Data Protection Act 2018

Alert Sample

View the Parallel Parliament page for the Data Protection Act 2018

Information since 24 Nov 2025, 7:07 a.m.

Data Protection Act 2018 mentioned

Parliamentary Debates
Children’s Wellbeing and Schools Bill 107 speeches (21,672 words) Wednesday 25th March 2026 - Lords Chamber Department for Work and Pensions Mentions: 1: None provision of the data protection legislation (within the meaning given by section 3(9) of the Data Protection Act - Link to Speech
Data (Use and Access) Act 2025 (Consequential Amendments and Transitional Provision) Regulations 2026 9 speeches (1,716 words) Tuesday 17th March 2026 - Grand Committee Mentions: 1: Lord Leong (Lab - Life peer) schedule.Finally, the regulations also contain three minor and technical amendments to the Data Protection Act - Link to Speech
Crime and Policing Bill 106 speeches (29,168 words) Report stage part two Wednesday 11th March 2026 - Lords Chamber Home Office Mentions: 1: None , mentioned in Committee that this could be achieved by a modest and targeted change to the Data Protection Act - Link to Speech
Crime and Policing Bill 89 speeches (22,378 words) Report stage: Part 2 Monday 9th March 2026 - Lords Chamber Home Office Mentions: 1: Lord Hanson of Flint (Lab - Life peer) is already subject to safeguards, including those provided in the Human Rights Act and the Data Protection Act - Link to Speech 2: Lord Davies of Gower (Con - Life peer) including the principles established under the UK general data protection regulation and the Data Protection Act - Link to Speech 3: Lord Hanson of Flint (Lab - Life peer) all circumstances is currently subject to safeguards, such as the Human Rights Act and the Data Protection Act - Link to Speech
Crime and Policing Bill 158 speeches (30,484 words) Report stage: Part 2 Wednesday 4th March 2026 - Lords Chamber Home Office Mentions: 1: Lord Davies of Gower (Con - Life peer) Even the Data Protection Act 2018, the most recent application, is for an era without AI.It is not worth - Link to Speech
Draft Data (Use and Access) Act 2025 (Consequential Amendments and Transitional Provision) Regulations 2026 16 speeches (1,731 words) Wednesday 4th March 2026 - General Committees Department for Digital, Culture, Media & Sport Mentions: 1: Ian Murray (Lab - Edinburgh South) everyone is keeping up.The regulations also contain three minor and technical amendments to the Data Protection Act - Link to Speech 2: Edward Morello (LD - West Dorset) nations of the UK.The changes are technical and administrative, including minor amendments to the Data Protection Act - Link to Speech
Representation of the People Bill 262 speeches (37,568 words) 2nd reading Monday 2nd March 2026 - Commons Chamber Ministry of Housing, Communities and Local Government Mentions: 1: Ben Spencer (Con - Runnymede and Weybridge) She may be aware that during the passage of the Data Protection Act 2018 we had an amendment to help - Link to Speech

Select Committee Documents
Tuesday 7th April 2026 Government Response - Treasury minutes: Government response to the Committee of Public Accounts on the Sixty-seventh report from Session 2024-26 Public Accounts Committee Found: The Data Protection Act 2018 and the General Data Protection Regulation place strict duties on the
Tuesday 7th April 2026 Government Response - Treasury minutes: Government response to the Committee of Public Accounts on the Sixty-sixth report from Session 2024-26 Public Accounts Committee Found: The Data Protection Act 2018 and the General Data Protection Regulation place strict duties on the
Tuesday 7th April 2026 Government Response - Treasury minutes: Government response to the Committee of Public Accounts on the Sity-fourth report from Session 2024-26 Public Accounts Committee Found: The Data Protection Act 2018 and the General Data Protection Regulation place strict duties on the
Tuesday 7th April 2026 Government Response - Treasury minutes: Government response to the Committee of Public Accounts on the Sixty-fifth report from Session 2024-26 Public Accounts Committee Found: The Data Protection Act 2018 and the General Data Protection Regulation place strict duties on the
Tuesday 7th April 2026 Government Response - Treasury minutes: Government response to the Committee of Public Accounts on the Sixty-third report from Session 2024-26 Public Accounts Committee Found: The Data Protection Act 2018 and the General Data Protection Regulation place strict duties on the
Tuesday 7th April 2026 Government Response - Treasury minutes: Government response to the Committee of Public Accounts on the Sixty-second report from Session 2024-26 Public Accounts Committee Found: The Data Protection Act 2018 and the General Data Protection Regulation place strict duties on the
Thursday 26th March 2026 Scrutiny evidence - Submission from the Immigration Law Practitioners’ Association on the Statement of Changes in Immigration Rules (HC 1691) and one linked instrument and Further Information from the Home Office Secondary Legislation Scrutiny Committee Found: instruction, it is open to consider the disclosure of immigration status under the UK GDPR and Data Protection Act
Friday 20th March 2026 Written Evidence - Ministry of Defence ADBRS0032 - Afghan Data Breach and Resettlement Schemes Afghan Data Breach and Resettlement Schemes - Defence Committee Found: The zone owner 1 Data Protection Act 2018 and UK General Data Protection Regulations 2 JSP 441 3 JSP
Thursday 19th March 2026 Written Evidence - Andrew Makower RAR0003 - Restoration and Renewal of Parliament: Costing and governance Public Accounts Committee Found: provisions of the UK General Data Protection Regulation (“the UK GDPR”), as supplemented by the Data Protection Act
Tuesday 17th March 2026 Written Evidence - No 5 Barristers' Chambers CTB0092 - Legislative scrutiny: Courts and Tribunals Bill Legislative scrutiny: Courts and Tribunals Bill - Justice Committee Found: individual judge conviction rates would be resisted on grounds of judicial independence, or the Data Protection Act
Wednesday 4th March 2026 Written Evidence - Information Commissioner’s Office WRP0017 - Written Parliamentary Questions Written Parliamentary Questions - Procedure Committee Found: responsibility for promoting and enforcing the UK General Data Protection Regulation (UK GDPR), the Data Protection Act
Tuesday 3rd March 2026 Written Evidence - Ofsted EYS0138 - Early Years: Improving Support for Children and Families Early Years: Improving support for children and parents - Education Committee Found: beyond legal requirements such as the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Written Answers

Prison Officers: Misconduct
Asked by: Nick Timothy (Conservative - West Suffolk)
Wednesday 25th March 2026

Question to the Ministry of Justice:

To ask the Secretary of State for Justice, how many prison officers have been (a) investigated, (b) disciplined and (c) dismissed for illicit relationships with inmates in each year since 2020, broken down by sex.

Answered by Jake Richards - Assistant Whip

We only hold data on cases where staff were recommended for dismissal, as individuals may choose to resign before a dismissal can be formally enacted. As a result, we have used this field to respond to the question to avoid undercounting the number of people involved. This data can be found in the following tables.

Table 1: Band 3-5 prison officers(1) investigated(2) due to an allegation of 'Inappropriate Relationship with a Prisoner / Ex-Prisoner'

	2019/20	2020/21	2021/22	2022/23	2023/24	2024/25
Female	31	36	24	32	34	31
Male	9	9	4	7	6	11
Total	40	45	28	39	40	42

Table 2: Band 3-5 prison officers facing a conduct and discipline(3), (4)charge of 'Inappropriate Relationship with a Prisoner / Ex-Prisoner'

	2019/20	2020/21	2021/22	2022/23	2023/24	2024/25
Female	9	~	~	12	16	18
Male	3	~	~	5	3	5
Total	12	11	14	17	19	23

Table 3: Band 3-5 prison officers recommended for dismissal following a conduct and discipline(3) charge of 'Inappropriate Relationship with a Prisoner / Ex-Prisoner'

	2019/20	2020/21	2021/22	2022/23	2023/24	2024/25
Female	~	~	~	~	~	~
Male	~	~	~	~	~	~
Total	8	~	~	12	14	~

Notes to tables:

1. Band 3-5 Officers includes Bands 3-4 / Prison Officers (incl specialists), Band 4 / Supervising Officers, and Band 5 / Custodial Managers.

2.    Staff subject to at least one investigation that was concluded during the relevant year.

3.    Conduct and discipline cases are defined as where a penalty has been imposed on a member of HMPPS staff for a reason of conduct.

4.    Staff with at least one conduct and discipline case concluded during the year. Equally staff involved in more than one case during the year are counted only once.

5.    Allegations which meet a criminal threshold will be referred to the Police for investigation. If a criminal justice outcome is secured, this will result in a summary dismissal as per PSI 10/2016 Conduct and Discipline and will not be recorded against a specific ‘type’ of misconduct in the Conduct and Discipline data,

6.    Years run from 1st April to 31st March.

7.    In terms of the Gender data presented, the MoJ HR system holds demographic data on staff.  In the HR system there is a database field called Gender. The Gender field can only be one of two options – male or female. It is filled in for all staff when new staff records are created using details to confirm identity (i.e. name, date of birth, address) from official documentation supplied by the successful job applicant. However, it is possible for this information to be updated in line with departmental policy. The Office for Statistics Regulation recognises that this is an evolving area both for society and statistics, so advice and guidance is likely to change over time.

~ denotes suppressed values of 2 or fewer or other values which would allow values of 2 or fewer to be derived by subtraction. Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018.

Additional Note:

As with all HR databases, extracts are taken at a fixed point in time, to ensure consistency of reporting. However the database itself is dynamic, and where updates to the database are made late, subsequent to the taking of the extract, these updates will not be reflected in figures produced by the extract. For this reason, HR data are unlikely to be precisely accurate.

Lord Mandelson
Asked by: Mike Wood (Conservative - Kingswinford and South Staffordshire)
Thursday 19th March 2026

Question to the Cabinet Office:

To ask the Minister for the Cabinet Office, whether Peter Mandelson has a (a) Ministerial and (b) Civil Service pension.

