Information since 12 Jul 2025, 7:26 a.m.
| Parliamentary Debates |
|---|
|
Terminally Ill Adults (End of Life) Bill
165 speeches (32,633 words) Committee stage Friday 21st November 2025 - Lords Chamber Department of Health and Social Care Mentions: 1: Baroness Merron (Lab - Life peer) personal data engages Article 8 of the ECHR and is regulated by the principles set down in the Data Protection Act - Link to Speech |
|
Crime and Policing Bill
45 speeches (10,103 words) Committee stage part two Monday 10th November 2025 - Lords Chamber Home Office Mentions: 1: None is no longer needed because of the general data protection override in section 183A of the Data Protection Act - Link to Speech 2: None is no longer needed because of the general data protection override in section 183A of the Data Protection Act - Link to Speech 3: Lord Hanson of Flint (Lab - Life peer) within the Bill, as a general provision to the same effect is now made by Section 183A of the Data Protection Act - Link to Speech 4: Lord Clement-Jones (LD - Life peer) that are no longer needed, and that this is caused by the insertion of Section 183A into the Data Protection Act - Link to Speech |
|
Sentencing Bill
103 speeches (31,809 words) Report stage Wednesday 29th October 2025 - Commons Chamber Ministry of Justice Mentions: 1: Nusrat Ghani (Con - Sussex Weald) , and other relevant agencies, subject to the UK General Data Protection Regulation and the Data Protection Act - Link to Speech |
|
Border Security, Asylum and Immigration Bill
75 speeches (16,347 words) Report stage Tuesday 28th October 2025 - Lords Chamber Home Office Mentions: 1: Lord Hanson of Flint (Lab - Life peer) to Clauses 27 to 31, and the specific application of the data protection legislation in the Data Protection Act - Link to Speech 2: Baroness Hamwee (LD - Life peer) The noble Lord, Lord Davies, seeks to alter the Data Protection Act by creating the possibility of the - Link to Speech |
| Select Committee Documents |
|---|
|
Friday 21st November 2025
Written Evidence - Open Rights Group RAI0018 - Human Rights and the Regulation of AI Human Rights and the Regulation of AI - Human Rights (Joint Committee) Found: Human Rights Act 1998, the Equality Act 2010, data protection law (including the GDPR and Data Protection Act |
|
Tuesday 18th November 2025
Correspondence - Letter from Lord Hanson of Flint, Minister of State at the Home Office, to Lord Gardiner of Kimble, Chair of the Liaison Committee, on the Select Committee on the Fraud Act 2006 and Digital Fraud Committee Liaison Committee (Lords) Found: statutory guidance alongside an action plan to raise awareness of the provisions under the Data Protection Act |
|
Friday 14th November 2025
Correspondence - Letter from Lord Hanson, Minister of State for the Home Office to Lord Strathclyde, Chair of the Constitution Committee, regarding the Crime and Policing Bill Constitution Committee Found: driver licencing data is sought for purposes that are not law enforcement purposes under the Data Protection Act |
|
Tuesday 11th November 2025
Oral Evidence - 2025-11-11 17:30:00+00:00 UK-India Free Trade Agreement - International Agreements Committee Found: negotiation that John was alluding to—is now in place; it is called the Digital Personal Data Protection Act |
|
Tuesday 11th November 2025
Report - Abuse Redress Measure LP Ecclesiastical Committee Found: personal data” and “the data protection legislation” each have the same meaning as in the Data Protection Act |
|
Tuesday 11th November 2025
Report - Abuse Redress Measure Ecclesiastical Committee Found: “personal data” and “the data protection legislation” each have the same meaning as in the Data Protection Act |
|
Tuesday 11th November 2025
Report - Abuse Redress Measure - Comments and Explanations Ecclesiastical Committee Found: disclosure of information does not include a reference to personal data, within the meaning of the Data Protection Act |
|
Tuesday 11th November 2025
Report - Abuse Redress Measure - Comments and Explanations LP Ecclesiastical Committee Found: disclosure of information does not include a reference to personal data, within the meaning of the Data Protection Act |
|
Thursday 30th October 2025
Correspondence - Lord Hanson of Flint to Committee regarding Border Security, Asylum and Immigration Bill Human Rights (Joint Committee) Found: Section 106 inserted a new section 183A into the Data Protection Act 2018. |
|
Wednesday 29th October 2025
Oral Evidence - Glitch, Amnesty International UK, Privacy International, and Big Brother Watch Human Rights and the Regulation of AI - Human Rights (Joint Committee) Found: There are existing rights-based protections, which come through the Equality Act, the Data Protection Act |
|
Wednesday 29th October 2025
Written Evidence - School of Law, University of Leeds, and School of Law, University of Leeds IGF0046 - Innovation and global food security Innovation and global food security - Science, Innovation and Technology Committee Found: Agricultural Data Protection Act. |
|
Wednesday 29th October 2025
Written Evidence - School of Law, University of Leeds, and School of Law, University of Leeds IGF0046 - Innovation and global food security Innovation and global food security - Science, Innovation and Technology Committee Found: Agricultural Data Protection Act. |
|
Tuesday 28th October 2025
Correspondence - Letter from Secretary of State for Housing, Communities and Local Government relating to the planning application for the Chinese Embassy, dated 21 October 2025 National Security Strategy (Joint Committee) Found: Any personal data will, in such cases, be removed in order to comply with the Data Protection Act 2018 |
|
Friday 24th October 2025
Written Evidence - FairGo CIC ADBRS0005 - Afghan Data Breach and Resettlement Schemes Afghan Data Breach and Resettlement Schemes - Defence Committee Found: The Data Protection Act 2018 provides limited exemptions (including national‑security related) that |
| Written Answers | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Teachers: Workplace Pensions
Asked by: Mohammad Yasin (Labour - Bedford) Friday 21st November 2025 Question to the Department for Education: To ask the Secretary of State for Education, what performance monitoring and enforcement mechanisms are in place to ensure that the administrative provider of the Teachers’ Pension Scheme delivers services to the agreed standard, and what recourse is available to members should those standards not be met. Answered by Georgia Gould - Minister of State (Education) Details of how personal data is processed and stored are outlined in the Teachers’ Pension Scheme (TPS) privacy notice which is available here: https://www.teacherspensions.co.uk/-/media/documents/member/factsheets/gdpr/dfe-privacy-notice-gdpr-v12-march-2023-for-web.ashx?rev=a6788c6aa67e4ac7b3d3f4df74462add&hash=ACAAEF10BB57B5814744376B519FABA1. The TPS complies fully with the General Data Protection Regulation (GDPR) 2018 and the Data Protection Act 2018. For members requiring additional communication support, the contact us page provides alternative communication options. The scheme also meets the requirements of the Equality Act 2010 and is committed to ensuring accessibility for all members and employers. The accessibility statement on the TPS website explains how the site is designed to be inclusive and is available here: https://www.teacherspensions.co.uk/public/accessibility.aspx.
