions on its behalf;DPA 2018 means the Data Protection Act

Jun. 25 2025
Parole Board
Source Page: Member Guidance on Prisoners who are Transgender
Document: (PDF)
Guidance and Regulation

Found: Recognition Act 2004 ................................ ................................ .... 11 Data Protection Act

Jun. 20 2025
HM Revenue & Customs
Source Page: Authorising an agent to deal with your tax affairs
Document: (PDF)
Guidance and Regulation

Found: This authorisation covers acts under: • UK General Data Protection Act (UK GDPR) • Data Protection Act

Jun. 19 2025
Competition and Markets Authority
Source Page: How to engage with our civil engineering market study
Document: statement of scope (PDF, 372KB) (PDF)
Guidance and Regulation

Found: accordance with the CMA’s obligations under the UK General Data Protection Regulation and the Data Protection Act

Jun. 17 2025
Environment Agency
Source Page: Reservoir incident and safety: notify the Environment Agency of a potential concern
Document: Reservoir incident and safety: notify the Environment Agency of a potential concern (webpage)
Guidance and Regulation

Found: handle your report in confidence process any information relating to you in accordance with the Data Protection Act

Jun. 17 2025
Office of Financial Sanctions Implementation
Source Page: OFSI General Licence INT/2025/6403704
Document: (PDF)
Guidance and Regulation

Found: third parties only in compliance with the UK General Data Protection Regulation and the UK Data Protection Act

Jun. 17 2025
Office of Financial Sanctions Implementation
Source Page: OFSI General Licence INT/2025/6397444
Document: (PDF)
Guidance and Regulation

Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act

Jun. 12 2025
Office of Financial Sanctions Implementation
Source Page: OFSI General Licence INT/2023/3263556
Document: (PDF)
Guidance and Regulation

Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act

Jun. 10 2025
Regulator of Social Housing
Source Page: New entrants registration forms
Document: (webpage)
Guidance and Regulation

Found: the Freedom of Information Act 2000, the Environmental Information Regulations 2004 and the Data Protection Act

Jun. 10 2025
Regulator of Social Housing
Source Page: New entrants registration forms
Document: (webpage)
Guidance and Regulation

Found: the Freedom of Information Act 2000, the Environmental Information Regulations 2004 and the Data Protection Act

Jun. 09 2025
HM Passport Office
Source Page: Data protection: caseworker guidance
Document: Data protection: caseworker guidance (webpage)
Guidance and Regulation

Found: protection: caseworker guidance This guidance tells HM Passport Office staff about the Data Protection Act

Jun. 05 2025
Forensic Science Regulator
Source Page: Forensic science activities: statutory code of practice - version 2
Document: (PDF)
Guidance and Regulation

Found: case is concluded. 32.1.4 Material supplied by the initial forensic unit is subject to the Data Protection Act



Non-Departmental Publications - Statistics
Jun. 25 2025
HM Revenue & Customs
Source Page: Environmental Impact of Taxes study
Document: (webpage)
Statistics

Found: awarded this in August 2008.The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act

Jun. 25 2025
HM Revenue & Customs
Source Page: Environmental Impact of Taxes study
Document: (webpage)
Statistics

Found: awarded this in August 2008.The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act



Non-Departmental Publications - Transparency
Jun. 19 2025
Met Office
Source Page: Met Office Framework 2025
Document: (PDF)
Transparency

Found: under the Freedom of Information Act 2000, Environmental Information Regulations 2004 or the Data Protection Act



Non-Departmental Publications - News and Communications
Jun. 19 2025
Competition and Markets Authority
Source Page: Civil engineering market study
Document: Statement of scope (PDF, 372KB) (PDF)
News and Communications

Found: accordance with the CMA’s obligations under the UK General Data Protection Regulation and the Data Protection Act



Non-Departmental Publications - Open consultation
Jun. 05 2025
Competition and Markets Authority
Source Page: Draft rules for digital markets competition regime levy
Document: (PDF)
Open consultation

Found: This legislation is the General Data Protection Regulation 2016 and the Data Protection Act 2018.



Deposited Papers
Friday 20th June 2025
Ministry of Housing, Communities and Local Government
Source Page: Proposals for local government reorganisation in Surrey. Incl. annexes. 24p.
Document: Proposals_for_local_government_reorganisation_in_Surrey.pdf (PDF)

Found: Section 8(d) of the Data Protection Act 2018 states that this will include processing of personal data

Wednesday 18th June 2025
Department for Work and Pensions
Source Page: Framework document. The Pensions Regulator. A non-departmental public body of the Department for Work and Pensions. Incl. Annex 38p.
Document: TPR_Framework_Document_2025.pdf (PDF)

Found: under the Freedom of Information Act 2000, or the UK General Data Protection Regulations/Data Protection Act

Wednesday 18th June 2025
Department for Transport
Source Page: I. Statement of safety principles: call for evidence. 25p. II. Automated vehicles: protecting marketing terms: consultation. 18p.
Document: automated-vehicles-protecting-marketing-terms_FV.docx (webpage)

Found: DfT will process your personal data in accordance with the Data Protection Act (DPA) and in the majority

Wednesday 18th June 2025
Department for Transport
Source Page: Transport artificial intelligence action plan: transforming ambitions. 24p
Document: transport-ai-action-plan.pdf (PDF)

Found: DfT is also committed to ensuring that its policies and practices comply with the Data Protection Act

Friday 13th June 2025
Home Office
Source Page: 1. Letter dated 10/06/2025 from Diana Johnson MP to Matt Vickers MP regarding the government amendments tabled for the Report stage of the Crime and Policing Bill. Incl annex detailing further amendments to the existing provisions in the Bill. 12p. II. Crime and Policing Bill Report Stage government amendments. 96p. III. Supplementary Delegated Powers Memorandum. 18p. IV. European Convention on Human Rights (ECHR): Third Supplementary Memorandum by the Home Office and Ministry of Justice. 16p.
Document: Third_Supplementary_ECHR_Memorandum.pdf (PDF)

Found: In addition, the relevant principles of the Data Protection Act 2018 will apply to the police and law

Friday 13th June 2025
Home Office
Source Page: 1. Letter dated 10/06/2025 from Diana Johnson MP to Matt Vickers MP regarding the government amendments tabled for the Report stage of the Crime and Policing Bill. Incl annex detailing further amendments to the existing provisions in the Bill. 12p. II. Crime and Policing Bill Report Stage government amendments. 96p. III. Supplementary Delegated Powers Memorandum. 18p. IV. European Convention on Human Rights (ECHR): Third Supplementary Memorandum by the Home Office and Ministry of Justice. 16p.
Document: Govt_Amendments_tabling_on_10_June_2025.pdf (PDF)

Found: information in contravention of the data protection legislation within the meaning of the Data Protection Act




Data Protection Act 2018 mentioned in Scottish results


Scottish Committee Publications
Thursday 29th May 2025
Report - A report by the Delegated Powers and Law Reform Committee of its consideration of the supplementary delegated powers in the Care Reform (Scotland) Bill (Scotland) Bill (as amended at Stage 2).
Supplementary Delegated Powers in the Care Reform (Scotland) Bill (as amended at Stage 2)

Delegated Powers and Law Reform Committee

Found: that any scheme established will operate within devolved competence and be compatible with the Data Protection Act



Scottish Government Publications
Thursday 3rd July 2025

Source Page: Scottish Forestry Spring/Summer Forestry Plans at Dalbuaick: EIR release
Document: Scottish Forestry Spring/Summer Forestry Plans at Dalbuaick: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 3rd July 2025