Answered by Nick Thomas-Symonds - Paymaster General and Minister for the Cabinet Office

In accordance with the Government Financial Reporting Manual, since 2005, information regarding the remuneration and pension interests of Ministers is published in the annual Resource Accounts (as then named) of the relevant departments for the periods an individual served in a qualifying role.

Historical information concerning Lord Mandelson’s Ministerial pension membership during his periods of government service can be found within the relevant departmental annual reports and accounts dating to 2005/6.

Regarding civil service pensions, the Cabinet Office does not disclose personal information relating to specific individuals' pension arrangements. Such information constitutes personal data and is protected under the Data Protection Act 2018 and the UK General Data Protection Regulation. It is a long-standing policy that individuals have a reasonable expectation of privacy regarding their financial affairs and pension entitlements, disclosing such details to a third party would conflict with data protection principles.

Scotland Office: Visas
Asked by: John Hayes (Conservative - South Holland and The Deepings)
Wednesday 18th March 2026

Question to the Scotland Office:

To ask the Secretary of State for Scotland, how many staff within his Department are reliant on a visa for employment.

Answered by Kirsty McNeill - Parliamentary Under-Secretary (Scotland Office)

The Scotland Office has the information that you have requested. However, if a request is made for information and the total figure amounts to five people or fewer, the Scotland Office must consider whether this could lead to the identification of individuals and whether disclosure of this information would be in breach of our statutory obligations under the General Data Protection Regulation and/or the Data Protection Act 2018.

We believe that the release of this information would risk identification of the individual/s concerned. For this reason, the Scotland Office has chosen not to provide the information requested. However, it should not be assumed that the actual figure represented falls at any particular point within this scale; 'five or fewer' is used as a replacement value from which it would be difficult to isolate or extract any individual data.

Public Sector: Artificial Intelligence
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Wednesday 11th March 2026

Question to the Department of Health and Social Care:

To ask His Majesty's Government what assessment they have made of the data protection and confidentiality risks of the deployment of generative AI workplace tools in public sector bodies; and what guidance they have issued regarding the use of those tools in environments handling sensitive or personal data, including NHS organisations.

Answered by Baroness Merron - Parliamentary Under-Secretary (Department of Health and Social Care)

The Government recognises that the deployment of generative artificial intelligence (AI) workplace tools across the public sector presents data protection, confidentiality, and security risks, particularly where these tools may process sensitive or personal data.

The Government has assessed these risks which are addressed within the Artificial Intelligence Playbook for the UK Government and the Generative AI Framework for UK Government, both published in February 2025.

The AI playbook makes clear that public sector organisations must comply with UK data protection law when using generative AI, including the UK General Data Protection Regulation and the Data Protection Act 2018. It emphasises the need for data protection impact assessments, clear accountability, human oversight, and restrictions on the use of generative AI tools in environments handling sensitive or personal data unless appropriate safeguards are in place. The generative AI framework provides detailed guidance on privacy, security, and information governance, including data minimisation, purpose limitation, and preventing the disclosure of personal or confidential information through prompts or outputs.

Specific guidance has also been issued for health and care settings. NHS England has published information governance guidance on the use of AI, which has been reviewed by the Health and Care Information Governance Working Group, including the Information Commissioner's Office and National Data Guardian. This guidance addresses confidentiality, lawful processing, consent, and human oversight, and applies to NHS organisations considering or deploying AI technologies, including generative AI tools. NHS bodies are expected to operate within established information governance frameworks and, where appropriate, adopt local AI governance and acceptable use policies consistent with national guidance.

Judicial Appointments Commission for England and Wales: Freedom of Information
Asked by: Mark Pritchard (Conservative - The Wrekin)
Monday 9th March 2026

Question to the Ministry of Justice:

To ask the Secretary of State for Justice, what discussions he has had with the Judicial Appointment Commission on its use of resources to challenge Freedom of Information requests.

Answered by Sarah Sackman - Minister of State (Ministry of Justice)

The independent Judicial Appointments Commission (JAC) is designated as a public body under the Freedom of Information Act 2000 (FOIA). The JAC is responsible for meeting its statutory obligations under the FOIA and the Data Protection Act 2018, including ensuring requests are handled in line with the relevant legislation. Decisions on the responses to individual Freedom of Information requests, including any associated legal consideration, are for the JAC.

The JAC as a non-departmental public body is responsible for managing its own resources including in relation to meeting its statutory obligations. The governance and accountability arrangements between the Ministry of Justice and the JAC are set out in the framework document agreed in line with HM Treasury’s Managing Public Money, including in relation to governance and financial matters

Hospices and Palliative Care: Artificial Intelligence
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Thursday 5th March 2026

Question to the Department of Health and Social Care:

To ask His Majesty's Government what assessment they have made of the use of artificial intelligence technologies by hospice and palliative care providers; and what safeguards are in place to ensure that those technologies maintain patient safety, data protection and equitable access to high-quality end of life care.

Answered by Baroness Merron - Parliamentary Under-Secretary (Department of Health and Social Care)

No formal assessment has been made of the use of artificial intelligence (AI) technologies by hospices and other palliative care providers. The majority of hospices are independent charitable organisations and so are free to make their own decisions regarding the adoption and deployment of AI tools.

NHS England is dedicated to enabling the safe deployment and adoption of AI technologies, providing clear guidance on approval, implementation, information governance, security, privacy, and controls. NHS England provides guidance on how technologies should be selected, deployed, and scaled to ensure they are safe, effective, and eligible for National Health Service adoption, including accuracy. NHS trusts are expected to ensure that access to the AI tools they employ is safe, ethical, effective, and equitable for all within their remit.

Strict safeguards are in place across the NHS to guarantee patient safety, and data protection. All NHS organisations, including NHS palliative care and end-of-life care services, are expected to comply with Medical Devices Regulations (SI 2002 No 618, as amended) (UK MDR 2002) and digital clinical safety standards.

Providers handling patient data must comply with UK General Data Protection Regulation and the Data Protection Act 2018. Each health organisation is required to appoint a Caldicott Guardian, whose role is to advise on the protection and proper use of health and care data, including where AI is involved.

Hospitals: Artificial Intelligence
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Wednesday 4th March 2026

Question to the Department of Health and Social Care:

To ask His Majesty's Government what assessment they have made of the use of AI tools by NHS hospitals to support clinical documentation, including real-time note-taking systems; and what safeguards are in place to ensure that those tools maintain accuracy, patient safety and data protection.

Answered by Baroness Merron - Parliamentary Under-Secretary (Department of Health and Social Care)

National Health Service hospitals are increasingly using artificial intelligence (AI) tools, such as real-time note-taking systems, to support clinical documentation. Among these, Ambient Voice Technologies (AVT) hold transformative potential to improve both patient care and operational efficiency. These tools have been shown to cut down on the amount of time clinicians spend on paperwork by half, giving them more time to spend on other important tasks, like interacting with their patients.

NHS England is dedicated to enabling the safe deployment and adoption of such technologies, providing clear guidance on approval, implementation, information governance, security, privacy, and controls. National standards and additional guidance will explain how AVT solutions should be selected, deployed, and scaled to ensure they are safe, effective, and eligible for NHS adoption including accuracy.

Strict safeguards are in place across the NHS to guarantee patient safety, and data protection. All NHS organisations must comply with Medical Devices Regulations (SI 2002 No 618, as amended) (UK MDR 2002) and digital clinical safety standards. Providers handling patient data must comply with UK General Data Protection Regulation and the Data Protection Act 2018. Each health organisation is required to appoint a Caldicott Guardian, whose role is to advise on the protection and proper use of health and care data, including where AI is involved.

Department for Culture, Media and Sport: Personnel Management
Asked by: Joshua Reynolds (Liberal Democrat - Maidenhead)
Tuesday 3rd March 2026

Question to the Department for Digital, Culture, Media & Sport:

To ask the Secretary of State for Culture, Media and Sport, how many directors with responsibility for human resources are employed across their department and its executive agencies; and how many of those directors hold professional HR qualifications from the Chartered Institute of Personnel and Development or equivalent professional bodies.

Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology)

We cannot provide the number of HR Directors or details of their professional qualifications. Disclosing this information would breach the Data Protection Act and risk identifying individual staff members because the data concerns five or fewer employees and relates to individuals other than the data subjects. We do not hold data on the qualifications held by employees of DCMS Arms Length Bodies.

Attorney General's Office: Personnel Management
Asked by: Joshua Reynolds (Liberal Democrat - Maidenhead)
Tuesday 3rd March 2026

Question to the Attorney General:

To ask the Solicitor General, how many directors with responsibility for human resources are employed across their department and its executive agencies; and how many of those directors hold professional HR qualifications from the Chartered Institute of Personnel and Development or equivalent professional bodies.

Answered by Ellie Reeves - Solicitor General (Attorney General's Office)

As the number of individuals is five or fewer, across the AGO and the Law Officer Departments, I am unable to disclose the figure. This is to protect against the risk that individuals could be identified, in line with our obligations under the UK GDPR and Data Protection Act 2018.

HM Courts and Tribunals Service: Data Protection
Asked by: Kieran Mullan (Conservative - Bexhill and Battle)
Friday 27th February 2026

Question to the Ministry of Justice:

To ask the Secretary of State for Justice, what data protection safeguards are in place in relation to court lists containing home addresses and dates of birth of individuals, being provided to individuals and organisations by HM Courts & Tribunals Service, either centrally or via individual courts.

Answered by Sarah Sackman - Minister of State (Ministry of Justice)

Home addresses and dates of birth of individuals are not included in Crown Court, County Court, Family Court, High Court, lists of hearings, nor in lists of hearings in the Tribunals.