To maintain service standards, the department monitors the administrator against agreed performance metrics, set out in the TPS administration contract, through established governance arrangements. If contract administration fails to meet established standards and performance metrics, the department can impose financial penalties on the administrator.
Where members believe service standards have not been met, they can use a dispute resolution process to raise this. If dissatisfied with the outcome, they may escalate their complaint to the Pensions Ombudsman for independent review. |
||||||||||||||||||||||||
|
Teachers: Workplace Pensions
Asked by: Mohammad Yasin (Labour - Bedford) Friday 21st November 2025 Question to the Department for Education: To ask the Secretary of State for Education, whether the service standards and accessibility requirements for the administrator of the Teachers’ Pension Scheme will include provisions to support members with hearing impairments or communication needs when accessing helpline or case-management support. Answered by Georgia Gould - Minister of State (Education) Details of how personal data is processed and stored are outlined in the Teachers’ Pension Scheme (TPS) privacy notice which is available here: https://www.teacherspensions.co.uk/-/media/documents/member/factsheets/gdpr/dfe-privacy-notice-gdpr-v12-march-2023-for-web.ashx?rev=a6788c6aa67e4ac7b3d3f4df74462add&hash=ACAAEF10BB57B5814744376B519FABA1. The TPS complies fully with the General Data Protection Regulation (GDPR) 2018 and the Data Protection Act 2018. For members requiring additional communication support, the contact us page provides alternative communication options. The scheme also meets the requirements of the Equality Act 2010 and is committed to ensuring accessibility for all members and employers. The accessibility statement on the TPS website explains how the site is designed to be inclusive and is available here: https://www.teacherspensions.co.uk/public/accessibility.aspx.
To maintain service standards, the department monitors the administrator against agreed performance metrics, set out in the TPS administration contract, through established governance arrangements. If contract administration fails to meet established standards and performance metrics, the department can impose financial penalties on the administrator.
Where members believe service standards have not been met, they can use a dispute resolution process to raise this. If dissatisfied with the outcome, they may escalate their complaint to the Pensions Ombudsman for independent review. |
||||||||||||||||||||||||
|
Teachers: Workplace Pensions
Asked by: Mohammad Yasin (Labour - Bedford) Friday 21st November 2025 Question to the Department for Education: To ask the Secretary of State for Education, what steps her Department is taking to ensure that the personal data of members of the Teachers’ Pension Scheme is (a) stored, (b) processed and (c) protected in compliance with the General Data Protection Regulation. Answered by Georgia Gould - Minister of State (Education) Details of how personal data is processed and stored are outlined in the Teachers’ Pension Scheme (TPS) privacy notice which is available here: https://www.teacherspensions.co.uk/-/media/documents/member/factsheets/gdpr/dfe-privacy-notice-gdpr-v12-march-2023-for-web.ashx?rev=a6788c6aa67e4ac7b3d3f4df74462add&hash=ACAAEF10BB57B5814744376B519FABA1. The TPS complies fully with the General Data Protection Regulation (GDPR) 2018 and the Data Protection Act 2018. For members requiring additional communication support, the contact us page provides alternative communication options. The scheme also meets the requirements of the Equality Act 2010 and is committed to ensuring accessibility for all members and employers. The accessibility statement on the TPS website explains how the site is designed to be inclusive and is available here: https://www.teacherspensions.co.uk/public/accessibility.aspx.
To maintain service standards, the department monitors the administrator against agreed performance metrics, set out in the TPS administration contract, through established governance arrangements. If contract administration fails to meet established standards and performance metrics, the department can impose financial penalties on the administrator.