Source Page: City of Edinburgh Council’s proposed Supplementary Guidance on Developer Contributions and Infrastructure Delivery for City Plan 2030 information: EIR Review
Document: City of Edinburgh Council’s proposed Supplementary Guidance on Developer Contributions and Infrastructure Delivery for City Plan 2030 information: EIR Review (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 2nd July 2025
Marine Directorate
Source Page: Ocean Farm 2 working group information: EIR release
Document: Ocean Farm 2 working group information: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 2nd July 2025
Local Government and Housing Directorate
Source Page: Rent pressure zone and rent control information: FOI release
Document: Rent pressure zone and rent control information: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 2nd July 2025
Marine Directorate
Source Page: Cabinet Secretary for Rural Affairs, Land Reform and Islands briefing notes on salmon farming debate: EIR release
Document: Cabinet Secretary for Rural Affairs, Land Reform and Islands briefing notes on salmon farming debate: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 2nd July 2025
Safer Communities Directorate
Source Page: User Guide to Recorded Crime Statistics in Scotland
Document: User guide to Recorded Crime Statistics in Scotland, 2024-25 (PDF)

Found: telecommunications offs • Disclosure of information • Interception of Communications Act 1984 • Data Protection Act

Tuesday 1st July 2025
Marine Directorate
Source Page: Correspondence between BP employees and Scottish Government: EIR release
Document: Correspondence between BP employees and Scottish Government: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
Children and Families Directorate
Source Page: Scotland's Redress Scheme – 2025 Combined Annual Report
Document: Scotland’s Redress Scheme – 2025 Combined Annual Report (PDF)

Found: processes in place to support the individual’s right to access their own personal data under the Data Protection Act

Monday 30th June 2025

Source Page: Information regarding footpath upgrade between Borders General Hospital and Tweedbank roundabout: EIR release
Document: Information regarding footpath upgrade between Borders General Hospital and Tweedbank roundabout: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
Propriety and Ethics Directorate
Source Page: Correspondence between the Deputy Director of Propriety and Ethics and the former Permanent Secretary: FOI release
Document: Correspondence between the Deputy Director of Propriety and Ethics and the former Permanent Secretary: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
External Affairs Directorate
Source Page: Correspondence regarding visit by the son of the President of the United States: FOI release
Document: Correspondence regarding visit by the son of the President of the United States: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
External Affairs Directorate
Source Page: First Minister's meeting with the son of the President of the United States: FOI release
Document: First Minister's meeting with the son of the President of the United States: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
External Affairs Directorate
Source Page: Meetings with the son of the President of the United States: FOI release
Document: Meetings with the son of the President of the United States: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
People Directorate
Source Page: Documentation regarding hiring a new Permanent Secretary: FOI release
Document: Documentation regarding hiring a new Permanent Secretary: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
Economic Development Directorate
Source Page: Ministerial communications to Scottish public bodies on due diligence: FOI release
Document: Ministerial communications to Scottish public bodies on due diligence: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
External Affairs Directorate
Source Page: Materials from First Minister's meeting with the son of the President of the United States: FOI release
Document: Materials from First Minister's meeting with the son of the President of the United States: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025

Source Page: Documentation and correspondence on 20 minute neighbourhoods: EIR release
Document: Documentation and correspondence on 20 minute neighbourhoods: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 30th June 2025
People Directorate
Source Page: Documentation regarding hiring a new Permanent Secretary: FOI release
Document: FOI 202500457706 - Information released - Attachments (PDF)

Found: All details are held in accordance with the Data Protection Act.

Monday 30th June 2025
Chief Operating Officer, NHS Scotland Directorate
Source Page: Implementation support note on managing the long-term effects of COVID-19 materials: FOI release
Document: Implementation support note on managing the long-term effects of COVID-19 materials: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 26th June 2025
Learning Directorate
Source Page: Health and Wellbeing Census for schools correspondence: FOI release
Document: FOI 202500456336 - Information released - Annex (PDF)

Found: process your personal data in line with the UK General Data Protection Regulation 2018 and the Data Protection Act

Thursday 26th June 2025

Source Page: Queries concerning the minimum amount of time data is stored for: FOI release
Document: FOI 202500456898 - Information released - Retention Schedule (Excel)

Found: For Law Enforcement processing, Data Protection Act 2018, section 67.

Thursday 26th June 2025

Source Page: Queries concerning the minimum amount of time data is stored for: FOI release
Document: Queries concerning the minimum amount of time data is stored for: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 26th June 2025

Source Page: Queries concerning the minimum amount of time data is stored for: FOI release
Document: FOI 202500456898 - Information released - Retention and Disposal Policy (PDF)

Found: Under UK General Data Protection Regulation (UK GDPR) and the Data Protection Act (DPA) 2018, personal

Thursday 26th June 2025
External Affairs Directorate
Source Page: Separate Scottish visa documentation: FOI release
Document: Separate Scottish visa documentation: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 26th June 2025
Communications and Ministerial Support Directorate
Source Page: Correspondence between First Minister and Nicola Sturgeon MSP: FOI release
Document: Correspondence between First Minister and Nicola Sturgeon MSP: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025

Source Page: Scottish Forestry salary band information: FOI release
Document: Scottish Forestry salary band information: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025
Economic Development Directorate
Source Page: GFG group senior management team correspondence: FOI release
Document: GFG group senior management team correspondence: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025
Energy and Climate Change Directorate
Source Page: Energy and Climate Change Directorate communications on energy, oil and gas taxation and climate policy: EIR release
Document: Energy and Climate Change Directorate communications on energy, oil and gas taxation and climate policy: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025
Energy and Climate Change Directorate
Source Page: Environmental Standards Scotland (ESS) sewage report correspondence: EIR release
Document: Environmental Standards Scotland (ESS) sewage report correspondence: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025
Education Reform Directorate
Source Page: Instrumental music tuition correspondence with Scottish Local Authorities: FOI release
Document: Instrumental music tuition correspondence with Scottish Local Authorities: FOI release (webpage)

Found: principes in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025
Energy and Climate Change Directorate
Source Page: GB Energy and Aberdeen Hydrogen Hub documentation: EIR release
Document: GB Energy and Aberdeen Hydrogen Hub documentation: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025

Source Page: New Deal for Business Group meeting correspondence: FOI release
Document: New Deal for Business Group meeting correspondence: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025
Tackling Child Poverty and Social Justice Directorate
Source Page: Evaluation of the Family Wellbeing Partnership in Clackmannanshire
Document: Family Wellbeing Partnership Evaluation - Full Report (PDF)

Found: The project team has complied with data protection regulations (GDPR and Data Protection Act 1998) with

Tuesday 24th June 2025
Economic Development Directorate
Source Page: Sutherland space port documentation: FOI release
Document: Sutherland space port documentation: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025

Source Page: A737 Dalry Bypass scope of works: EIR release
Document: A737 Dalry Bypass scope of works: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 24th June 2025

Source Page: Correspondence relating to meetings with representatives of Israeli embassy and the Israeli government: FOI Appeal
Document: Correspondence relating to meetings with representatives of Israeli embassy and the Israeli government: FOI Appeal (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 23rd June 2025

Source Page: Abolition of peak ScotRail fares correspondence: FOI release
Document: Abolition of peak ScotRail fares correspondence: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 23rd June 2025

Source Page: Scottish Aggregates Tax - Proposed Approaches To Cross-Border Taxation
Document: Scottish Aggregates Tax - Proposed Approaches To Cross-Border Taxation (PDF)

Found: prohibits, restricts access or relates to the disclosure of that information, for example the Data Protection Act

Thursday 19th June 2025
Marine Directorate
Source Page: Fish welfare and mortality documentation for specific salmon farm site: EIR release
Document: Fish welfare and mortality documentation for specific salmon farm site: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 19th June 2025
Marine Directorate
Source Page: Correspondence with Kverva and SalMar: EIR release
Document: Correspondence with Kverva and SalMar: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 18th June 2025
Energy and Climate Change Directorate
Source Page: Drafting of the opening speech in the Scotland’s Renewable Future debate: EIR release
Document: Drafting of the opening speech in the Scotland’s Renewable Future debate: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 18th June 2025