Standard Lists produced by the Magistrates Court do contain the home addresses and dates of birth of individuals due to appear in court and these lists are only available to approved accredited members of the media, criminal justice partners and other government departments with legitimate reasons for requiring such information.

Standard lists do contain Special Category Data as defined by Data Protection Act 2018. This information is intended to assist the accurate reporting of court proceedings and should be handled appropriately by legal professionals and members of the media.

HMCTS will immediately cease the sharing of this data, if there is concern about how it will be used. Such data is held subject to licencing and can only be shared in agreement with licencing agreements; abiding by those licencing agreements is part of data protection.

Secondary Legislation
Hampshire and the Solent Combined County Authority Regulations 2026 These Regulations establish the Hampshire and the Solent Combined County Authority (“the Combined County Authority”) and confer certain functions of local authorities and other public authorities on the Combined County Authority. Parliamentary Status - Text of Legislation - Draft affirmative Laid: Monday 16th March - In Force: Not stated Found: to the Police and Justice Act 2006 (c. 48) and amended by paragraph 45 of Schedule 19 to the Data Protection Act
Online Safety (CSEA Content Reporting by Regulated User-to-User Service Providers) Regulations 2026 Section 66 of the Online Safety Act 2023 (c. 50) requires certain providers of regulated user-to-user services to report child sexual abuse and exploitation content (“CSEA content”) detected on their internet service to the National Crime Agency (“NCA”). If these providers already have arrangements in place for reporting CSEA content to a foreign agency which is exercising functions similar to the NCA (such as the National Center for Missing & Exploited Children in the United States of America), then this content is not required by section 66 to be reported to the NCA. Home Office Parliamentary Status - Text of Legislation - Made negative Laid: Thursday 12th March - In Force: 7 Apr 2026 Found: section 59 of the Act; “data protection legislation” has the meaning given in section 3(9) of the Data Protection Act

Secondary Legislation

Hampshire and the Solent Combined County Authority Regulations 2026
These Regulations establish the Hampshire and the Solent Combined County Authority (“the Combined County Authority”) and confer certain functions of local authorities and other public authorities on the Combined County Authority.

Parliamentary Status - Text of Legislation - Draft affirmative
Laid: Monday 16th March - In Force: Not stated

Found: to the Police and Justice Act 2006 (c. 48) and amended by paragraph 45 of Schedule 19 to the Data Protection Act

Online Safety (CSEA Content Reporting by Regulated User-to-User Service Providers) Regulations 2026
Section 66 of the Online Safety Act 2023 (c. 50) requires certain providers of regulated user-to-user services to report child sexual abuse and exploitation content (“CSEA content”) detected on their internet service to the National Crime Agency (“NCA”). If these providers already have arrangements in place for reporting CSEA content to a foreign agency which is exercising functions similar to the NCA (such as the National Center for Missing & Exploited Children in the United States of America), then this content is not required by section 66 to be reported to the NCA.
Home Office

Parliamentary Status - Text of Legislation - Made negative
Laid: Thursday 12th March - In Force: 7 Apr 2026

Found: section 59 of the Act; “data protection legislation” has the meaning given in section 3(9) of the Data Protection Act

Department Publications - Guidance
Thursday 9th April 2026 Department for Energy Security & Net Zero Source Page: CCUS East Coast Cluster: NPT Pathfinder selection process Document: (webpage) Found: DESNZ’s legal obligations (including under the Freedom of Information Act 2000 (FOIA), the Data Protection Act
Thursday 9th April 2026 Department for Energy Security & Net Zero Source Page: CCUS East Coast Cluster: NPT Pathfinder selection process Document: (webpage) Found: DESNZ’s legal obligations (including under the Freedom of Information Act 2000 (FOIA), the Data Protection Act
Thursday 9th April 2026 Department for Energy Security & Net Zero Source Page: CCUS East Coast Cluster: NPT Pathfinder selection process Document: (webpage) Found: DESNZ’s legal obligations (including under the Freedom of Information Act 2000 (FOIA), the Data Protection Act
Thursday 9th April 2026 Department for Energy Security & Net Zero Source Page: CCUS East Coast Cluster: NPT Pathfinder selection process Document: (webpage) Found: DESNZ’s legal obligations (including under the Freedom of Information Act 2000 (FOIA), the Data Protection Act
Thursday 9th April 2026 Department for Energy Security & Net Zero Source Page: CCUS East Coast Cluster: NPT Pathfinder selection process Document: (PDF) Found: DevEx Development Expenditure DESNZ Department for Energy Security and Net Zero DPA 2018 Data Protection Act
Thursday 9th April 2026 Department for Energy Security & Net Zero Source Page: CCUS East Coast Cluster: NPT Pathfinder selection process Document: (webpage) Found: DESNZ’s legal obligations (including under the Freedom of Information Act 2000 (FOIA), the Data Protection Act
Wednesday 8th April 2026 Ministry of Housing, Communities and Local Government Source Page: Borderlands Inclusive Growth Deal: Privacy notice Document: Borderlands Inclusive Growth Deal: Privacy notice (webpage) Found: processing your personal data MHCLG will process all data according to the provisions of the Data Protection Act
Tuesday 7th April 2026 Department for Transport Source Page: Rental Vehicle Security Scheme (RVSS) code of practice Document: (webpage) Found: 10 Data Protection Act and the General Data Protection Regulation (GDPR) How will you ensure that your
Tuesday 7th April 2026 Department for Business and Trade Source Page: The Fair Work Agency licensing standards for gangmasters Document: The Fair Work Agency licensing standards for gangmasters (webpage) Found: 5.3     Any information submitted in an application will be processed in accordance with the Data Protection Act
Wednesday 1st April 2026 Cabinet Office Source Page: Spend controls framework Document: chapter 3 of the managing public money guidance (PDF) Found: Further guidance is available on GOV.UK.36 34 For example Freedom of information act 2000, Data protection act
Tuesday 31st March 2026 Cabinet Office Source Page: Procurement Compliance & Oversight Document: Procurement Compliance Service Scope and Remit (PDF) Found: We will handle your personal information in line with the Data Protection Act 2018.
Tuesday 31st March 2026 Cabinet Office Source Page: Procurement Compliance & Oversight Document: Public Procurement Review Service Scope and Remit (PDF) Found: We will handle your personal information in line with the Data Protection Act 2018.
Friday 27th March 2026 Ministry of Defence Source Page: Honours and awards in the armed forces (JSP 761) Document: (PDF) Found: It is given a specific exemption at Schedule 11, paragraph six of the Data Protection Act (DPA) 2018
Thursday 26th March 2026 Department of Health and Social Care Source Page: DHSC statistics: data management and confidentiality statement Document: DHSC statistics: data management and confidentiality statement (webpage) Found: DHSC manages data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act
Thursday 26th March 2026 Department for Transport Source Page: Rail rolling stock procurement: cyber-security Document: (PDF) Found: CatalogueItem/ris-2700-rst-iss-2 4.4 UK Data Protection Regulations & Cyber Regulations a) Data Protection Act
Wednesday 18th March 2026 Foreign, Commonwealth & Development Office Source Page: Prevention of violence against women and girls, response, and women-led organisations in conflict-affected areas of Sudan Document: Accountable grant arrangement template (webpage) Found: Environmental Information Regulations 2004, the UK General Data Protection Regulation (UKGDPR), the Data Protection Act
Thursday 12th March 2026 Ministry of Housing, Communities and Local Government Source Page: MHCLG: records and information management policy Document: MHCLG: records and information management policy (webpage) Found: government, including: Public Records Act 1958 Freedom of Information Act 2000 (FOIA) Data Protection Act
Thursday 5th March 2026 Department for Education Source Page: Information sharing agreement template Document: (webpage) Found: UK data protection laws, including the UK General Data Protection Regulations (UK GDPR), the Data Protection Act
Thursday 5th March 2026 Ministry of Justice Source Page: HMPPS risk assessed access for personnel with lived experience of the criminal justice system policy framework Document: (PDF) Found: All personal information will be held securely and in line with the PSI 03/2018 - The Data Protection Act

Department Publications - Consultations
Wednesday 8th April 2026 Department for Business and Trade Source Page: Make Work Pay: draft code of practice on trade union right of access Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Tuesday 31st March 2026 Department for Business and Trade Source Page: Product regulation: market surveillance and enforcement framework Document: (webpage) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Tuesday 31st March 2026 Department for Business and Trade Source Page: Product regulation: market surveillance and enforcement framework Document: response form (webpage) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Wednesday 25th March 2026 Department for Business and Trade Source Page: Open for business: implementing a UK corporate re-domiciliation regime Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Tuesday 24th March 2026 Department of Health and Social Care Source Page: Reforming the General Medical Council legislative framework Document: (PDF) Found: Data Protection Act 2018 58.—(1) The Data Protection Act 2018(d) is amended as follows.
Tuesday 24th March 2026 Department for Energy Security & Net Zero Source Page: Scheme design for bill discounts for new transmission network infrastructure Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Thursday 12th March 2026 Department for Energy Security & Net Zero Source Page: UK Emissions Trading Scheme: Regulating cross-boundary CCS pipelines Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Tuesday 10th March 2026 Cabinet Office Source Page: Making public services work for you with your digital identity Document: (PDF) Found: Data protection legislation means the UK GDPR, the Data Protection Act 2018 and
Tuesday 10th March 2026 Cabinet Office Source Page: Making public services work for you with your digital identity Document: (PDF) Found: of the Crown, or a government department (paragraph 6, schedule 1, Data Protection Act
Monday 2nd March 2026 Department for Science, Innovation & Technology Source Page: Growing up in the online world: a national consultation Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Monday 2nd March 2026 Department for Science, Innovation & Technology Source Page: Growing up in the online world: a national consultation Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act