Where members believe service standards have not been met, they can use a dispute resolution process to raise this. If dissatisfied with the outcome, they may escalate their complaint to the Pensions Ombudsman for independent review. |
||||||||||||||||||||||||
|
Veterans: Identity Cards
Asked by: Ben Maguire (Liberal Democrat - North Cornwall) Wednesday 19th November 2025 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology, with reference to the Data Protection Act 2018 and Article 5 of the United Kingdom General Data Protection Regulation, what assessment her Department has made of the adequacy of the safeguards to ensure that personal data gathered through the digital Veteran Card service is not shared across Government departments without the explicit consent of the veteran. Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology) The Department has conducted a data protection impact assessment (DPIA) for the digital Veteran Card, approved by the One Login Senior Responsible Officer and the Department for Science, Innovation and Technology’s Data Protection Officer, in consultation with the Information Commissioner’s Office (ICO). A Data Sharing Agreement governs processing between the Ministry of Defence and the Department for Science, Innovation and Technology and ensures that data is only used for its intended and agreed purpose. Personal data is stored locally on the veteran’s mobile device and is only shared when the veteran actively chooses to present their digital card. There is no automatic cross-government data sharing. Veterans retain full control of their data and can delete their card at any time. |
||||||||||||||||||||||||
|
NHS: Databases
Asked by: Martin Wrigley (Liberal Democrat - Newton Abbot) Monday 17th November 2025 Question to the Department of Health and Social Care: To ask the Secretary of State for Health and Social Care, pursuant to the Answer of 15 July to Question 65984 on NHS Databases, what assessment he has made of the challenges of hosting the NHS Federated Data Platform on cloud services. Answered by Zubir Ahmed - Parliamentary Under-Secretary (Department of Health and Social Care) The NHS Federated Data Platform (FDP) Programme Team in NHS England have conducted a comprehensive assessment of the technical, operational, regulatory, and public trust considerations associated with hosting the platform on cloud services.
It is a contractual requirement that all processing and storage of patient information take place within the United Kingdom. Data within the FDP and NHS Privacy Enhancing Technology cannot be accessed by provider personnel or contractors based outside the UK. This is stipulated in the overarching FDP Data Protection Impact Assessment and enforced through technical controls. All data is protected through strong encryption, access controls, and audit trails, in compliance with the UK General Data Protection Regulation and the Data Protection Act 2018. These measures ensure that National Health Service data remains fully under UK jurisdiction.
Robust security measures are in place, including firewalls, intrusion detection and prevention systems, regular penetration testing, and vulnerability scanning. Live service teams continuously monitor the platform to identify and address any issues promptly.
The FDP has been designed to be modular and standards-based, enabling integration with multiple systems and avoiding over-reliance on any single cloud provider.
Following national guidance from the National Cyber Security Centre, the NHS has adopted the 14 cloud security principles as its core means of aligning of cloud and internet security throughout the NHS and healthcare providers. All NHS data stored on cloud services in the UK is encrypted, at rest and in transit, using the highest encryption standards. |
||||||||||||||||||||||||
|
Children's Wellbeing and Schools Bill
Asked by: Esther McVey (Conservative - Tatton) Friday 14th November 2025 Question to the Department for Education: To ask the Secretary of State for Education, what steps her Department is taking to ensure provisions in the Children's Wellbeing and Schools Bill maintain data protection requirements. Answered by Georgia Gould - Minister of State (Education) The department recognises its responsibility to ensure the highest standards of data privacy and transparency in respect of personal data, and we are ensuring that this is prioritised as the Children’s Wellbeing and Schools Bill progresses. We are ensuring that measures outlined in the Bill align with data protection principles, as set out in the Data Protection Act 2018, UK General Data Protection Regulations (UK GDPR) and the Data (Use and Access) Act 2025. The department has met its obligation under Article 36(4) of UK GDPR to consult with the Information Commissioner’s Office (ICO) on all measures involving the use of personal data. We continue to engage with the ICO for measures relating to the single unique identifier and the children not in school. The department is engaging with the ICO to ensure that data protection risks identified are properly mitigated and will publish summaries of the assessments once they are complete. |
||||||||||||||||||||||||
|
Department for Culture, Media and Sport
Asked by: Neil O'Brien (Conservative - Harborough, Oadby and Wigston) Thursday 13th November 2025 Question to the Department for Digital, Culture, Media & Sport: To ask the Secretary of State for Culture, Media and Sport, how many employment tribunal claims have been lodged against her Department in each of the last five years by (a) unfair dismissal and (b) claims under the Equality Act 2010. Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology) In the past 5 years 7 employment tribunals have been lodged against our department. 5 of these claims were under the Equality Act. We cannot provide the number of claims broken down by year or those that were related to unfair dismissal or claims under the Equality Act 2010. Doing so would breach the Data Protection Act and risk identifying individual cases where the case count is five or less, as the information relates to someone other than the data subjects. |
||||||||||||||||||||||||
|
Department for Culture, Media and Sport: Performance Appraisal
Asked by: Neil O'Brien (Conservative - Harborough, Oadby and Wigston) Thursday 13th November 2025 Question to the Department for Digital, Culture, Media & Sport: To ask the Secretary of State for Culture, Media and Sport, how many performance reviews were undertaken for staff in (a) her Department and (b) its agencies in each of the last five years; in how many cases performance was rated as unsatisfactory or below; how many staff left as a result of such a rating; and what proportion of full-time equivalent staff this represented. Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology) All DCMS staff are subject to regular performance reviews. Under performance management procedures, reviews should take place monthly, quarterly and at the end of each financial year. We hold data for managing poor performance cases these are provided below for the last 5 years:
Of the 61 performance management cases, 11 employees were either dismissed or resigned. We cannot provide the number of performance cases that resulted in either resignation or dismissal for each of the past five years because doing so would breach the Data Protection Act. This is due to the risk of identifying individual cases in years where the case count is five or less, as the information relates to someone other than the data subjects.