Source Page: Environmental Standards Scotland (ESS) investigation: EIR release
Document: EIR 202500456507 - Information released - Annex A (PDF)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 18th June 2025
Agriculture and Rural Economy Directorate
Source Page: Documentation regarding pledge to return £46m to farmers and crofters: FOI release
Document: Documentation regarding pledge to return £46m to farmers and crofters: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 17th June 2025
Economic Development Directorate
Source Page: Background Notes for Deputy First Minister Portfolio Questions: FOI Review
Document: Background Notes for Deputy First Minister Portfolio Questions: FOI Review (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 17th June 2025
Energy and Climate Change Directorate
Source Page: Correspondence with SSE regarding energy consenting in Scotland: EIR release
Document: Correspondence with SSE regarding energy consenting in Scotland: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 16th June 2025
Communications and Ministerial Support Directorate
Source Page: Scottish Government and Ministerial Code Former Advisor communications: FOI release
Document: Scottish Government and Ministerial Code Former Advisor communications: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 16th June 2025
Agriculture and Rural Economy Directorate
Source Page: Sale of Torsa in Argyll: FOI release
Document: Sale of Torsa in Argyll: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation  and in section 34(1) of the Data Protection Act

Monday 16th June 2025
Safer Communities Directorate
Source Page: Correspondence on “Right Care, Right Person” initiative: FOI release
Document: Correspondence on “Right Care, Right Person” initiative: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Friday 13th June 2025
Economic Development Directorate
Source Page: Scotland's Proof of Concept Fund: data protection impact assessment (DPIA)
Document: Data protection impact assessment (DPIA) – Scotland’s Proof of Concept Fund (PDF)

Found: collected in accordance with the The UK General Data Protection Regulation (UKGDPR) and the Data Protection Act

Wednesday 11th June 2025
Constitution Directorate
Source Page: First Minister and Deputy Prime Minister's discussion on gender recognition related issues: FOI release
Document: FOI 202500455985 - Information released - Annex B (PDF)

Found: nciples in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 11th June 2025

Source Page: Cancer patient applications for disability payments: FOI release
Document: Cancer patient applications for disability payments: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 10th June 2025

Source Page: Financial support of the Saltire Housing Design Awards: EIR release
Document: EIR 202500455778 - Information released - Request 2 (PDF)

Found: treated as a breach of this agreement 5.3 The Grantee shall ensure that all requirements of the Data Protection Act

Tuesday 10th June 2025
Local Government and Housing Directorate
Source Page: Background notes provided to Scottish Ministers for Finance and Local Government sessions: FOI release
Document: Background notes provided to Scottish Ministers for Finance and Local Government sessions: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 10th June 2025
Propriety and Ethics Directorate
Source Page: Correspondence with the Independent Advisers on the Scottish Ministerial Code: FOI release
Document: FOI 202500454253 - Information released - ANNEX (PDF)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 10th June 2025
Culture and Major Events Directorate
Source Page: Correspondence between the Scottish Government and a specific Scottish actor: FOI release
Document: Correspondence between the Scottish Government and a specific Scottish actor: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 9th June 2025
Energy and Climate Change Directorate
Source Page: Correspondence and documentation related to follow-up discussion between the First Minister and selected SEAB members: EIR release
Document: EIR 202500462991 - Information Released - Annex A (PDF)

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Friday 23rd May 2025
Digital Directorate
Source Page: Open Market Review into Superfast, Ultrafast and Gigabit Capable Broadband Infrastructure in Scotland. Request for Information May 2025
Document: Standard Form Contractor Licence (webpage)

Found: protection and privacy legislation in force from time to time in the UK including: a) the Data Protection Act

Thursday 22nd May 2025
Safer Communities Directorate
Source Page: Understanding family support needs of people in prison custody: literature review
Document: Literature Review: Understanding Family Support Needs of People in Prison Custody (PDF)

Found: gathered, held, processed or to be shared requires a clear purpose and lawful basis under the Data Protection Act

Wednesday 21st May 2025

Source Page: Social Security Scotland privacy measures and personal data breaches: FOI release
Document: Social Security Scotland privacy measures and personal data breaches: FOI release (webpage)

Found: breaches arising from noncompliance with UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Tuesday 20th May 2025
Economic Development Directorate
Source Page: Background Notes for Deputy First Minister Portfolio Questions: FOI release
Document: Background Notes for Deputy First Minister Portfolio Questions: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 20th May 2025
Constitution Directorate
Source Page: Building a New Scotland independence paper on energy meetings: FOI release
Document: Building a New Scotland independence paper on energy meetings: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 20th May 2025
Agriculture and Rural Economy Directorate
Source Page: First Minister at National Farmers Union, Scotland (NFU) and Orkney: EIR release
Document: First Minister at National Farmers Union, Scotland (NFU) and Orkney: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 15th May 2025
Economic Development Directorate
Source Page: Scottish Government engagement with GFG Alliance regarding Dalzell Steel Plant: FOI release
Document: FOI 202500455118 - Information Released - Annex A (PDF)

Found: principles in Article 5(1) of the General Data Protection Regul ation and in section 34(1) of the Data Protection Act

Thursday 15th May 2025
Marine Directorate
Source Page: Correspondence involving the Private Office of the First Minister which includes the word “ScotWind”: EIR release
Document: EIR 202500455139 - Information Released - Annex A and B (PDF)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 14th May 2025
Justice Directorate
Source Page: Testing Scotland's Proposed Domestic Homicide and Suicide Review Model: Phase One Report and Scottish Government Response Report commissioned by the Scottish Government
Document: Testing Scotland’s Proposed Domestic Homicide and Suicide Review Model: Phase One Report (PDF)

Found: to provide information facilitates a lawful basis for processing under section 8(c) of the Data Protection Act

Tuesday 13th May 2025
Energy and Climate Change Directorate
Source Page: Scotland’s Renewables Future debate: EIR release
Document: Scotland’s Renewables Future debate: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 13th May 2025
Marine Directorate
Source Page: Correspondence between Scottish Government and SalMar Aker Ocean: EIR release
Document: Correspondence between Scottish Government and SalMar Aker Ocean: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 13th May 2025
Population Health Directorate
Source Page: Decision making process for 2017 misoprostol approval: FOI release
Document: Decision making process for 2017 misoprostol approval: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act

Tuesday 13th May 2025
Energy and Climate Change Directorate
Source Page: Deputy First Minister and Cabinet Secretary for Economy and Gaelic correspondence regarding zonal pricing: FOI release
Document: FOI 202500457230 - Information Released - Annex A and B (PDF)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 13th May 2025
Education Reform Directorate
Source Page: Centre for Teaching Excellence applications: FOI release
Document: FOI 202500452260 - Information Released - Attachments (PDF)

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Tuesday 13th May 2025
Local Government and Housing Directorate
Source Page: Thistle Phase 3 & 4 Estate development project funding: FOI release
Document: FOI 202500458657 - Information Released - Annex (PDF)

Found: as a breach of this agreement 6.3 The Grantee shall ensure that all requirements of the Data Protection Act

Monday 12th May 2025
Communications and Ministerial Support Directorate
Source Page: Communications in regards to FOI responses to 202500447375 and 202500452341: FOI release
Document: FOI 202500455247 - Information Released - Annex A to D (PDF)

Found: are the data subject, and so it is subject to the General Data Protection Regulation and the Data Protection Act

Monday 12th May 2025
Energy and Climate Change Directorate
Source Page: Environmental Impact Assessment (EIA) screening process: EIR release
Document: Environmental Impact Assessment (EIA) screening process: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 12th May 2025
Communications and Ministerial Support Directorate
Source Page: Queries about FOI review responses issued by the Scottish Government: FOI release
Document: Queries about FOI review responses issued by the Scottish Government: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 8th May 2025
Environment and Forestry Directorate
Source Page: Kinloch Castle Study: Final report
Document: Kinloch Castle Study: Final report (PDF)

Found: are collecting this data in the performance of a public task, under Article 6(1)(e) of the Data Protection Act

Thursday 8th May 2025
Environment and Forestry Directorate
Source Page: Kinloch Castle Study: Final report
Document: Round 1 invitation pack (PDF)