Department Publications - Policy and Engagement
Wednesday 8th April 2026 Department for Business and Trade Source Page: Make Work Pay: Transfer of Undertakings (Protection of Employment) Regulations Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Friday 27th March 2026 Department for Energy Security & Net Zero Source Page: Whole energy cyber resilience requirements: reshaping cyber regulation in downstream gas and electricity Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Wednesday 25th March 2026 Department for Energy Security & Net Zero Source Page: Updating standards for local space heating products Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Tuesday 24th March 2026 Department for Energy Security & Net Zero Source Page: Warm Homes Fund: innovative finance for investments and loans Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Monday 23rd March 2026 Department for Energy Security & Net Zero Source Page: UK Emissions Trading Scheme: Treatment of sustainable aviation fuel Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Friday 20th March 2026 Department for Energy Security & Net Zero Source Page: Eskdalemuir seismic array: revised approach to managing onshore wind turbine interference Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Wednesday 18th March 2026 Department for Energy Security & Net Zero Source Page: Permitted development rights for onshore wind turbines in England Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Wednesday 11th March 2026 Department for Energy Security & Net Zero Source Page: Accelerating electricity network connections for strategic demand Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Monday 9th March 2026 Home Office Source Page: Economic crime information sharing Document: (PDF) Found: Money Laundering Suspicious Activity Report DEA 2017 – Digital Economy Act 2017 DPA 2018 – Data Protection Act
Monday 9th March 2026 Home Office Source Page: Economic crime information sharing Document: (webpage) Found: Against Money Laundering Suspicious Activity ReportDEA 2017 – Digital Economy Act 2017DPA 2018 – Data Protection Act
Wednesday 4th March 2026 Department for Energy Security & Net Zero Source Page: Contracts for Difference: Contract amendments to implement Clean Industry Bonus reforms Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act

Department Publications - Policy paper
Tuesday 7th April 2026 Department for Business and Trade Source Page: Fair Work Agency: enforcement policy statement Document: (PDF) Found: There will not be a breach with the requirements of the Data Protection Act (DPA) 2018 (including the
Thursday 2nd April 2026 HM Treasury Source Page: Treasury Minutes – April 2026 Document: (PDF) Found: The Data Protection Act 2018 and the General Data Protection Regulation place strict duties on the
Thursday 2nd April 2026 HM Treasury Source Page: Treasury Minutes – April 2026 Document: (PDF) Found: The Data Protection Act 2018 and the General Data Protection Regulation place strict duties on the
Thursday 26th March 2026 Department for Business and Trade Source Page: Smart Data Strategy Document: (PDF) Found: The ICO enforces compliance with laws such as the UK GDPR and the Data Protection Act 2018, and provides
Thursday 26th March 2026 Department for Business and Trade Source Page: Smart Data Strategy Document: (PDF) Found: The ICO enforces compliance with laws such as the UK GDPR and the Data Protection Act 2018, and provides
Wednesday 11th March 2026 Cabinet Office Source Page: Government response to Humble Address motion of 4 February 2026 Document: (PDF) Found: Notice for Staff in compliance with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act
Monday 9th March 2026 HM Treasury Source Page: HM Treasury Market Engagement Group Document: (PDF) Found: the UK GDPR – Substantial public interest Schedule 1, Part 2, Paragraph 6(2)(b) of the Data Protection Act

Department Publications - Statistics
Wednesday 1st April 2026 Ministry of Justice Source Page: Harnessing English law for economic growth Document: (PDF) Found: Instead, it is leveraging its existing law, in the shape of data protection (the Personal Data Protection Act
Thursday 12th March 2026 Department for Science, Innovation & Technology Source Page: Cyber Resilience Act and AI Act follow-up survey: privacy notice Document: (PDF) Found: as set out in Articles 13 and 14 of UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Wednesday 11th March 2026 Department for Energy Security & Net Zero Source Page: Green home finance products: homeowner awareness and attitudes Document: (PDF) Found: treat all information that you give in strict confidence, in accordance with UK GDPR and the Data Protection Act
Wednesday 11th March 2026 Department for Energy Security & Net Zero Source Page: Green home finance consumer typologies and barriers Document: (PDF) Found: information will be stored and deleted by Verian in compliance with GDPR regulations and the Data Protection act

Non-Departmental Publications - News and Communications
Apr. 08 2026 Legal Aid Agency Source Page: Civil Eligibility Keycard 2026 Document: Means Assessment Guidance – April 2026 (for certificated work) (PDF) News and Communications Found: “DPA 2018" means Data Protection Act 2018. “ECHR” means the European Convention on Human Rights.
Mar. 20 2026 Competition and Markets Authority Source Page: Heating oil market study Document: Statement of Scope (PDF, 203KB) (PDF) News and Communications Found: accordance with the CMA’s obligations under the UK General Data Protection Regulation and the Data Protection Act
Mar. 17 2026 Legal Aid Agency Source Page: Guidance updates for travel and subsistence Document: Criminal Bills Assessment Manual (PDF) News and Communications Found: Evidence at Trial (EPE) 77 7.14 In-House Photocopying 78 7.15 Defence Post-mortems 78 7.16 Data Protection Act
Mar. 17 2026 Legal Aid Agency Source Page: Guidance updates for travel and subsistence Document: Civil Finance Electronic Handbook (PDF) News and Communications Found: Access Requests Subject Access Requests – Copies of Records With the introduction of the Data Protection Act

Non-Departmental Publications - Policy paper
Apr. 07 2026 Fair Work Agency Source Page: Fair Work Agency: enforcement policy statement Document: (PDF) Policy paper Found: There will not be a breach with the requirements of the Data Protection Act (DPA) 2018 (including the
Mar. 03 2026 National Museum of the Royal Navy Source Page: National Museum of the Royal Navy (NMRN) framework document Document: (PDF) Policy paper Found: information is received by either party under the Freedom of Information Act 2000, or the Data Protection Act

Non-Departmental Publications - Transparency
Apr. 07 2026 Arts Council of Wales Source Page: Arts Council of Wales lottery distribution account 2024 to 2025 Document: (PDF) Transparency Found: Security of data We hold large amounts of data and treat seriously our obligations under the Data Protection Act
Mar. 23 2026 Money and Pensions Service Source Page: Money and Pensions Service annual report and accounts: 2024 to 2025 Document: (PDF) Transparency Found: our responsibilities under His Majesty’s Government (HMG) Security Policy Framework and the Data Protection Act
Mar. 23 2026 Money and Pensions Service Source Page: Money and Pensions Service annual report and accounts: 2024 to 2025 Document: (PDF) Transparency Found: our responsibilities under His Majesty’s Government (HMG) Security Policy Framework and the Data Protection Act

Non-Departmental Publications - Guidance and Regulation
Apr. 07 2026 Fair Work Agency Source Page: The Fair Work Agency licensing standards for gangmasters Document: The Fair Work Agency licensing standards for gangmasters (webpage) Guidance and Regulation Found: 5.3     Any information submitted in an application will be processed in accordance with the Data Protection Act
Apr. 02 2026 Forensic Science Regulator Source Page: Management of DNA elimination databases (FSR-GUI-0028) Document: (PDF) Guidance and Regulation Found: this aim must demonstrate respect for the privacy of individuals, and compliance with the Data Protection Act
Mar. 31 2026 HM Revenue & Customs Source Page: Valuation Office's complaints procedure Document: Complaints Authority to Act form (webpage) Guidance and Regulation Found: How the VOA uses the information HMRC is the Data Controller for the VOA under Data Protection Act
Mar. 31 2026 Office of Financial Sanctions Implementation Source Page: OFSI General Licence INT/2022/2300292 Document: (PDF) Guidance and Regulation Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act
Mar. 25 2026 UK Visas and Immigration Source Page: Worker and Temporary Worker sponsor compliance visits: caseworker guidance Document: (PDF) Guidance and Regulation Found: ....................................................................................... 80 Data Protection Act
Mar. 24 2026 UK Defence Innovation Source Page: Competition: Defence Innovation Loans FY26/27 Cycle 1 Document: (PDF) Guidance and Regulation Found: We particularly draw to your attention the Bribery Act 2010, the Data Protection Act 2018, the Fraud
Mar. 20 2026 Planning Inspectorate Source Page: Nationally Significant Infrastructure Projects - Advice on working with public bodies in the infrastructure planning process - Annex D: Environment Agency Document: Nationally Significant Infrastructure Projects - Advice on working with public bodies in the infrastructure planning process - Annex D: Environment Agency (webpage) Guidance and Regulation Found: Agency is also subject to the provisions of the Environmental Information Regulations 2004, the Data Protection Act
Mar. 19 2026 Office of Financial Sanctions Implementation Source Page: OFSI General Licence INT/2026/9247168 Document: (PDF) Guidance and Regulation Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act
Mar. 10 2026 UK Defence Innovation Source Page: Rapid transfusion diagnostics: optimising safety on deployed operations Document: (PDF) Guidance and Regulation Found: In this clause, "data protection legislation" has the same meaning as in the Data Protection Act 2018
Mar. 05 2026 HM Prison and Probation Service Source Page: HMPPS risk assessed access for personnel with lived experience of the criminal justice system policy framework Document: (PDF) Guidance and Regulation Found: All personal information will be held securely and in line with the PSI 03/2018 - The Data Protection Act
Mar. 02 2026 HM Revenue & Customs Source Page: Requesting HMRC data: guidance for public bodies Document: Requesting HMRC data: guidance for public bodies (webpage) Guidance and Regulation Found: sharing must comply with the Commissioners of Revenue and Customs Act 2005, UK GDPR, and the Data Protection Act

Non-Departmental Publications - Open consultation
Apr. 01 2026 Low Pay Commission Source Page: Low Pay Commission consultation 2026 Document: (PDF) Open consultation Found: scientific, historical, or statistical research, in accordance with Article 89 UK GDPR and the Data Protection Act
Mar. 31 2026 Office for Product Safety and Standards Source Page: Product regulation: market surveillance and enforcement framework Document: (webpage) Open consultation Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Mar. 31 2026 Office for Product Safety and Standards Source Page: Product regulation: market surveillance and enforcement framework Document: response form (webpage) Open consultation Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Mar. 27 2026 Ofgem Source Page: Whole energy cyber resilience requirements: reshaping cyber regulation in downstream gas and electricity Document: (PDF) Open consultation Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Mar. 25 2026 The Insolvency Service Source Page: Corporate Civil Enforcement Reforms Document: (PDF) Open consultation Found: including personal information, may be disclosed in accordance with UK legislation (UK GDPR, the Data Protection Act
Mar. 24 2026 The Scottish Government Source Page: Reforming the General Medical Council legislative framework Document: (PDF) Open consultation Found: Data Protection Act 2018 58.—(1) The Data Protection Act 2018(d) is amended as follows.