DCMS does not hold performance data in regards to its arms-length bodies and agencies.
|
||||||||||||||||||||||||
|
Department for Culture, Media and Sport: Conditions of Employment
Asked by: Neil O'Brien (Conservative - Harborough, Oadby and Wigston) Thursday 13th November 2025 Question to the Department for Digital, Culture, Media & Sport: To ask the Secretary of State for Culture, Media and Sport, how many staff in her Department (a) did not retain employment following completion of their probationary period and (b) had their probationary period extended in each of the last five years. Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology) In the last five years 43 members of staff were subject to management procedures during their probationary period. Of these cases 13 employees did not retain their employment and 6 employees were subject to an extension of their probationary period. We cannot provide the number of staff who did not retain their employment or had their probationary period extended. Doing so would breach the Data Protection Act and risk identifying individual cases where the case count is five or less, as the information relates to someone other than the data subjects. |
||||||||||||||||||||||||
|
Jared Taylor
Asked by: Rupa Huq (Labour - Ealing Central and Acton) Wednesday 12th November 2025 Question to the Home Office: To ask the Secretary of State for the Home Department, for what reason Jared Taylor was permitted to attend the Patriotic Alternative Conference in October 2025. Answered by Dan Jarvis - Minister of State (Cabinet Office) In accordance with the requirements of the Data Protection Act 2018, I am unable to comment on the immigration status of individuals. |
||||||||||||||||||||||||
|
Afghanistan: Home Country Nationals
Asked by: Rupert Lowe (Independent - Great Yarmouth) Wednesday 5th November 2025 Question to the Ministry of Defence: To ask the Secretary of State for Defence, whether his Department cited (a) national security and (b) public interest exemptions under the Data Protection Act 2018 in relation to the Afghan data breach disclosed in 2021. Answered by Luke Pollard - Minister of State (Ministry of Defence) The Ministry of Defence (MOD) reported several personal data incidents to the Information Commissioner’s Office (ICO) in 2021, under the previous administration, in which individuals seeking Afghan Relocations and Assistance Policy (ARAP) support were identified to each other by the sender using the “to” rather than the “bcc” email field.
When MOD engaged with the ICO in relation to these incidents, the Department highlighted the national security context and the ICO accepted the urgent and pressurised circumstances under which the incidents occurred, although they decided that a monetary penalty notice was still justified. The MOD cooperated extensively with the ICO in addressing these incidents, recognising the severity of what happened and working to improve compliance going forward.
|
||||||||||||||||||||||||
|
Data Protection
Asked by: Neil Duncan-Jordan (Labour - Poole) Tuesday 4th November 2025 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology, what steps she is taking to ensure individual personal data is secure. Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology) All organisations in the UK that process personal data have to comply with the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Amongst other things, the legislation requires organisations to have appropriate technical and security measures in place to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. Under the Data (Use and Access) Act, the Information Commissioner, the UK’s independent regulator for data protection, will have strengthened enforcement powers to hold organisations accountable in a rapidly evolving digital landscape. |
||||||||||||||||||||||||
|
Local Government: Elections
Asked by: James Cleverly (Conservative - Braintree) Monday 3rd November 2025 Question to the Ministry of Housing, Communities and Local Government: To ask the Secretary of State for Housing, Communities and Local Government, pursuant to the Answer of 16 September 2025 to Question 76608 on Local Government: Elections, whether the information sharing gateway will include powers to share information (a) to and (b) from (i) political parties and (ii) other regulators. Answered by Samantha Dixon - Parliamentary Under-Secretary (Housing, Communities and Local Government) The Government intends to provide the Electoral Commission with an explicit statutory gateway that will enable it to disclose information to certain regulators and enforcement authorities for the purpose of assisting those bodies in carrying out their statutory functions. The gateway will not include political parties. This will provide a solid legal foundation for the Commission to disclose information on cross-cutting issues such as foreign interference and data protection, nurturing a more collaborative and effective regulatory environment. Any disclosures will remain subject to UK GDPR and the Data Protection Act 2018. |
||||||||||||||||||||||||
|
Metropolitan Police: Subject Access Requests
Asked by: Bell Ribeiro-Addy (Labour - Clapham and Brixton Hill) Thursday 30th October 2025 Question to the Home Office: To ask the Secretary of State for the Home Department, what discussions her Department has had with the Metropolitan Police Service on the level of its compliance with its statutory obligations (a) under the Data Protection Act 2018 and (b) with GDPR in relation to Subject Access Requests from members of the public. Answered by Sarah Jones - Minister of State (Home Office) Compliance with data protection obligations, including the handling of Subject Access Requests (SARs), is the responsibility of individual police forces. The Information Commissioner’s Office (ICO) produces guidance for organisations on how to comply with data protection law. The Data (Use and Access) Act received Royal Assent in June 2025 and includes some changes to data protection obligations while maintaining high standards of protection for personal data. |
| Department Publications - Consultations |
|---|
|