Found: are collecting this data in the performance of a public task, under Article 6(1)(e) of the Data Protection Act

Thursday 8th May 2025
Propriety and Ethics Directorate
Source Page: Footnote 5.2 of the 2024 Ministerial Code queries: FOI Review
Document: Footnote 5.2 of the 2024 Ministerial Code queries: FOI Review (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 8th May 2025
Learning Directorate
Children and Families Directorate
Early Learning and Childcare Directorate
Equality, Inclusion and Human Rights Directorate
Source Page: Guidance on appropriate qualifications and teacher competencies for teachers of children and young people who are blind or partially sighted, deaf, or deafblind.
Document: Guidance on appropriate qualifications and teacher competencies for teachers of children and young people who are blind or partially sighted, deaf, or deafblind (PDF)

Found: Nations Convention of the Rights of Persons with Disabilities; Education (Scotland) Act 2016; Data Protection Act

Wednesday 7th May 2025
Energy and Climate Change Directorate
Source Page: SSEN meeting minutes and briefing information: EIR release
Document: EIR 202500461035 - Information Released - Annex A and B (PDF)

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Tuesday 6th May 2025

Source Page: Scottish Pubs Adjudicator: complaints form for tied pub tenants
Document: Scottish Pubs Adjudicator: complaints form for tied pub tenants (webpage)

Found: information given to us about you and your complaint for its intended purpose and in line with Data Protection Act

Tuesday 6th May 2025
Legal Services (Solicitor to the Scottish Government)
Source Page: A guide to planning appeals in Scotland
Document: A Guide to Planning Appeals in Scotland.pdf (PDF)

Found: For compliance with the Data Protection Act 1998, personal information such as people’s telephone numbers

Tuesday 6th May 2025
Legal Services (Solicitor to the Scottish Government)
Source Page: A guide to planning appeals in Scotland
Document: A guide to planning appeals in Scotland (webpage)

Found: ; and also to view the decision on the appeal once it has been made.For compliance with the Data Protection Act

Thursday 1st May 2025

Source Page: A82 Tarbet to Inverarnan - Analysis and design of cycleway/mixed path: EIR release
Document: A82 Tarbet to Inverarnan - Analysis and design of cycleway/mixed path: EIR release (webpage)

Found: party and disclosing it would contravene the data protection principles in Schedule 1 to the Data Protection Act

Thursday 1st May 2025
Communications and Ministerial Support Directorate
Source Page: Activities and communications of the Cabinet Secretary for Finance and Local Government: FOI release
Document: Activities and communications of the Cabinet Secretary for Finance and Local Government: FOI release (webpage)

Found: contravene the data protection principles in Article 5(1) of the UK GDPR (or section 34(1) of the Data Protection Act

Wednesday 30th April 2025
Energy and Climate Change Directorate
Source Page: Clean Power 2030 Action Plan briefing documents: EIR release
Document: EIR 202500452601 - Information released - Annex A (PDF)

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Wednesday 30th April 2025
Environment and Forestry Directorate
Source Page: Galloway National Park correspondence with various organisations: EIR release
Document: EIR 202500453720 - Information released - Annex (PDF)

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Wednesday 30th April 2025
Communications and Ministerial Support Directorate
Source Page: Copy of information referenced in the Scottish Information Commissioner’s Decision Notice 186/2024: FOI release
Document: FOI 202500454839 - Information released - Annex A (PDF)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 30th April 2025
Agriculture and Rural Economy Directorate
Source Page: Proposed ban on owning cats in new housing developments in rural areas: EIR release
Document: Proposed ban on owning cats in new housing developments in rural areas: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 30th April 2025
Economic Development Directorate
Source Page: Plans for the site of the former McVities factory in Tollcross: FOI release
Document: Plans for the site of the former McVities factory in Tollcross: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 30th April 2025
Energy and Climate Change Directorate
Source Page: Clean Power 2030 report briefing documents: EIR release
Document: EIR 202500452602 - Information released - Annex A (PDF)

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Wednesday 30th April 2025

Source Page: ScotRail’s alcohol survey results: FOI release
Document: ScotRail’s alcohol survey results: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 30th April 2025

Source Page: Contract and planting plan map for previous request (202500450951): EIR release
Document: Contract and planting plan map for previous request (202500450951): EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 30th April 2025
Chief Operating Officer, NHS Scotland Directorate
Source Page: Documentation about sending surplus NHS equipment to Ukraine: FOI release
Document: FOI 202500451642 - Information released - Exemptions (PDF)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 30th April 2025

Source Page: Contract and planting plan map for previous request (202500450951): EIR release
Document: EIR 202500455863 - Information released - Contract Document (PDF)

Found: of Information (Scotland) Act 2002 (FOISA), the UK General Data Protection Regulation, the Data Protection Act

Monday 28th April 2025
Social Security Directorate
Source Page: Social Security (Amendment) (Scotland) Bill: data protection impact assessment - updated April 2025
Document: Social Security (Amendment) (Scotland) Bill - updated 2025: Data Protection Impact Assessment (PDF)

Found: organisation a public authority or body as set out in Part 2, Chapter 2, section 7 of the Data Protection Act

Thursday 24th April 2025
Tackling Child Poverty and Social Justice Directorate
Source Page: Scottish landlord register and private rental levels: FOI release
Document: Scottish landlord register and private rental levels: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 23rd April 2025
Population Health Directorate
Source Page: Correspondence regarding Professor of Global Public Health: FOI release
Document: Correspondence regarding Professor of Global Public Health: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 22nd April 2025
Energy and Climate Change Directorate
Source Page: Correspondence relating to Kendoon to Tongland 132KV reinforcement project: EIR release
Document: Correspondence relating to Kendoon to Tongland 132KV reinforcement project: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 22nd April 2025
Local Government and Housing Directorate
Source Page: Tenancy deposit schemes: FOI release
Document: Tenancy deposit schemes: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Tuesday 22nd April 2025
Environment and Forestry Directorate
Source Page: Correspondence between Scottish Government and Scottish Parliament regarding Galloway National Park: EIR release
Document: EIR 202500453718 - Information Released - Annex A & B (PDF)

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Tuesday 22nd April 2025
Environment and Forestry Directorate
Source Page: Galloway National Park correspondence with council officials: EIR release
Document: EIR 202500453716 - Information Released - Annex A and B (PDF)

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Wednesday 16th April 2025

Source Page: Low Emission Zone (LEZ) information: EIR release
Document: Low Emission Zone (LEZ) information: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 16th April 2025
Safer Communities Directorate
Source Page: Short life working group minutes regarding misuse of pyrotechnics at football: FOI release
Document: Short life working group minutes regarding misuse of pyrotechnics at football: FOI release (webpage)

Found: protection principles in the UK General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 16th April 2025
Legal Services (Solicitor to the Scottish Government)
Source Page: Flamingo Land plans for Loch Lomond: EIR release
Document: Flamingo Land plans for Loch Lomond: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 16th April 2025
Scottish Procurement and Property Directorate
Source Page: Procurement contracts: terms and conditions
Document: Model ICT services contract - concession contracts April 2025 (webpage)

Found: Computer Misuse Act 1990, the Network and Information Systems Regulations 2018, the UK GDPR or the Data Protection Act

Wednesday 16th April 2025
Scottish Procurement and Property Directorate
Source Page: Procurement contracts: terms and conditions
Document: Terms and conditions 4: conditions of contract for the supply of goods and services February 2025 (PDF)

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Wednesday 16th April 2025
Scottish Procurement and Property Directorate
Source Page: Procurement contracts: terms and conditions
Document: Terms and conditions 5: conditions of contract for the sale of goods (PDF)

Found: the Trade Union and Labour Relations (Consolidation) Act 1992, or commit any breach of the Data Protection Act

Wednesday 16th April 2025
Scottish Procurement and Property Directorate
Source Page: Procurement contracts: terms and conditions
Document: Terms and conditions 1: conditions of contract for the purchase of goods - February 2025 (PDF)