Non-Departmental Publications - Statistics
Mar. 31 2026 Centre for Connected and Autonomous Vehicles Source Page: Public understanding of vehicle automation terms Document: (PDF) Statistics Found: The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 (DPA) Ipsos

Non-Departmental Publications - Services
Mar. 24 2026 Security Industry Authority Source Page: ACS self-assessment workbook Document: (PDF) Services Found: The applicant organisation needs to be aware of the requirements of the Data Protection Act 2018 and

Non-Departmental Publications - Closed consultation
Mar. 09 2026 Department for Levelling Up, Housing and Communities Source Page: Contractual controls on land: consultation Document: (PDF) Closed consultation Found: Data will be published with regard to obligations and principles under the Data Protection Act 2018

Arms Length Bodies Publications
Apr. 07 2026 NHS England Source Page: Workforce Race Equality Standard: 2025 data analysis report for NHS trusts Document: Workforce Race Equality Standard: 2025 data analysis report for NHS trusts (Excel) Report Found: subject in data which has been de-identified is prohibited and is a criminal offence under the Data Protection Act
Apr. 07 2026 NHS England Source Page: Workforce Disability Equality Standard: 2025 data analysis report for NHS trusts Document: Workforce Disability Equality Standard: 2025 data analysis report for NHS trusts (Excel) Report Found: subject in data which has been de-identified is prohibited and is a criminal offence under the Data Protection Act
Mar. 26 2026 NHS England Source Page: Network Contract Directed Enhanced Service template data processing agreement 2026-27 Document: Network Contract Directed Enhanced Service template data processing agreement (webpage) Policy or strategy Found: legislation in force from time to time in the UK including but not limited to the UK GDPR, the Data Protection Act
Mar. 26 2026 NHS England Source Page: Sub-contract for the provision of services related to the Network Contract DES 2026-27 Document: Sub-contract for the provision of services related to the Network Contract DES 2026-27 (webpage) Policy or strategy Found: force from time to time in the UK including the UK General Data Protection Regulation; the Data Protection Act
Mar. 26 2026 NHS England Source Page: Network Contract Directed Enhanced Service template data sharing agreement 2026-27 Document: Network Contract Directed Enhanced Service template data sharing agreement (webpage) Policy or strategy Found: legislation in force from time to time in the UK including but not limited to the UK GDPR, the Data Protection Act

Draft Secondary Legislation
The Hampshire and the Solent Combined County Authority Regulations 2026 These Regulations establish the Hampshire and the Solent Combined County Authority (“the Combined County Authority”) and confer certain functions of local authorities and other public authorities on the Combined County Authority. Ministry of Housing, Communities and Local Government Found: to the Police and Justice Act 2006 (c. 48) and amended by paragraph 45 of Schedule 19 to the Data Protection Act

Draft Secondary Legislation

The Hampshire and the Solent Combined County Authority Regulations 2026
These Regulations establish the Hampshire and the Solent Combined County Authority (“the Combined County Authority”) and confer certain functions of local authorities and other public authorities on the Combined County Authority.

Ministry of Housing, Communities and Local Government

Found: to the Police and Justice Act 2006 (c. 48) and amended by paragraph 45 of Schedule 19 to the Data Protection Act

Deposited Papers
Wednesday 1st April 2026 Source Page: British Council: Annual Report and Accounts 2024–25. 46p. Document: British_Council_Annual_Report_and_Accounts_2024-25.pdf (PDF) Found: systems and ensure ongoing compliance with the General Data Protection Regulation (GDPR), the UK Data Protection Act
Friday 27th March 2026 Ministry of Housing, Communities and Local Government Source Page: I. The ANUK/Unipol Code of Standards for larger developments for student accommodation NOT managed & controlled by educational establishments. Incl. annexes and appendices. 52p. II. Letter dated 20/03/2026 from Matthew Pennycook MP to the Deposited Papers Clerk regarding a document for deposit in the House libraries. 1p. Document: Approved_ANUK-Unipol_Code_27_Feb_2026.pdf (PDF) Found: satisfied themselves that they have legitimate reason to cite an exemption(s) provided for in the Data Protection Act
Thursday 26th March 2026 Source Page: I. Framework Document. NDPB Charity 2026-2029. The National Portrait Gallery. Incl. annex A. 32p. II. Annex B: Cultural Freedom Bodies’ Freedoms Charter. 8p. III. ANNEX C: Commercial Activities and Reporting Requirements. Document: NPG_DCMS_Framework_Document.pdf (PDF) Found: is received by either party under the Freedom of Information Act 2000, or the Data Protection Act
Thursday 26th March 2026 Source Page: I. Framework agreement between the DHSC and NHS Blood and Transplant. 38p. II. Letter dated 23/03/2026 from Zubir Ahmed MP to the Deposited Papers Clerk regarding a document for deposit in the House libraries. 1p. Document: NHSBT_DHSC_Framework_Agreement_-_PDF_final.pdf (PDF) Found: for information is received by either party under the Freedom of Information Act 2000 or the Data Protection Act
Friday 20th March 2026 Source Page: Framework Document: British Film Institute. Non-departmental public body with charitable status. Incl. annexes. 54p. Document: British_Film_Institute_Framework_Document_2026.pdf (PDF) Found: is received by either party under the Freedom of Information Act 2000, or the Data Protection Act
Wednesday 11th March 2026 Home Office Source Page: Economic crime information sharing: call for evidence. 37p. Document: Call_for_Evidence_Economic_Crime_Information_Sharing_9_3_26.pdf (PDF) Found: Money Laundering Suspicious Activity Report DEA 2017 – Digital Economy Act 2017 DPA 2018 – Data Protection Act
Wednesday 11th March 2026 Ministry of Defence Source Page: I. Framework document for the National Museum of the Royal Navy. 52p. II. Letter dated 09/03/2026 from Louise Sandher-Jones MP to the Deposited Papers clerk regarding a document for deposit in the House libraries. 1p. Document: 20260225_Framework_Document_signed_by_NMRN_and_MOD.pdf (PDF) Found: information is received by either party under the Freedom of Information Act 2000, or the Data Protection Act