Friday 28th November 2025
Department for Energy Security & Net Zero Source Page: Carbon capture, usage and storage (CCUS): Ensuring fair access to CO2 infrastructure Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Thursday 27th November 2025
Ministry of Housing, Communities and Local Government Source Page: Support for housebuilding in London Document: (PDF) Found: Section 8(d) of the Data Protection Act 2018 states that this will include processing of personal data |
|
Wednesday 26th November 2025
Ministry of Housing, Communities and Local Government Source Page: Overnight visitor levy in England Document: (PDF) Found: Section 8(d) of the Data Protection Act 2018 states that this will include processing of personal data |
|
Wednesday 26th November 2025
Department for Energy Security & Net Zero Source Page: Gas system in transition: security of supply Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Wednesday 26th November 2025
Department for Energy Security & Net Zero Source Page: Low Carbon Contracts Company and Electricity Settlements Company operational costs: 2026/27, 2027/28 and 2028/29 Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Tuesday 25th November 2025
Department for Energy Security & Net Zero Source Page: UK ETS scope expansion: emissions from international maritime voyages Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Thursday 20th November 2025
Department for Digital, Culture, Media & Sport Source Page: Earned settlement Document: (PDF) Found: : • Any personal information you provide will be handled in strict accordance with the Data Protection Act |
|
Wednesday 19th November 2025
Department for Business and Trade Source Page: Make Work Pay: draft code of practice on electronic and workplace balloting for statutory union ballots Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Tuesday 18th November 2025
Department for Energy Security & Net Zero Source Page: Exploring the role of alternative clean heating solutions Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Monday 3rd November 2025
Department for Energy Security & Net Zero Source Page: Capacity Market: proposal regarding locational changes of Capacity Market Units Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Friday 31st October 2025
Department for Energy Security & Net Zero Source Page: Renewables Obligation (RO) scheme: indexation changes Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Friday 31st October 2025
Department for Energy Security & Net Zero Source Page: Feed-in Tariffs (FiT) scheme: indexation changes Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Thursday 30th October 2025
Cabinet Office Source Page: Consultation: Proposed changes to the infected blood compensation scheme Document: Consultation: Proposed changes to the infected blood compensation scheme (webpage) Found: accordance with data protection legislation, including the General Data Protection Regulation and Data Protection Act |
|
Wednesday 29th October 2025
Home Office Source Page: Extending the Right to Work Scheme Document: (webpage) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Tuesday 28th October 2025
Department for Energy Security & Net Zero Source Page: UK Emissions Trading Scheme: Regional aviation connectivity Document: (PDF) Found: Aviation) DfT Yr Adran Drafnidiaeth (Department for Transport) DPA Deddf Diogelu Data (Data Protection Act |
|
Tuesday 28th October 2025
Department for Energy Security & Net Zero Source Page: UK Emissions Trading Scheme: Regional aviation connectivity Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
| Department Publications - Guidance |
|---|
|
Friday 28th November 2025
Foreign, Commonwealth & Development Office Source Page: Building Peace and Stability in Iraq programme Document: FCDO’s due diligence assessment process (webpage) Found: Environmental Information Regulations 2004, the UK General Data Protection Regulation, the Data Protection Act |
|
Wednesday 19th November 2025
Department for Business and Trade Source Page: People with significant control: guidance on regime for legal entities Document: (PDF) Found: exempt from the second, third, fourth and fifth data protection principles in Schedule 1 to the Data Protection Act |
|
Tuesday 18th November 2025
Department of Health and Social Care Source Page: Intellectual property (IP) guidance for the NHS in England Document: (webpage) Found: protection and privacy legislation in force from time to time in the UK including the UK GDPR; the Data Protection Act |
|
Tuesday 18th November 2025
Department of Health and Social Care Source Page: Intellectual property (IP) guidance for the NHS in England Document: (webpage) Found: protection and privacy legislation in force from time to time in the UK including the UK GDPR; the Data Protection Act |
|
Friday 14th November 2025
Department for Science, Innovation & Technology Source Page: Keeping your domain name secure Document: Keeping your domain name secure (webpage) Found: When setting up digital services, additional laws and standard you must follow include the: Data Protection Act |
|
Tuesday 11th November 2025
Cabinet Office Source Page: Taking part in the National Fraud Initiative Document: Taking part in the National Fraud Initiative (webpage) Found: notices and current data protection legislation applicable in the UK Data protection legislation (Data Protection Act |
|
Wednesday 5th November 2025
Department for Education Source Page: School exclusion reviews data collection Document: (PDF) Found: and data sharing 4 1.1 Legal duties under the UK General Data Protection Regulation and the Data Protection Act |
|
Friday 24th October 2025
Department for Education Source Page: School-based Nursery Capital Grant 2025 to 2026 Document: terms and conditions (PDF) Found: Data P rotection Legislation” means (i) the UK GDPR as amended from time to time; (ii) the Data Protection Act |
| Department Publications - Transparency |
|---|
|
Thursday 27th November 2025
Cabinet Office Source Page: Civil Service Commission annual report and accounts 2024 to 2025 Document: (PDF) Found: We also received 20 data subject requests under the Data Protection Act 2018 (two in 2023 to 2024) |