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Wednesday 16th April 2025
Safer Communities Directorate
Source Page: Correspondence relating to right wing extremist groups: FOI release
Document: Correspondence relating to right wing extremist groups: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 16th April 2025
Scottish Procurement and Property Directorate
Source Page: Procurement contracts: terms and conditions
Document: Model services contract - April 2025 (webpage)

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Wednesday 16th April 2025
Local Government and Housing Directorate
Source Page: Public health supplement documentation: FOI release
Document: Public health supplement documentation: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 16th April 2025
Scottish Procurement and Property Directorate
Source Page: Procurement contracts: terms and conditions
Document: Terms and conditions 3: conditions of contract for consultancy services February 2025 (PDF)

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Wednesday 16th April 2025
Scottish Procurement and Property Directorate
Source Page: Procurement contracts: terms and conditions
Document: Terms and conditions 2: conditions of contract for the purchase of services February 2025 (PDF)

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Wednesday 16th April 2025
Scottish Procurement and Property Directorate
Source Page: Procurement contracts: terms and conditions
Document: ICT services model contract - April 2025 (webpage)

Found: Computer Misuse Act 1990, the Network and Information Systems Regulations 2018, the UK GDPR or the Data Protection Act

Wednesday 16th April 2025
Propriety and Ethics Directorate
Source Page: Information regarding handling of Freedom of Information response 202400443239: FOI release
Document: Information regarding handling of Freedom of Information response 202400443239: FOI release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Wednesday 16th April 2025

Source Page: Social Security Scotland and Secretary of State (DWP) information sharing agreements: FOI release
Document: FOI 202500453728 - Information Released - Annex (PDF)

Found: Date of Birth D.O.D Date of Death DPA Data Protection Act 2018 DPIA Data Protection Impact Assessment

Wednesday 16th April 2025
Energy and Climate Change Directorate
Source Page: Carbon Capture Fund as part of the Scottish Government’s Emerging Energy Technologies Fund: EIR release
Document: Carbon Capture Fund as part of the Scottish Government’s Emerging Energy Technologies Fund: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Monday 14th April 2025
Local Government and Housing Directorate
Source Page: Open Market Shared Equity Scheme: administrative procedures
Document: Open Market Shared Equity Scheme: Administrative Procedures (PDF)

Found: You will duly observe your obligations under the Data Protection Act 2018 and the General Data Protection

Friday 11th April 2025

Source Page: Public Sector Pay Policy Technical Guide - April 2025
Document: Public Sector Pay Policy Technical Guide (PDF)

Found: and in particular the principles of the General Data Protection Regulation (GDPR) and the Data Protection Act

Thursday 10th April 2025
Energy and Climate Change Directorate
Source Page: Emerging Energy Technologies Fund correspondence: EIR release
Document: Emerging Energy Technologies Fund correspondence: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 10th April 2025
Energy and Climate Change Directorate
Source Page: Carbon Capture Fund correspondence: EIR release
Document: Carbon Capture Fund correspondence: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Thursday 10th April 2025
Marine Directorate
Source Page: Live cleaner fish movements: EIR release
Document: Live cleaner fish movements: EIR release (webpage)

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act



Scottish Written Answers
S6W-37428
Asked by: Balfour, Jeremy (Scottish Conservative and Unionist Party - Lothian)
Monday 12th May 2025

Question

To ask the Scottish Government whether it has plans to make the Scottish Kept Birds Register publicly searchable, and, if not, for what reason. 

Answered by Fairlie, Jim - Minister for Agriculture and Connectivity

The Scottish Government has no plans to make the Scottish Kept Birds Register publicly searchable.

The Scottish Kept Bird Register is a mandatory register for bird keepers in Scotland under the Avian Influenza (Preventive Measures) (Scotland) Amendment Order 2024. It was established to allow Scottish Government and its deliver body, the Animal and Plant Health Agency, to send vital biosecurity information to bird keepers to minimise the risk of the spread of notifiable avian diseases, particularly highly pathogenic avian influenza. The register also supports mandatory surveillance activities during disease outbreaks. The information has also been used to help support public health response in the offer of vaccinations to poultry keepers.

In accordance with Data Protection Act 2018 a commitment was made to those registering, in the Scottish Kept Bird Register Privacy Notice, as to how the data collected would be used. This can be summarised as to determine the size and location of the kept bird population in Scotland, for communication and disease control activities during notifiable avian disease outbreaks, and for promoting bird welfare and public health.

To make this data public would be in breach of the Data Protection Act of 2018, as the Scottish Government would be unable to control the uses to which the data was being put. The Scottish Government is legally required to make arrangements to ensure that the data collected is retained securely and protected from data breach. This is in common with registers for other animals and livestock across Scotland held by Scottish Government.



Scottish Parliamentary Debates
Scottish Public Inquiries (Cost-effectiveness)
283 speeches (148,163 words)
Tuesday 27th May 2025 - Committee
Mentions:
1: None However, the reality was that the council could not provide that, because of the Data Protection Act - Link to Speech




Data Protection Act 2018 mentioned in Welsh results


Welsh Committee Publications
Wednesday 25th June 2025
PDF - Letter from the Leader of Cardiff Council to the Chair in relation to the Bus Services (Wales) Bill - 25 June 2025

Inquiry: Bus Services (Wales) Bill


Found: SWYDDFA’R ARWEINYDD LEADER'S OFFICE Your information is processed under the Data Protection Act 2018

Friday 7th February 2025
PDF - Marshalled List of Amendments - 7 February 2025

Inquiry: Report on the Welsh Language and Education (Wales) Bill


Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act

Wednesday 5th February 2025
PDF - Notice of Amendments (v3) - 5 February 2025

Inquiry: Report on the Welsh Language and Education (Wales) Bill


Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act

Tuesday 21st January 2025
PDF - Welsh Government Response - 21 January 2025

Inquiry: Children on the Margins


Found: share information in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act


PDF - Notice of Amendments – 10 March 2023

Inquiry: Report on the Agriculture (Wales) Bill


Found: (3) In this section “data protection legislation” has the same meaning as in the Data Protection Act


PDF - Marshalled list of Amendments – 23 March 2023

Inquiry: Report on the Agriculture (Wales) Bill


Found: (3) In this section “data protection legislation” has the same meaning as in the Data Protection Act


PDF - report

Inquiry: Report on the Agriculture (Wales) Bill


Found: provisions are compliant with the data protection principles enshrined in the UK GDPR and the Data Protection Act


PDF - response

Inquiry: Report on the Agriculture (Wales) Bill


Found: provisions are compliant with the data protection principles enshrined in the UK GDPR and the Data Protection Act


PDF - Revised Explanatory Memorandum

Inquiry: Report on the Tertiary Education and Research (Wales) Bill


Found: sharing, it is intended that the Commission will be a public authority for the purposes of the Data Protection Act


PDF - Revised Explanatory Memorandum

Inquiry: Report on the Tertiary Education and Research (Wales) Bill


Found: sharing, it is intended that the Commission will be a public authority for the purposes of the Data Protection Act


PDF - Letter from the Counsel General and Minister for the Constitution – 10 November 2023

Inquiry: Elections and Elected


Found: duty into account) contravene the data protection legislation within the meaning of the Data Protection Act


PDF - Elections and Elected Bodies (Wales) Bill

Inquiry: Elections and Elected


Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act


PDF - Elections and Elected Bodies (Wales) Bill

Inquiry: Elections and Elected


Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act


PDF - Elections and Elected Bodies (Wales) Bill

Inquiry: Elections and Elected


Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act


PDF - Explanatory Memorandum

Inquiry: Elections and Elected


Found: duty into account) contravene the data protection legislation within the meaning of the Data Protection Act


PDF - Explanatory Memorandum

Inquiry: Elections and Elected


Found: duty into account) contravene the data protection legislation within the meaning of the Data Protection Act