Data Protection Act 2018 mentioned in Scottish results

Scottish Government Publications
Wednesday 18th March 2026 Marine Directorate Source Page: Fishing vessel monitoring system (VMS) data for all of the International Council for the Exploration of the Seas (ICES) rectangles in Scotland: EIR release Document: Fishing vessel monitoring system (VMS) data for all of the International Council for the Exploration of the Seas (ICES) rectangles in Scotland: EIR release (webpage) Found: reason why that exception applies is explained in the Annex to this letter.To comply with the Data Protection Act
Wednesday 18th March 2026 Source Page: Scottish Forestry - Revised hydrological assessment information and correspondence regarding Carlinden Burn: EIR release Document: Scottish Forestry - Revised hydrological assessment information and correspondence regarding Carlinden Burn: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th March 2026 Energy and Climate Change Directorate Source Page: Peterhead Carbon Capture Power Station documentation: EIR release Document: Peterhead Carbon Capture Power Station documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th March 2026 Justice Directorate Source Page: Information held by the Justice Directorate relating to the progression of rape and attempted rape cases in Scotland: FOI release Document: Information held by the Justice Directorate relating to the progression of rape and attempted rape cases in Scotland: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th March 2026 Safer Communities Directorate Source Page: Code of Practice on the Exercise by Constables in Scotland of Search Powers Conferred by Sections 289, 303C and 303Z21 of the Proceeds of Crime Act 2002 Document: Code of Practice on the Exercise by Constables in Scotland of Search Powers Conferred by Sections 289, 303C and 303Z21 of the Proceeds of Crime Act 2002 (PDF) Found: shared when in accordance with the Human Rights Act 1998, the Gender Recognition Act 2004, the Data Protection Act
Tuesday 17th March 2026 Children and Families Directorate Source Page: Costs of delivering funded ELC in private, third sector and childminding settings Document: Costs of delivering funded ELC in private, third sector and childminding settings (PDF) Found: All your data will be securely stored by Diffley Partnership in accordance with the Data Protection Act
Monday 16th March 2026 Local Government and Housing Directorate Source Page: Mansion tax documentation: FOI release Document: Mansion tax documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 10th March 2026 Population Health Directorate Source Page: Alcohol and drugs: partnership delivery framework - 2026 Document: Partnership Delivery Framework: Alcohol and Drugs (2026) (PDF) Found: PHS processes personal data under the lawful basis of GDPR and the Data Protection Act 2018, which is
Tuesday 10th March 2026 Propriety and Ethics Directorate Source Page: Scottish Ministerial Code correspondence: FOI release Document: Scottish Ministerial Code correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 10th March 2026 Chief Operating Officer, NHS Scotland Directorate Source Page: Correspondence regarding magnetic resonance imaging (MRI): FOI release Document: Correspondence regarding magnetic resonance imaging (MRI): FOI release (webpage) Found: data of individuals which would contravene data protection principles under the UK GDPR and Data Protection Act
Tuesday 10th March 2026 People Directorate Source Page: Engagement of agency workers information: FOI release Document: Engagement of agency workers information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 10th March 2026 Source Page: Strategic Transport Projects Review (STPR2) correspondence: FOI release Document: Strategic Transport Projects Review (STPR2) correspondence: FOI release (webpage) Found: applicant and disclosure would contravene the data protection principles in Schedule 1 to the Data Protection Act
Tuesday 10th March 2026 Safer Communities Directorate Source Page: Correspondence relating to protests against housing asylum seekers in hotels and which mention right wing ideologies: FOI release Document: Correspondence relating to protests against housing asylum seekers in hotels and which mention right wing ideologies: FOI release (webpage) Found: protection principles in the UK.General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Source Page: Scottish Forestry - Environmental Impact Assessment (EIA) screening opinion workflow and internal documents regarding Carlinden Burn: EIR release Document: Scottish Forestry - Environmental Impact Assessment (EIA) screening opinion workflow and internal documents regarding Carlinden Burn: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Source Page: Scottish Forestry - Environmental Impact Assessment (EIA) screening opinion workflow and internal documents regarding Carlinden Burn: EIR release Document: EIR 202500497166 - Information released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Source Page: Transport Scotland - Connel Bridge maintenance and spend information: EIR release Document: Transport Scotland - Connel Bridge maintenance and spend information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Energy and Climate Change Directorate Source Page: Energy Consents public portal decision materials: EIR release Document: Energy Consents public portal decision materials: EIR release (webpage) Found: remains current and compliant with relevant statutory requirements, including GDPR and the Data Protection Act
Monday 9th March 2026 Source Page: Scottish Forestry felling permission applications and mapping standards queries: EIR Review Document: Scottish Forestry felling permission applications and mapping standards queries: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Children and Families Directorate Source Page: Shetland Islands Council Early Adopter Communities Project funding reports: FOI release Document: Shetland Islands Council Early Adopter Communities Project funding reports: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Energy and Climate Change Directorate Source Page: Windfall tax and energy profits levy correspondence: EIR release Document: Windfall tax and energy profits levy correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 5th March 2026 Digital Directorate Source Page: ScotAccount Equality Impact Assessment Document: ScotAccount Equality Impact Assessment (PDF) Found: The programme also reflects commitments under UK GDPR, the Data Protection Act 2018 and accessibility
Wednesday 4th March 2026 Source Page: Correspondence between Transport Scotland and East Dunbartonshire Council (EDC) regarding 20mph zones: FOI release Document: Correspondence between Transport Scotland and East Dunbartonshire Council (EDC) regarding 20mph zones: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 4th March 2026 Marine Directorate Source Page: Norwegian Mountain Salmon (NMS) correspondence: EIR release Document: Norwegian Mountain Salmon (NMS) correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 4th March 2026 Source Page: Correspondence between Transport Scotland and East Dunbartonshire Council (EDC) regarding 20mph zones: FOI release Document: FOI 202500499806 - Information Released - Attachment 1 - 3 (PDF) Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act
Wednesday 4th March 2026 Source Page: Transport Scotland correspondence regarding CalMac Ferries Ltd offshore workforce: FOI release Document: Transport Scotland correspondence regarding CalMac Ferries Ltd offshore workforce: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 4th March 2026 Marine Directorate Source Page: Consultation on fisheries management for inshore Marine Protected Area (MPA) and Priority Marine Feature (PMF): EIR release Document: Consultation on fisheries management for inshore Marine Protected Area (MPA) and Priority Marine Feature (PMF): EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Marine Directorate Source Page: Correspondence between Fish Health Inspectorate and Loch Duart PLC relating to sea lice levels: EIR release Document: Correspondence between Fish Health Inspectorate and Loch Duart PLC relating to sea lice levels: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Communications and Ministerial Support Directorate Source Page: Correspondence regarding GB News: FOI release Document: Correspondence regarding GB News: FOI release (webpage) Found: out in Article 5(1)(a) of the UK General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Communications and Ministerial Support Directorate Source Page: Emails between Scottish Government and GB News: FOI release Document: Emails between Scottish Government and GB News: FOI release (webpage) Found: out in Article 5(1)(a) of the UK General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Source Page: Transport Scotland - Dundee Airport communications: EIR release Document: Transport Scotland - Dundee Airport communications: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Population Health Directorate Source Page: Correspondence regarding extension of the Sugar Tax (Soft Drinks Industry Levy) and National Treatment Centre programme: FOI release Document: Correspondence regarding extension of the Sugar Tax (Soft Drinks Industry Levy) and National Treatment Centre programme: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Source Page: Scottish Government’s Boycott, Divestment and Sanctions (BDS) Against the State of Israel correspondence: FOI release Document: Scottish Government’s Boycott, Divestment and Sanctions (BDS) Against the State of Israel correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Source Page: Scottish Government’s Boycott, Divestment and Sanctions (BDS) Against the State of Israel correspondence: FOI release Document: FOI 202500491728 - Information Released - Annex (PDF) Found: with the requirements of the General Data Protection Regulation (EU) 2016/679 (the GDPR), the Data Protection Act
Tuesday 3rd March 2026 Marine Directorate Source Page: Scottish Enterprise funding and Moray FLOW-Park project documentation: EIR release Document: Scottish Enterprise funding and Moray FLOW-Park project documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Population Health Directorate Source Page: Right to Recovery Addiction (Scotland) Bill correspondence: FOI release Document: Right to Recovery Addiction (Scotland) Bill correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Marine Directorate Source Page: Correspondence relating to Offshore Solutions Group Ltd, Flow Park Investment Ltd and the Moray FLOW-Park Project: EIR release Document: Correspondence relating to Offshore Solutions Group Ltd, Flow Park Investment Ltd and the Moray FLOW-Park Project: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Justice Directorate Source Page: Aberdeen City Council (Drinking in Public Places) Byelaws 2009 correspondence: FOI release Document: Aberdeen City Council (Drinking in Public Places) Byelaws 2009 correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Marine Directorate Source Page: West of Orkney wind farm application conflict of interest information: EIR Review Document: West of Orkney wind farm application conflict of interest information: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Source Page: Documentation mentioning Irvine Welsh and Scottish Fiscal Commission: FOI release Document: Documentation mentioning Irvine Welsh and Scottish Fiscal Commission: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Constitution Directorate Source Page: Correspondence to the First Minister regarding A Fresh Start with Independence: FOI release Document: Correspondence to the First Minister regarding A Fresh Start with Independence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Source Page: Information relating to works on the Carlinden Burn site: EIR release Document: Information relating to works on the Carlinden Burn site: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Source Page: Ecological, wildlife and habitat information for Carlinden Burn: EIR release Document: Ecological, wildlife and habitat information for Carlinden Burn: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Constitution Directorate Source Page: Correspondence to the Deputy First Minister and Cabinet Secretary for Economy and Gaelic regarding A Fresh Start with Independence: FOI release Document: FOI 202500498553 - Information Released - Annex A and Annex B (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Equality, Inclusion and Human Rights Directorate Source Page: Scottish Catholic Church communications regarding the COVID pandemic: FOI Review Document: Scottish Catholic Church communications regarding the COVID pandemic: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Source Page: Scottish Forestry - Bowden Moor tree felling application details: EIR release Document: Scottish Forestry - Bowden Moor tree felling application details: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Agriculture and Rural Economy Directorate Source Page: Future Farming Investment Scheme (FFIS) data: EIR release Document: FOI 202600500681 - Information Released - Annex A (PDF) Found: outlined in Article 5(1) of the General Data Protection Regulation (GDPR) and Section 34(1) of the Data Protection Act
Monday 2nd March 2026 Children and Families Directorate Source Page: Correspondence from clinicians regarding the proposed downgrade of Wishaw Neonatal Unit: FOI release Document: Correspondence from clinicians regarding the proposed downgrade of Wishaw Neonatal Unit: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Chief Operating Officer, NHS Scotland Directorate Source Page: Correspondence regarding United Kingdom Internal Market Act 2020 (UKIMA) for the Non-surgical Procedures and Functions of Medical Reviewers (Scotland) Bill: FOI release Document: FOI 202500498378 - Information Released - Annex A and Annex B (PDF) Found: regulate the relationship between FOISA, the UK General Data Protection Regulation and the Data Protection Act
Monday 2nd March 2026 Source Page: Transport Scotland - Small Vessel Replacement Project Gateway Review information: EIR release Document: Transport Scotland - Small Vessel Replacement Project Gateway Review information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Friday 27th February 2026 Children and Families Directorate Source Page: National Transitions to Adulthood Strategy for Young Disabled People – Supplementary Report Document: Supplementary report for Transitions Strategy for Disabled Young People (PDF) Found: Collaboration, including information sharing that is in keeping with the Data Protection Act (2018),
Thursday 26th February 2026 Source Page: Scottish Pubs Code: guidance for tied pub tenants and pub companies Document: Scottish Pubs Adjudicator: complaints form for tied pub tenants (webpage) Found: information given to us about you and your complaint for its intended purpose and in line with Data Protection Act
Wednesday 25th February 2026 Source Page: Adult Disability Payment caseload by Condition Type: FOI release Document: Adult Disability Payment caseload by Condition Type: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 25th February 2026 People Directorate Source Page: Scottish Government's Trans and Non-Binary Inclusion Policy: FOI release Document: FOI 202500497199 - Information Released - Annex (PDF) Found: including but not limited to medical treatment as special category personal data under the Data Protection Act
Wednesday 25th February 2026 Source Page: Social Security Scotland’s Retention and Disposal Policy and Guidance: FOI release Document: FOI 202500498570 - Information Released - Spreadsheet (Excel) Found: For Law Enforcement processing, Data Protection Act 2018, section 67.
Wednesday 25th February 2026 Source Page: Social Security Scotland’s Retention and Disposal Policy and Guidance: FOI release Document: FOI 202500498570 - Information Released - Documents (PDF) Found: Under UK General Data Protection Regulation (UK GDPR) and the Data Protection Act (DPA) 2018, personal