|
Thursday 30th October 2025
Ministry of Justice Source Page: Ministry of Justice annual report and accounts: 2024 to 2025 Document: (PDF) Found: compensation for miscarriages of justice, and refusal to provide legal aid funding 5 0.2 Headquarters Data Protection Act |
|
Thursday 30th October 2025
Ministry of Justice Source Page: Ministry of Justice annual report and accounts: 2024 to 2025 Document: (PDF) Found: compensation for miscarriages of justice, and refusal to provide legal aid funding 5 0.2 Headquarters Data Protection Act |
| Department Publications - Statistics |
|---|
|
Thursday 27th November 2025
Ministry of Justice Source Page: HM Prison & Probation Service Staff Equalities Report: 2024-2025 Document: (ODS) Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018. . |
|
Thursday 27th November 2025
Ministry of Justice Source Page: HMPPS Offender Equalities Annual Report 2024 to 2025 Document: (PDF) Found: suppressed to prevent disclosure, and identification of individuals, in accordance with the Data Protection Act |
|
Thursday 27th November 2025
Ministry of Justice Source Page: HMPPS Offender Equalities Annual Report 2024 to 2025 Document: (PDF) Found: aggregate totals, preventing identification of individuals and infringement of the GDPR and Data Protection Act |
|
Thursday 20th November 2025
Department for Science, Innovation & Technology Source Page: Research on mapping the AI and software cyber security services market Document: Research on mapping the AI and software cyber security services market (webpage) Found: will be handled in accordance with the UK General Data Protection Regulation (GDPR) and the Data Protection Act |
|
Thursday 6th November 2025
Ministry of Defence Source Page: Defence personnel health and safety statistics: financial year 2024/25 Document: (PDF) Found: for Information - General User training and they understand their responsibilities under the Data Protection Act |
|
Thursday 30th October 2025
Ministry of Justice Source Page: Proven reoffending statistics: October to December 2023 Document: (PDF) Found: (Trustworthiness pillar, T6 Data governance) To comply with this and with the Data Protection Act of |
|
Friday 24th October 2025
Department for Business and Trade Source Page: Director perceptions of Section 172 of the Companies Act Document: (PDF) Found: The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 (DPA) Ipsos |
| Department Publications - Policy paper |
|---|
|
Wednesday 19th November 2025
Home Office Source Page: Law Enforcement Data Service: equality impact assessment 2025 Document: (PDF) Found: statistics and information about missing - Missing People 23 In compliance to section 62 of the Data Protection Act |
|
Wednesday 5th November 2025
Home Office Source Page: Policy on sensitive processing for law enforcement purposes, under Part 3 DPA (2018) Document: (PDF) Found: produced in accordance with its obligations under sections 35(4) and 35(5) of Part 3 of the Data Protection Act |
|
Wednesday 5th November 2025
Home Office Source Page: Appropriate policy document: processing special categories and criminal convictions data under UK GDPR and Part 2 DPA (2018) Document: (PDF) Found: special category data although not prescribed under Article 9(1) UK GDPR or Part 2 of the Data Protection Act |
|
Wednesday 5th November 2025
Home Office Source Page: Immigration Enforcement: live facial recognition legal mandate Document: (PDF) Found: Common law power Regulating the use of LFR a) Equality Act 2010 b) Human Rights Act 1998 c) Data Protection Act |
|
Wednesday 5th November 2025
Home Office Source Page: Live facial recognition: equality impact assessment (EIA) Document: (PDF) Found: within 31 days, except in the following examples when it is retained: • in accordance with the Data Protection Act |
|
Wednesday 5th November 2025
Home Office Source Page: Immigration Enforcement facial recognition policy Document: (PDF) Found: Part 3 of the Data Protection Act 2018 c. UK General Data Protection Regulation d. |
|
Wednesday 5th November 2025
Home Office Source Page: Live facial recognition standard operating procedures Document: (PDF) Found: ; and d) must, from a Data Protection Act 2018 perspective, articulate that it is strictly necessary |
| Department Publications - Policy and Engagement |
|---|
|
Wednesday 12th November 2025
Department for Science, Innovation & Technology Source Page: Cyber Security and Resilience (Network and Information Systems) Bill: supporting documents Document: (PDF) Found: Interaction with other regulations (Telecommunications (Security) Act 2021, Data Protection Act 2018 |
|
Friday 7th November 2025
Department for Science, Innovation & Technology Source Page: Revocation of the 2 GHz Mobile Satellite Services Regulations Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Thursday 6th November 2025
HM Treasury Source Page: Anti-Money Laundering and Counter-Terrorist Financing Supervision Reform: Duties, Powers, and Accountability Consultation Document: (PDF) Found: with firms to improve their own risk assessments where appropriate to do so under UK GDPR/Data Protection Act |
|
Friday 31st October 2025
Department for Science, Innovation & Technology Source Page: Data (Use and Access) Act: supporting documents Document: (PDF) Found: UK businesses identify many benefits of the UK GDPR14 and the Data Protection Act 2018 (DPA 2018) for |
|
Thursday 30th October 2025
Department of Health and Social Care Source Page: DHSC evidence for the DDRB: pay round 2026 to 2027 Document: (ODS) Found: Data is obscured where the annual headcount for a staff group is 500 or less, in line with The Data Protection Act |
|
Thursday 30th October 2025
Department of Health and Social Care Source Page: DHSC evidence for the NHSPRB: pay round 2026 to 2027 Document: (ODS) Found: Data is obscured where the annual headcount for a staff group is 500 or less, in line with The Data Protection Act |
|
Wednesday 29th October 2025
Ministry of Justice Source Page: Whiplash reforms post-implementation review Document: (PDF) Found: to information regimes (these are primarily the Freedom of Information Act 2000 (FOIA), the Data Protection Act |