PDF - Notice of amendments

Inquiry: Report on the Welsh Language and Education (Wales) Bill


Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act


PDF - Marshalled List of Amendments

Inquiry: Report on the Welsh Language and Education (Wales) Bill


Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act


PDF - responded

Inquiry: Hospital discharge and its impact on patient flow through hospitals


Found: used in line with the requirements of the UK General Data Protection Regulation (UKGDPR), the Data Protection Act


PDF - 7 March 2025

Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Data (Use and Access) Bill


Found: provided by UK legislation set out in the General Data Protection Regulation (GDPR) and the Data Protection Act


PDF - Culture, Communications, Welsh Language, Sport, and International Relations Committee Report: The Data Protection and Digital Information (No. 2) Bill Legislative Consent Memoranda No.1 and No.2 - July 2023

Inquiry: The Welsh Government’s Legislative Consent


Found: This code must be consistent with the data sharing code prepared and issued under the Data Protection Act


PDF - report

Inquiry: The Welsh Government’s Legislative Consent


Found: exemption to the Information Commissioner’s assessment notices powers under section 147(6) of the Data Protection Act


PDF - wrote

Inquiry: The Welsh Government’s Legislative Consent


Found: Bill, clause 41 Interview Notices (clause 38 as introduced) inserts new provisions into the Data Protection Act


PDF - responded

Inquiry: The Welsh Government’s Legislative Consent


Found: Response: Clause 41 Interview Notices (clause 38 as introduced) inserts new provisions into the Data Protection Act


PDF - report

Inquiry: The Welsh Government’s Legislative Consent


Found: The GDPR works in tandem with the UK’s Data Protection Act 2018 (the DPA 2018) to govern the processing


PDF - responded to the report

Inquiry: The Welsh Government’s Legislative Consent


Found: currently in place across the EU and the UK (the General Data Protection Regulation (GDPR) and the Data Protection Act


PDF - Legislative Consent Memorandum

Inquiry: The Welsh Government’s Legislative Consent


Found: The UK’s Data Protection Act (DPA) 2018 received Royal Assent around the same time, and both pieces


PDF - 2 January 2025

Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Data (Use and Access) Bill


Found: interacts with a wide range of other key legislation: • Births and Deaths Registration Act 1953 • Data Protection Act


PDF - Supplementary Legislative Consent Memorandum

Inquiry: Procurement Bill


Found: been included after clause 88 (Data protection), which seeks to give assurances that the Data Protection Act


PDF - Supplementary Legislative Consent Memorandum

Inquiry: The Welsh Government’s Legislative Consent Memoranda


Found: UK Government amendments 65 and 66 remove a cross reference to s183A of the Data Protection Act 2018


PDF - The Retained EU Law (Revocation and Reform) Act 2023 (Consequential Amendment) Regulations 2023

Inquiry: Report on the Statutory Instrument Consent Memorandum for The Retained EU Law (Revocation and Reform) Act 2023 (Consequential Amendment) Regulations 2023


Found: Economy Act 2017 (c. 30), and was amended by paragraph 135(4) and (5) of Schedule 19(1) to the Data Protection Act


PDF - Tertiary Education and Research (Wales) Bill, as amended at Stage 3

Inquiry: Report on the Tertiary Education and Research (Wales) Bill


Found: legislation. 10 (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act


PDF - Tertiary Education and Research (Wales) Bill, as passed

Inquiry: Report on the Tertiary Education and Research (Wales) Bill


Found: (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act


PDF - Explanatory Memorandum

Inquiry: Report on the Tertiary Education and Research (Wales) Bill


Found: sharing, it is intended that the Commission will be a public authority for the purposes of the Data Protection Act


PDF - Elections and Elected Bodies (Wales) Bill - as amended at Stage 2

Inquiry: Elections and Elected


Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act


PDF - Elections and Elected Bodies (Wales) Bill - as amended Stage 3

Inquiry: Elections and Elected


Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act


PDF - Elections and Elected Bodies (Wales) Bill - as passed

Inquiry: Elections and Elected


Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act


PDF - Elections and Elected Bodies (Wales) Bill

Inquiry: Elections and Elected


Found: duty into account) contravene the data protection legislation 20 (within the meaning of the Data Protection Act


PDF - Marshalled list of amendments

Inquiry: Report on the Tertiary Education and Research (Wales) Bill


Found: (3) In this section, “data pr otection legislation” has the same meaning as in the Data Protection Act


PDF - Tertiary Education and Research (Wales) Bill

Inquiry: Report on the Tertiary Education and Research (Wales) Bill


Found: legislation. 10 (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act


PDF - Tertiary Education and Research (Wales) Bill

Inquiry: Report on the Tertiary Education and Research (Wales) Bill


Found: (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act



Welsh Government Publications
Friday 4th July 2025

Source Page: Distribution Sub Group meeting: 4 July 2025
Document: Paper 09 (PDF)

Found: Data was supplied via postcodes and handled in accordance with the 1998 Data Protection Act with special

Thursday 19th June 2025

Source Page: Patterns of attainment in reading and numeracy: September 2018 to August 2024
Document: Patterns of attainment in reading and numeracy: September 2018 to August 2024 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Tuesday 17th June 2025

Source Page: Homelessness and Social Housing Allocation (Wales) Bill: impact assessments
Document: Data protection impact assessment (webpage)

Found: Section 8 of the Data Protection Act 2018 (“the 2018 Act”) supplements Article 6(1) of the UK GDPR by

Monday 16th June 2025

Source Page: FOI release 24727: Wales and West Housing Association
Document: Doc 1 (PDF)

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Monday 16th June 2025

Source Page: FOI release 24727: Wales and West Housing Association
Document: Doc 2 (PDF)

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Monday 16th June 2025

Source Page: FOI release 24727: Wales and West Housing Association
Document: Wales and West Housing Association (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Wednesday 11th June 2025

Source Page: FOI release 24708: Staff policies
Document: Doc 1 (PDF)

Found: Act 2010 4.2 Gender Recognition Act 2004 4.3 UK General Data Protection Regulation and Data Protection Act

Wednesday 11th June 2025

Source Page: FOI release 24699: Indian Office
Document: Indian Office (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Monday 9th June 2025

Source Page: FOI release 24700: Planning Applications
Document: Planning Applications (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Friday 6th June 2025

Source Page: FOI release 24466: Planning inspectors
Document: Internal Review (PDF)

Found: data protection principles, or (b) would do so if the exemptions in section 24(1) of the Data Protection Act

Friday 6th June 2025

Source Page: FOI release 24466: Planning inspectors
Document: Planning inspectors (PDF)

Found: dictated by data protection regulations; General Data Protection Regulations UK (UK GDPR) and Data Protection Act

Wednesday 4th June 2025

Source Page: FOI release 24689: Brexit
Document: Brexit (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Tuesday 3rd June 2025

Source Page: FOI release 24688: Newtown Bypass
Document: Newtown Bypass (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Tuesday 3rd June 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 23 May 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 23 May 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Tuesday 20th May 2025

Source Page: FOI release 24539: Free School Meals
Document: Free School Meals (PDF)

Found: Education Act 1996 and that their processing of personal data is in line with UK GDPR and the Data Protection Act

Monday 19th May 2025

Source Page: Small Grants – Environment (water): general rules booklet 2025
Document: Small Grants – Environment (water): general rules booklet 2025 (webpage)

Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act

Monday 19th May 2025

Source Page: FOI release 23214: River Basin Management Plans
Document: River Basin Management Plans (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Monday 19th May 2025

Source Page: Rights, respect, equality anti-bullying guidance
Document: Rights, respect, equality: statutory guidance for schools and settings (draft) (PDF)

Found: protection legislation, such as the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act

Monday 19th May 2025

Source Page: Development management manual
Document: Development management manual (without annexes) (PDF)

Found: However, under the Data Protection Act 1998, the addresses and other contact information of private

Thursday 15th May 2025

Source Page: Commons Act 2006: apply under section 38
Document: Commons Act 2006: apply under section 38 (PDF)