Wednesday 25th February 2026 Marine Directorate Source Page: Fish health inspectorate’s (FHI) inspections data: EIR release Document: Fish health inspectorate’s (FHI) inspections data: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 25th February 2026 Source Page: Transport Scotland 20mph speed limit roll out Dumfries and Galloway: FOI release Document: Transport Scotland 20mph speed limit roll out Dumfries and Galloway: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 25th February 2026 Marine Directorate Source Page: Analysis of aquaculture administrative burdens and mandatory mortality reporting: EIR release Document: Analysis of aquaculture administrative burdens and mandatory mortality reporting: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 25th February 2026 Source Page: Woodland restoration grant to Invergeldie Estate, Oxygen Conservation: EIR release Document: Woodland restoration grant to Invergeldie Estate, Oxygen Conservation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Safer Communities Directorate Source Page: Police Division risk register information: FOI release Document: Police Division risk register information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Source Page: First Minister and Leader of Sinn Fein meeting documentation: FOI release Document: First Minister and Leader of Sinn Fein meeting documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Communications and Ministerial Support Directorate Source Page: Cabinet Secretary for Climate Action and Energy's expenses for COP30: FOI release Document: Cabinet Secretary for Climate Action and Energy's expenses for COP30: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Local Government and Housing Directorate Source Page: LAR Housing Trust loan information: FOI release Document: LAR Housing Trust loan information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Communications and Ministerial Support Directorate Source Page: Documentation for meetings attended by Former first Minister and Aamer Anwar and Co: FOI release Document: Documentation for meetings attended by Former first Minister and Aamer Anwar and Co: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Energy and Climate Change Directorate Source Page: Carbon budget targets advice correspondence: EIR release Document: EIR 202500496970 - Information released - Annex A, Annex B and Annex C (PDF) Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Source Page: Historic Environment Scotland meeting note information: FOI release Document: Historic Environment Scotland meeting note information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Financial Management Directorate Source Page: Scottish Government budget and Barnett consequential meetings: FOI release Document: Scottish Government budget and Barnett consequential meetings: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Propriety and Ethics Directorate Source Page: Communications and information relating to the James Hamilton report and associated published legal advice (case reference number 281/2025): FOI Appeal Document: Communications and information relating to the James Hamilton report and associated published legal advice (case reference number 281/2025): FOI Appeal (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Propriety and Ethics Directorate Source Page: Communications and information relating to the James Hamilton report and associated published legal advice (case reference number 281/2025): FOI Appeal Document: FOI 202400438168 - DN281 - Information Released - Batch 18 (PDF) Found: Team (CRIT) at the ICO to discontinue an investigation into potential offences under s.170 Data Protection Act
Tuesday 24th February 2026 Propriety and Ethics Directorate Source Page: Communications and information relating to the James Hamilton report and associated published legal advice (case reference number 281/2025): FOI Appeal Document: FOI 202400438168 - DN281 - Information Released - Batch 15 (PDF) Found: The Data Protection Act gives you the right to see information about yourself.
Tuesday 24th February 2026 Source Page: Social Security Scotland - Adult Disability Payment (ADP) data on specific recorded Primary Disability Conditions: FOI release Document: Social Security Scotland - Adult Disability Payment (ADP) data on specific recorded Primary Disability Conditions: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Non-Domestic Rates (Liability for Unoccupied Properties) (Scotland) Bill correspondence: FOI release Document: Non-Domestic Rates (Liability for Unoccupied Properties) (Scotland) Bill correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Agriculture and Rural Economy Directorate Source Page: Agricultural payments computerised system information: FOI release Document: Agricultural payments computerised system information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Energy and Climate Change Directorate Source Page: Correspondence from Oil and Gas organisations regarding engagement with Scottish Government: EIR release Document: EIR 202500496792 - Information Released - Annex (PDF) Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Recorded communications containing certain phrases: FOI release Document: FOI 202500496330 - Information released - Annex A and Annex B (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Transport Scotland - Swallow Roundabout in Dundee correspondence: EIR release Document: Transport Scotland - Swallow Roundabout in Dundee correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Business Gateway funding communications: FOI release Document: Business Gateway funding communications: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Cabinet Secretary for Finance and Local Government correspondence regarding the Non-Domestic Rates (Scotland) Act 2020: FOI release Document: Cabinet Secretary for Finance and Local Government correspondence regarding the Non-Domestic Rates (Scotland) Act 2020: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: City of Edinburgh Council correspondence regarding the proposed new West Edinburgh secondary school: EIR Review Document: City of Edinburgh Council correspondence regarding the proposed new West Edinburgh secondary school: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Agriculture and Rural Economy Directorate Source Page: Sustainable farming incentive documentation: EIR release Document: Sustainable farming incentive documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Scottish Forestry - East Netershield Woodland Creation Scheme correspondence: EIR relaese Document: Scottish Forestry - East Netershield Woodland Creation Scheme correspondence: EIR relaese (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Safer Communities Directorate Source Page: Minutes from Serious Organised Crime Taskforce meetings: FOI release Document: Minutes from Serious Organised Crime Taskforce meetings: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Safer Communities Directorate Source Page: Minutes from Serious Organised Crime Taskforce meetings: FOI release Document: FOI 202600501737 - Information Released - Attachment (PDF) Found: said that the Information Commissioner’s Office (ICO) was aware of issues since GDPR and the Data Protection Act
Monday 23rd February 2026 Mental Health Directorate Source Page: NHS Highland neurodevelopmental and mental health information: FOI release Document: NHS Highland neurodevelopmental and mental health information: FOI release (webpage) Found: contravene the data protection principles in Article 5(1) of the UK GDPR and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Children and Families Directorate Source Page: Correspondence sent to former First Minister regarding child sexual exploitation and abuse: FOI release Document: FOI 202600499932 - Information Released - Annex (PDF) Found: handled under the requirements of the EU General Data Protection Regulation (GDRP) and the Data Protection Act
Monday 23rd February 2026 Energy and Climate Change Directorate Source Page: Community Wind Power correspondence: FOI release Document: Community Wind Power correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in Section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Reduction of public sector workforce risks registers and progress: FOI release Document: Reduction of public sector workforce risks registers and progress: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Correspondence regarding Non- Domestic Rates (Scotland) Act 2020: FOI release Document: Correspondence regarding Non- Domestic Rates (Scotland) Act 2020: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Communications and Ministerial Support Directorate Source Page: Plans for proactive publication of relevant data and ongoing communications plans information: FOI release Document: Plans for proactive publication of relevant data and ongoing communications plans information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Energy and Climate Change Directorate Source Page: Correspondence regarding the Mosmorran Just Transition plan: EIR release Document: Correspondence regarding the Mosmorran Just Transition plan: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Energy and Climate Change Directorate Source Page: Warmworks contract information: EIR release Document: Warmworks contract information: EIR release (webpage) Found: applicant and disclosure would contravene the data protection principles in Schedule 1 to the Data Protection Act
Monday 23rd February 2026 Source Page: Institute for Fiscal Studies and Barnett Formula documentation: FOI release Document: Institute for Fiscal Studies and Barnett Formula documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Scottish Forestry gender and specific demographic groups queries: FOI release Document: FOI 202600501731 - Information Released - Annex C (PDF) Found: respective obligations under the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act
Monday 23rd February 2026 Source Page: Social Security Scotland Benefit payment statistics: FOI release Document: Social Security Scotland Benefit payment statistics: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Cabinet Secretary for Constitution, External Affairs and Culture’s visit to Switzerland and Germany: FOI release Document: FOI 202500496305 - Information Released - Annex (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Copies of concern regarding Non-Domestic Rates (Scotland) Act 2020: FOI release Document: Copies of concern regarding Non-Domestic Rates (Scotland) Act 2020: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Agriculture and Rural Economy Directorate Source Page: Future Farming Investment Scheme correspondence regarding the assessment of common grazing land: EIR release Document: EIR 202500494702 - Information Released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Source Page: Summerhall documentation: FOI release Document: Summerhall documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Environment and Forestry Directorate Source Page: Meeting details between the Stove Industry Association and the Scottish Government: EIR request Document: EIR 202500494885 - Information released - Annex A - Annec C (PDF) Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Justice Directorate Source Page: Correspondence sent to Cabinet Secretary for Justice and Minister for Victims and Community Safety regarding prisons: FOI release Document: Correspondence sent to Cabinet Secretary for Justice and Minister for Victims and Community Safety regarding prisons: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Energy and Climate Change Directorate Source Page: Correspondence regarding the closure of Mossmorran: EIR release Document: Correspondence regarding the closure of Mossmorran: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Internal Audit and Assurance Directorate Source Page: Gate Review Child Health report: FOI release Document: Gate Review Child Health report: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Chief Operating Officer, NHS Scotland Directorate Source Page: National Elective Care Programme Gateway Review information: FOI release Document: National Elective Care Programme Gateway Review information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Source Page: Communications by Scottish Ministers relating to the future ownership and management of Dundee Airport: EIR release Document: Communications by Scottish Ministers relating to the future ownership and management of Dundee Airport: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Source Page: First Minister Questions briefing notes on Scottish taxpayers paying less income tax than elsewhere in the UK: FOI release Document: FOI 202500496273 - Information Released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Source Page: Museums Galleries Scotland documentation regarding the Equality and Human Rights Commission (EHRC): FOI release Document: Museums Galleries Scotland documentation regarding the Equality and Human Rights Commission (EHRC): FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Social Security Directorate Source Page: Social Security Programme Gateway Review information: FOI release Document: Social Security Programme Gateway Review information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Communications and Ministerial Support Directorate Source Page: Correspondence which mentions former Chief Executive of the Scottish National Party: FOI release Document: Correspondence which mentions former Chief Executive of the Scottish National Party: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Population Health Directorate Source Page: Public health information regarding LED lighting: EIR Review Document: Public health information regarding LED lighting: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Education Reform Directorate Source Page: Proposed relocation of Glasgow Gaelic Primary School documentation: FOI release Document: FOI 202500496130 - Information Released - Annex A (PDF) Found: collect, store and use) the information you provide in a manner compatible with UK GDPR and the Data Protection Act
Wednesday 18th February 2026 Agriculture and Rural Economy Directorate Source Page: Derogation from Agri-Environment Climate Scheme (AECS) contracts: EIR release Document: Derogation from Agri-Environment Climate Scheme (AECS) contracts: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Agriculture and Rural Economy Directorate Source Page: Assessment of Future Farming Investment Scheme applications correspondence: EIR release Document: EIR 202500494687 - Information released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Social Security Directorate Source Page: Details of the Cabinet Secretary for Social Justice's trip to London: FOI release Document: Details of the Cabinet Secretary for Social Justice's trip to London: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Internal Audit and Assurance Directorate Source Page: Gate Review HMP Glasgow report: FOI release Document: Gate Review HMP Glasgow report: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Marine Directorate Source Page: Review of the Scottish Adjacent Waters Boundary Order 2009 communications: FOI release Document: Review of the Scottish Adjacent Waters Boundary Order 2009 communications: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Source Page: Transport Scotland 'Mallaig Lochboisdale New Vessel Project' Gateway Review: FOI release Document: Transport Scotland 'Mallaig Lochboisdale New Vessel Project' Gateway Review: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Internal Audit and Assurance Directorate Source Page: Gate Review Mangata Project report: FOI release Document: Gate Review Mangata Project report: FOI release (webpage) Found: parties and disclosing it would contravene the data protection principles in Schedule 1 to the Data Protection Act
Tuesday 17th February 2026 Source Page: Transport Scotland - Dualling of the A96 documentation: EIR release Document: Transport Scotland - Dualling of the A96 documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Source Page: Transport Scotland 'Lochboisdale Gasay' completed Gateway Review information: FOI release Document: Transport Scotland 'Lochboisdale Gasay' completed Gateway Review information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Justice Directorate Source Page: Justice Division risk registers: FOI release Document: Justice Division risk registers: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Children and Families Directorate Source Page: Correspondence between Ministers regarding grooming gangs: FOI release Document: Correspondence between Ministers regarding grooming gangs: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Source Page: Transport impact assessment relating to temporary worker accommodation village in Thurso: FOI release Document: Transport impact assessment relating to temporary worker accommodation village in Thurso: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Chief Operating Officer, NHS Scotland Directorate Source Page: Correspondence and documentation regarding waiting list statistic: FOI release Document: Correspondence and documentation regarding waiting list statistic: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Communications and Ministerial Support Directorate Source Page: Justice Secretary attendance, itinerary, and correspondence on 19 November 2025: FOI release Document: FOI 202500494722 - Information Released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in Section 34(1) of the Data Protection Act