|
Monday 27th October 2025
HM Treasury Source Page: Bank Referral Scheme: Consultation and call for evidence Document: (PDF) Found: explains your relevant rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act |
| Non-Departmental Publications - Guidance and Regulation |
|---|
|
Nov. 28 2025
Office of Financial Sanctions Implementation Source Page: OFSI General Licence INT/2022/2349952 Document: (PDF) Guidance and Regulation Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act |
|
Nov. 26 2025
Serious Fraud Office Source Page: SFO Guidance on Evaluating a Corporate Compliance Programme Document: The AFA Prevent Guidance (PDF) Guidance and Regulation Found: introduced, the procedure must indicate the provisions that ensure compliance with the terms of the Data Protection Act |
|
Nov. 19 2025
Companies House Source Page: People with significant control: guidance on regime for legal entities Document: (PDF) Guidance and Regulation Found: exempt from the second, third, fourth and fifth data protection principles in Schedule 1 to the Data Protection Act |
|
Nov. 11 2025
Defence and Security Accelerator Source Page: Delivering Future Advantage through Testing and Evaluation (Phase 1) Document: (PDF) Guidance and Regulation Found: In this clause, "data protection legislation" has the same meaning as in the Data Protection Act 2018 |
|
Nov. 11 2025
Regulator of Social Housing Source Page: Memorandum of Understanding between the Regulator of Social Housing and The Charity Commission for England and Wales Document: (PDF) Guidance and Regulation Found: accordance with arrangements under this MoU each party will ensure that they fully comply with the Data Protection Act |
|
Oct. 31 2025
Government Digital Service Source Page: GOV.UK app privacy notice: how we use your data Document: GOV.UK app privacy notice: how we use your data (webpage) Guidance and Regulation Found: law also requires DSIT to meet a specific substantial public interest condition from the UK Data Protection Act |
|
Oct. 29 2025
Government Office for Technology Transfer Source Page: Re-use of Public Sector Information Regulations 2015 and Crown copyright in Knowledge Asset Commercialisation Document: (PDF) Guidance and Regulation Found: that would be excluded from disclosure under information access legislation (for example, Data Protection Act |
|
Oct. 28 2025
Defence and Security Accelerator Source Page: Competition: Defence Innovation Loans FY25/26 Cycle 5 Document: (PDF) Guidance and Regulation Found: We particularly draw to your attention the Bribery Act 2010, the Data Protection Act 2018, the Fraud |
|
Oct. 23 2025
Office of Financial Sanctions Implementation Source Page: OFSI General Licence - INT/2025/7628424 Document: (PDF) Guidance and Regulation Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act |
|
Oct. 23 2025
Office of the Parliamentary Counsel Source Page: Common Legislative Solutions: a guide to tabling policy issues Document: (PDF) Guidance and Regulation Found: If so, the interaction with the Data Protection Act 2018 – and related ECHR issues – would need careful |
| Non-Departmental Publications - Transparency |
|---|
|
Nov. 27 2025
Animal and Plant Health Agency Source Page: Animal and Plant Health Agency annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: ensure access to information is managed correctly in line with data protection legislation (Data Protection Act |
|
Nov. 24 2025
UK Research and Innovation Source Page: UKRI Framework Document 2025 Document: (PDF) Transparency Found: information is received by either party under the Freedom of Information Act 2000, or the Data Protection Act |
|
Oct. 23 2025
Building Digital UK Source Page: Building Digital UK Annual Report and Accounts 2024 - 2025 Document: (PDF) Transparency Found: work to ensure BDUK complies with the UK General Data Protection Regulation 2018 and the Data Protection Act |
| Non-Departmental Publications - Policy paper |
|---|
|
Nov. 27 2025
National Data Guardian Source Page: Using data in reflective practice to support safe care Document: Information Governance Review (PDF) Policy paper Found: It says breaches of the Data Protection Act are usually the result of lack of due consideration. |
|
Nov. 11 2025
The Charity Commission Source Page: Memorandum of Understanding between the Regulator of Social Housing & The Charity Commission for England and Wales Document: (PDF) Policy paper Found: accordance with arrangements under this MoU each party will ensure that they fully comply with the Data Protection Act |
|
Nov. 05 2025
Immigration Enforcement Source Page: Policy on sensitive processing for law enforcement purposes, under Part 3 DPA (2018) Document: (PDF) Policy paper Found: produced in accordance with its obligations under sections 35(4) and 35(5) of Part 3 of the Data Protection Act |
|
Nov. 05 2025
Immigration Enforcement Source Page: Appropriate policy document: processing special categories and criminal convictions data under UK GDPR and Part 2 DPA (2018) Document: (PDF) Policy paper Found: special category data although not prescribed under Article 9(1) UK GDPR or Part 2 of the Data Protection Act |
|
Nov. 05 2025
Immigration Enforcement Source Page: Immigration Enforcement: live facial recognition legal mandate Document: (PDF) Policy paper Found: Common law power Regulating the use of LFR a) Equality Act 2010 b) Human Rights Act 1998 c) Data Protection Act |
|
Nov. 05 2025
Immigration Enforcement Source Page: Live facial recognition: equality impact assessment (EIA) Document: (PDF) Policy paper Found: within 31 days, except in the following examples when it is retained: • in accordance with the Data Protection Act |
|
Nov. 05 2025
Immigration Enforcement Source Page: Immigration Enforcement facial recognition policy Document: (PDF) Policy paper Found: Part 3 of the Data Protection Act 2018 c. UK General Data Protection Regulation d. |
|
Nov. 05 2025
Immigration Enforcement Source Page: Live facial recognition standard operating procedures Document: (PDF) Policy paper Found: ; and d) must, from a Data Protection Act 2018 perspective, articulate that it is strictly necessary |
| Non-Departmental Publications - Statistics |