Found: Organisation (if applicable) Date You must keep a copy of your completed form Data Protection Act

Wednesday 14th May 2025

Source Page: Welsh Government’s standard conditions for the supply of services
Document: Standard conditions for the supply of services (PDF)

Found: this Contract in respect of which such Party is liable to the other; DPA 2018 means the Data Protection Act

Monday 12th May 2025

Source Page: Partnership arrangements for care and support: guidance
Document: Part 9 statutory guidance: partnership arrangements (PDF)

Found: other duties, including its duties under the General Data Protection Regulations 2018, the Data Protection Act

Thursday 8th May 2025

Source Page: Assets Collaboration Programme Wales Phase 3 (ACPW3): grant offer letter
Document: Grant offer letter (webpage)

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Wednesday 7th May 2025

Source Page: Access Broadband Cymru: sample standard grant letter
Document: Access Broadband Cymru: sample standard grant letter (webpage)

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Tuesday 6th May 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 25 April 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 25 April 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Monday 28th April 2025

Source Page: Iaith Athrawon Yfory Incentive Scheme: guidance for ITE partnerships from 2023 and 2024
Document: Iaith Athrawon Yfory Incentive Scheme: guidance for ITE partnerships from 2023 and 2024 (webpage)

Found: Information Regulations 2004 (the “EIR”) the General Data Protection Regulation (GDPR) and Data Protection Act

Monday 28th April 2025

Source Page: National multi-agency practice framework for children’s services
Document: National multi-agency practice framework for children’s services (webpage)

Found: their legal obligations, namely the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Thursday 24th April 2025

Source Page: FOI release 24584: Ceredigion Local Development Plan
Document: Doc 1 (PDF)

Found: Under the UK GDPR, Data Protection Act 2018 and the Freedom of Information Act 2000 the contents of

Thursday 24th April 2025

Source Page: FOI release 24584: Ceredigion Local Development Plan
Document: Ceredigion Local Development Plan (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Tuesday 22nd April 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 11 April 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 11 April 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Wednesday 16th April 2025

Source Page: Bus Services (Wales) Bill 2020 (withdrawn): integrated impact assessment
Document: Bus Services (Wales) Bill 2020 (withdrawn): integrated impact assessment (PDF)

Found: will process personal data, or require another organisation to do so, must comply with the Data Protection Act

Monday 14th April 2025

Source Page: FOI release 24421: Swansea maternity services
Document: Swansea maternity services (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Friday 11th April 2025

Source Page: Standard for digital health identity verification in primary care
Document: The NHS Wales digital health identity standard for primary care (NHS login) (PDF)

Found: have a legal requirement: • to adhere to the General Data Protection Regulation (GDPR), Data Protection Act

Thursday 10th April 2025

Source Page: Young people not in education, employment or training (NEET): 2024
Document: Young people not in education, employment or training (NEET): 2024 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Tuesday 8th April 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 28 March 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 28 March 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Monday 7th April 2025

Source Page: FOI release 24503: Godre'r Graig Primary School
Document: Doc 2 (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Wednesday 2nd April 2025

Source Page: FOI release 23323: Tertiary Education
Document: Tertiary Education (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Friday 28th March 2025

Source Page: FOI release 24464: Hendy Wind Farm
Document: Hendy Wind Farm (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Friday 28th March 2025

Source Page: Food Business Accelerator scheme: pre-qualification form
Document: Food Business Accelerator scheme: pre-qualification form (PDF)

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004, Data Protection Act

Friday 28th March 2025

Source Page: Welsh Revenue Authority equality report 2025
Document: Welsh Revenue Authority equality report 2025 (webpage)

Found: great importance on protecting people’s privacy and their data in full compliance with the Data Protection Act

Friday 28th March 2025

Source Page: FOI release 24479: Misoprostol
Document: Misoprostol (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Thursday 27th March 2025

Source Page: Relative income poverty: April 2023 to March 2024
Document: Relative income poverty: April 2023 to March 2024 (webpage)

Found: are presented impartially and objectively and are in accordance with the requirements of the Data Protection Act

Wednesday 26th March 2025

Source Page: Eliminating profit from the care of looked after children: data protection impact assessment
Document: Data protection impact assessment (PDF)

Found: In our view the requirements of section 10 of and paragraph 1 of Schedule 1 to the Data Protection Act

Tuesday 25th March 2025

Source Page: FOI release 24554: Brilliant Basics Grant
Document: Brilliant Basics Grant (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Tuesday 25th March 2025

Source Page: FOI release 24487: Wildlife poisoning
Document: Wildlife poisoning (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Tuesday 25th March 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 14 March 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 14 March 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Monday 17th March 2025

Source Page: Food Business Accelerator scheme (window 2): general rules booklet
Document: Food Business Accelerator scheme (window 2): general rules booklet (webpage)

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004, Data Protection Act

Thursday 13th March 2025

Source Page: Participation of young people in education and the labour market: 2022 and 2023 (provisional)
Document: Participation of young people in education and the labour market: 2022 and 2023 (provisional) (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Wednesday 12th March 2025

Source Page: FOI release 24353: A470 access road
Document: A470 access road (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Tuesday 11th March 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 28 February 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 28 February 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Monday 10th March 2025

Source Page: Scoping study for mixed attainment teaching practice in schools in Wales: report
Document: Scoping study for mixed attainment teaching practice in schools in Wales (PDF)

Found: The information you provide will be handled in accordance with the UK Data Protection Act 1998, which

Thursday 6th March 2025

Source Page: Ffermio Bro - Farming in Designated Landscapes (stage 1): rules booklet
Document: Ffermio Bro - Farming in Designated Landscapes (stage 1): rules booklet (webpage)

Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act

Thursday 6th March 2025

Source Page: FOI release 23347: Grooming Gangs
Document: Grooming Gangs (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Thursday 6th March 2025

Source Page: FOI release 23347: Grooming Gangs
Document: Doc 3 (PDF)

Found: The present study complied with the 2018 Data Protection Act, which allows sensitive study data to be

Tuesday 4th March 2025

Source Page: Attendance and absence from schools: September 2023 to August 2024
Document: Attendance and absence from schools: September 2023 to August 2024 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Friday 28th February 2025

Source Page: Small Grants – Woodland Creation (windows 7, 8 and 9): rules booklet
Document: Small Grants – Woodland Creation (windows 7, 8 and 9): rules booklet (webpage)

Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act

Friday 28th February 2025

Source Page: FOI release 23327: Physician associate students
Document: Physician associate students (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Friday 28th February 2025

Source Page: Woodland Creation Grant (window 5): rules booklet
Document: Woodland Creation Grant (window 5): rules booklet (webpage)

Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act

Wednesday 26th February 2025

Source Page: FOI release 23335: Ainon Welsh Baptist Chapel, Treorchy
Document: Ainon Welsh Baptist Chapel, Treorchy (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Wednesday 26th February 2025

Source Page: Small Grants – Efficiency (window 4): general rules booklet
Document: Small Grants – Efficiency (window 4): general rules booklet (webpage)

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Tuesday 25th February 2025

Source Page: FOI release 23329: Protocols
Document: Protocols (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Tuesday 25th February 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 14 February 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 14 February 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Monday 24th February 2025

Source Page: FOI release 23301: Brilliant Basics Grant for Llansteffan North Carpark
Document: Brilliant Basics Grant for Llansteffan North Carpark (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Monday 24th February 2025

Source Page: FOI release 23294: Ty Llwyd Quarry
Document: Doc 1 (PDF)

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Wednesday 19th February 2025

Source Page: Single Application Form (SAF) 2025: rules booklet
Document: Single Application Form (SAF) 2025: rules booklet (PDF)

Found: accordance with its obligations and duties under the: • Freedom of Information Act 2000 • The Data Protection Act

Thursday 13th February 2025

Source Page: FOI release 23265: Tŷ Llwyd Quarry
Document: Doc 1 (PDF)

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Wednesday 12th February 2025

Source Page: FOI release 23211: Special Advisers
Document: Special Advisers (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Wednesday 12th February 2025

Source Page: FOI release 23253: Cafcass policies
Document: Cafcass policies (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Tuesday 11th February 2025

Source Page: Contracting authority onboarding
Document: Contracting authority onboarding (webpage)

Found: It is a requirement under Article 26 of Data Protection Act 2018 and is quite commonly used in Central

Tuesday 11th February 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 31 January 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 31 January 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Monday 10th February 2025

Source Page: FOI release 23243: E Harley Street Primary Care Solutions
Document: E Harley Street Primary Care Solutions (PDF)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Tuesday 28th January 2025

Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 17 January 2025
Document: Attendance of pupils in maintained schools: 2 September 2024 to 17 January 2025 (webpage)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act



Welsh Written Answers
WQ96336
Asked by: Gareth Davies (Welsh Conservative Party - Vale of Clwyd)
Friday 2nd May 2025

Question

What Welsh Government guidance is provided to GP practices regarding charging patients for accessing their medical records?