|---|
|
Nov. 27 2025
HM Prison and Probation Service Source Page: HM Prison & Probation Service Staff Equalities Report: 2024-2025 Document: (ODS) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018. . |
|
Nov. 27 2025
HM Prison and Probation Service Source Page: HMPPS Offender Equalities Annual Report 2024 to 2025 Document: (PDF) Statistics Found: suppressed to prevent disclosure, and identification of individuals, in accordance with the Data Protection Act |
|
Nov. 27 2025
HM Prison and Probation Service Source Page: HMPPS Offender Equalities Annual Report 2024 to 2025 Document: (PDF) Statistics Found: aggregate totals, preventing identification of individuals and infringement of the GDPR and Data Protection Act |
|
Nov. 20 2025
HM Prison and Probation Service Source Page: HM Prison & Probation Service workforce quarterly: September 2025 Document: (ODS) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 1998. |
|
Nov. 20 2025
HM Prison and Probation Service Source Page: HM Prison & Probation Service workforce quarterly: September 2025 Document: (ODS) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018. |
|
Nov. 20 2025
HM Prison and Probation Service Source Page: HM Prison & Probation Service workforce quarterly: September 2025 Document: (ODS) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018. |
|
Nov. 20 2025
Planning Inspectorate Source Page: Planning Inspectorate Ministerial Measures - Experimental Statistics 20 November 2025 Document: (PDF) Statistics Found: Responsible for Information training and they understand their responsibilities under the Data Protection Act |
|
Nov. 17 2025
Regulatory Policy Committee Source Page: Cyber Security and Resilience (Network and Information Systems) Bill: impact assessment - RPC opinion (green-rated) Document: (IA) (PDF) Statistics Found: Interaction with other regulations (Telecommunications (Security) Act 2021, Data Protection Act 2018 |
|
Nov. 03 2025
Office for Product Safety and Standards Source Page: Attitudes to product safety among small businesses Document: (PDF) Statistics Found: research agency, operating within the Code of Conduct of the Market Research Society, the Data Protection Act |
| Non-Departmental Publications - Policy and Engagement |
|---|
|
Nov. 26 2025
Office for Zero Emission Vehicles Source Page: Solar on car parks and electric vehicle charging Document: (PDF) Policy and Engagement Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
| Non-Departmental Publications - Open consultation |
|---|
|
Nov. 10 2025
Marine Management Organisation Source Page: ICES area 7d and 7e king scallop dredge fishery closure 2026 & 2027 Document: (PDF) Open consultation Found: about your individual rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act |
|
Oct. 31 2025
Northern Ireland Executive Source Page: Renewables Obligation (RO) scheme: indexation changes Document: (PDF) Open consultation Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Oct. 30 2025
Infected Blood Compensation Authority Source Page: Consultation: Proposed changes to the infected blood compensation scheme Document: Consultation: Proposed changes to the infected blood compensation scheme (webpage) Open consultation Found: accordance with data protection legislation, including the General Data Protection Regulation and Data Protection Act |
|
Oct. 29 2025
Immigration Enforcement Source Page: Extending the Right to Work Scheme Document: (webpage) Open consultation Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
| Non-Departmental Publications - Services |
|---|
|
Nov. 05 2025
Forestry Commission Source Page: Change your England Woodland Creation Offer agreement Document: (PDF) Services Found: We or our appointed agents may also use it, in keeping with the safeguards of the Data Protection Act |
| Non-Departmental Publications - News and Communications |
|---|
|
Oct. 31 2025
HM Inspectorate of Constabulary and Fire & Rescue Services Source Page: Super-complaint on Service Police access to victims’ work emails and internet browser history Document: (PDF) News and Communications Found: Information and Communications Technology and Services (ICT&S) - GOV.UK accordance with the Data Protection Act |
| Welsh Committee Publications |
|---|
|
Thursday 27th November 2025
PDF - Notice of Amendments - 27 November 2025 (PDF 276KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Irranca-Davies 16 Section 24, page 12, after line 21, insert— ‘( ) But see also section 183A of the Data Protection Act |
|
PDF - Supplementary LCM Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Bus Services (No.2) Bill Found: no longer needed as a result of the general data protection override in section 183A of the Data Protection Act |
|
PDF - report Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Bus Services (No.2) Bill Found: longer needed as a result of the general data protection override in section 183A of the Data Protection Act |
|
PDF - Supplementary LCM Inquiry: The Welsh Government’s Legislative Consent Memoranda on the Mental Health Bill Found: no longer necessary because of the general data protection override in section 183A of the Data Protection Act |
|
PDF - Bill Inquiry: Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements |
|
PDF - Llywodraeth Cymru: Tabl Diben ac Effaith - 17 Tachwedd 2025 Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: Housing Registers as they are no longer required as a consequence of section 183A of the Data Protection Act |
|
PDF - Welsh Government: Purpose and effect table - 17 November 2025 Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: Housing Registers as they are no longer required as a consequence of section 183A of the Data Protection Act |
|
PDF - Notice of Amendments - 27 November 2025 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Irranca-Davies 16 Section 24, page 12, after line 21, insert— ‘( ) But see also section 183A of the Data Protection Act |
| Welsh Senedd Debates |
|---|
|
2. Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill: Evidence Session 1
None speech (None words) Wednesday 5th November 2025 - None |
| Welsh Senedd Speeches |
|---|
|
No Department |