Answered by Cabinet Secretary for Health and Social Care

The General Data Protection Regulations and the Data Protection Act 2018 were made by the UK government and apply to the four nations of the UK. GP practices cannot charge patients for reasonable access to their medical record. Guidance for GPs has been issued by the BMA to help practices in understanding their statutory obligations. bma-access-to-health-records-nov-19.pdf

WQ90609
Asked by: Andrew RT Davies (Welsh Conservative Party - South Wales Central)
Tuesday 30th January 2024

Question

What is the average time taken to respond to FOI requests, broke down by department, over each of the last three years?

Answered by First Minister

The information for the calendar years 2021, 2022 and 2023 are provided in the tables below. Please note:

The statistics relate to the handling of requests for recorded information under the Freedom of Information Act 2000 (FOIA), the Environmental Information Regulations 2004 (EIRs) and the Data Protection Act 2018 (DPA2018) / UK General Data Protection Regulation (UK GDPR).

The FOIA and EIRs both require public bodies to normally respond to written requests for information within 20 working days of receipt, with limited exceptions. The FOIA allows for a reasonable extension to the 20 working day deadline when considering a public interest tested exemption and the EIRs allow for an extension of a maximum of a further 20 working days if the request is complex and voluminous.  This means that some requests that took over 20 working days to respond would still have been responded to within the statutory deadline.

 

Requests Received in 2021:

Group

Average Time Taken (working days)

Education & Public Services Group

17.2 days

Economy, Skills & Natural Resources Group

18.9 days

Health & Social Services Group

15.2 days

Office of the First Minister

19.6 days

Permanent Secretary’s Group

19.7 days

Not formally assigned*

18.8 days

Note: *These requests did not fall under any specific group area and were dealt with centrally by the Information Rights Unit.

 

Requests Received in 2022: (Note there was an organisational change in April 2022):

Group (pre-organisational change)

Average Time Taken (working days)

Education & Public Services Group

15.9 days

Economy, Skills & Natural Resources Group

14.7 days

Health & Social Services Group

13.5 days

Office of the First Minister Group

15.2 days

Permanent Secretary’s Group

16.7 days

Not formally assigned*

10.8 days

Note: *These requests did not fall under any specific group area and were dealt with centrally by the Information Rights Unit.

 

Group (post-organisational change)

Average Time Taken (working days)

Climate Change & Rural Affairs Group

20.6 days

Chief Operating Officer Group

16.7 days

Covid Recovery & Local Government Group

10.8 days

Education, Social Justice & Welsh Language Group

18.5 days

Economy, Treasury & Constitution Group

19.7 days

Health & Social Services Group

12.9 days

Office of the First Minister Group

19.3 days

Permanent Secretary’s Group

21.4 days

 

Requests Received in 2023:

Group

Average Time Taken (working days)

Climate Change & Rural Affairs Group

16.4 days

Chief Operating Officer Group

18.0 days

Covid Recovery & Local Government Group

12.0 days

Education, Social Justice & Welsh Language Group

18.3 days

Economy, Treasury & Constitution Group

16.9 days

Health & Social Services Group

13.6 days

Office of the First Minister Group

19.9 days

Permanent Secretary’s Group

13.0 days

WQ82325
Asked by: Andrew RT Davies (Welsh Conservative Party - South Wales Central)
Friday 26th March 2021

Question

Will the Minister detail operating costs, including rent, utilities, staffing and expenses, for each of the Welsh Government’s offices abroad during this current Senedd term to date?

Answered by Minister for Finance and Trefnydd

Information on the running costs for each international office can be found within the State of the Estate report at the following link https://gov.wales/state-estate-report-2018-to-2019.

Data protection legislation requires us to protect personal information being held in relation to individual members of staff, and others, and to ensure that it is only used for the purposes for which it was collected. As there are a small number of staff in each of the offices, disclosure of the total staff costs for each office is likely to allow the actual salaries of each individual to be identified. We believe that releasing this information would be in breach of the Data Protection Act.

The figures in the State of the Estate report does not cover the whole of the Senedd term. Therefore, I will write to you shortly with the figures for 2019/20, once the information has been collated. The figures for 2020/21 are not yet available.

 

Substantive response



Welsh Senedd Research
Generative AI in the public sector
Wednesday 3rd July 2024
www.senedd.wales Welsh Parliament Senedd Research Generative AI – an overview Research Briefing July 2024 The Welsh Parliament is the democratically elected body that represents the interests of Wales and its people. Commonly known as the Senedd,...

Found: protects people against discrimination and supports equal employment opportunities; ƒ The Data Protection Act

COVID-19 Register of Experts for Wales horizon scanning survey - Senedd Commission Privacy Notice
Monday 1st February 2021
COVID-19 Register of Experts for Wales horizon scanning survey - Senedd Commission Privacy Notice How your information will be used The Senedd Commission is the data controller of the information you provide, and will ensure it is protected and u...

Found: Article 6(1)(e) of the General Data Protection Regulation read together with section 8(d) of the Data Protection Act

Senedd Commission Privacy Notice – COVID-19 Register of Experts for Wales
Thursday 21st January 2021
Senedd Commission Privacy Notice – COVID-19 Register of Experts for Wales This Privacy Notice sets out how the Senedd Commission’s Research Service (Senedd Research) collects and uses the information you provide The Senedd Commission is the data...

Found: 6(1)(e) of the General Data Protection Regulation read together with section 8(d) of the Data Protection Act

Public Services Ombudsman (Wales) Bill
Monday 11th March 2019
National Assembly for Wales Senedd Research www.assembly.wales/research Public Services Ombudsman (Wales) Bill Bill Summary March 2019 http://www.assembly.wales/research The National Assembly for Wales is the democratically elected body that repr...

Found: Other significant amendments seek to include references to the Data Protection Act 2018.

The Queen’s Speech 2017
Wednesday 5th July 2017
Research Briefing The Queen’s Speech 2017 National Assembly for Wales Research Service Author: Alys Thomas Date: July 2017 The National Assembly for Wales is the democratically elected body that represents the interests of Wales and its people, m...

Found: establish a new data protection regime for non-law enforcement data processing, replacing the Data Protection Act

Landfill Disposals Tax (Wales) Bill
Tuesday 20th June 2017
Research Briefing Landfill Disposals Tax (Wales) Bill National Assembly for Wales Research Service - Bill Summary - Summary of Stage 2 changes - Welsh Glossary The National Assembly for Wales is the democratically elected body that represents the...

Found: ruling in relation to the drafting of information sharing provisions and the application of the Data Protection Act



Welsh Senedd Debates
5. Member Debate under Standing Order 11.21(iv)—Biometric data in schools
None speech (None words)
Wednesday 8th March 2023 - None
2. Questions to the Counsel General and Minister for the Constitution
None speech (None words)
Wednesday 7th December 2022 - None
Group 19: Information (Amendments 133, 36, 134, 135, 136, 137)
None speech (None words)
Thursday 12th May 2022 - None