Scottish Parliamentary Debates
Criminal Justice System (Challenges for Session 7) 240 speeches (160,353 words) Wednesday 11th March 2026 - Committee Mentions: 1: None of practice to update it in the light of UK legislative changes relating to changes from the Data Protection Act - Link to Speech

Data Protection Act 2018 mentioned in Welsh results

Welsh Committee Publications
Tuesday 3rd February 2026 PDF - Marshalled List of Amendments - 3 February 2026 (PDF 238KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
Tuesday 3rd February 2026 PDF - Marshalled List of Amendments - 3 February 2026 (PDF 243KB) v2 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
Thursday 29th January 2026 PDF - Marshalled List of Amendments - 29 January 2026 Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
Tuesday 20th January 2026 PDF - Notice of Amendments – 20 January 2026 (PDF 231KB) Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
Tuesday 16th December 2025 PDF - Notice of Amendments - 16 December 2025 (PDF 111KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
Monday 15th December 2025 PDF - Welsh Government: Purpose and effect table - 15 December 2025 Inquiry: Building Safety (Wales) Bill Found: The amendment replaces subsection (8) to refer to new section 183A of the Data Protection Act 2018 (
Thursday 11th December 2025 PDF - Marshalled List of Amendments - 11 December 2025 Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: purpose for which it is disclosed, and (b) handled and stored in accordance with— (i) the Data Protection Act
Thursday 11th December 2025 PDF - Notice of amendments - 11 December 2025 Inquiry: Building Safety (Wales) Bill Found: Section 61, page 49, leave out lines 24 to 27 and insert— ‘(8) But see also section 183A of the Data Protection Act
Friday 5th December 2025 PDF - Marshalled List of Amendments - 5 December 2025 Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: purpose for which it is disclosed, and (b) handled and stored in accordance with— (i) the Data Protection Act
Thursday 4th December 2025 PDF - Marshalled List of Amendments - 4 December 2025 (PDF 420KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Irranca-Davies 16 Section 24, page 12, after line 21, insert— ‘( ) But see also section 183A of the Data Protection Act
Thursday 4th December 2025 PDF - Notice of amendments - 4 December 2025 Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: purpose for which it is disclosed, and (b) handled and stored in accordance with— (i) the Data Protection Act
Monday 1st December 2025 PDF - Welsh Government: Purpose and effect table - 1 December 2025 (PDF 404KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: protection of prohibitions and restrictions etc on processing: relevant enactments) of the Data Protection Act
Thursday 27th November 2025 PDF - Notice of Amendments - 27 November 2025 (PDF 276KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Irranca-Davies 16 Section 24, page 12, after line 21, insert— ‘( ) But see also section 183A of the Data Protection Act
Thursday 27th November 2025 PDF - Notice of Amendments - 27 November 2025 (PDF 276KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Irranca-Davies 16 Section 24, page 12, after line 21, insert— ‘( ) But see also section 183A of the Data Protection Act
Tuesday 25th November 2025 PDF - Letter from the Cabinet Secretary for Finance and Welsh Language to the Legislation, Justice and Constitution Committee, 25 November 2025 Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: However, the provisions under section 39 need to be read alongside section 183A of the Data Protection Act
Monday 17th November 2025 PDF - Welsh Government: Purpose and Effect Table - 17 November 2025 Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: Housing Registers as they are no longer required as a consequence of section 183A of the Data Protection Act
PDF - Notice of Amendments - 27 November 2025 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Irranca-Davies 16 Section 24, page 12, after line 21, insert— ‘( ) But see also section 183A of the Data Protection Act
PDF - Notice of Amendments - 27 November 2025 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Irranca-Davies 16 Section 24, page 12, after line 21, insert— ‘( ) But see also section 183A of the Data Protection Act
PDF - Welsh Government: Purpose and effect table - 1 December 2025 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: protection of prohibitions and restrictions etc on processing: relevant enactments) of the Data Protection Act
PDF - Letter Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: However, the provisions under section 39 need to be read alongside section 183A of the Data Protection Act
PDF - Response letter from the Cabinet Secretary for Finance and Welsh Language to the Chair of the Legislation, Justice and Constitution Committee: Follow-up from the Legislation, Justice and Constitution Committee meeting held on 10 November 2025 - 25 November 2025 Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: However, the provisions under section 39 need to be read alongside section 183A of the Data Protection Act
PDF - Marshalled List of Amendments - 4 December 2025 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Irranca-Davies 16 Section 24, page 12, after line 21, insert— ‘( ) But see also section 183A of the Data Protection Act
PDF - Marshalled List of amendments – 5 December 2025 Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: purpose for which it is disclosed, and (b) handled and stored in accordance with— (i) the Data Protection Act
PDF - Notice of amendments – 4 December 2025 Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: purpose for which it is disclosed, and (b) handled and stored in accordance with— (i) the Data Protection Act
PDF - Notice of amendments - 11 December 2025 Inquiry: Building Safety (Wales) Bill Found: Section 61, page 49, leave out lines 24 to 27 and insert— ‘(8) But see also section 183A of the Data Protection Act
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 2 (PDF 462KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 2 (UNCHECKED) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Welsh Government: Purpose and effect table - 15 December 2025 Inquiry: Building Safety (Wales) Bill Found: The amendment replaces subsection (8) to refer to new section 183A of the Data Protection Act 2018 (
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 2 (UNCHECKED) (PDF 462KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 2 (PDF 462KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 2 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Notice of Amendments - 16 December 2025 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
PDF - Supplementary LCM Inquiry: The Welsh Government’s Legislative Consent Memoranda on the Children’s Wellbeing and Schools Bill Found: Education Act 2002 3 • The Academies Act 2010 • School Standards and Framework Act 1998 • Data Protection Act
PDF - Notice of Amendments – 20 January 2026 Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Marshalled List of Amendments – 29 January 2026 Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - report Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: letter adds that the provisions under section 39 need to be read alongside section 183A of the Data Protection Act
PDF - Marshalled List of Amendments - 3 February 2026 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
PDF - Revised Explanatory Memorandum and Regulatory Impact Assessment - 3 February 2026 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Information Commissioner's Office (ICO) is the independent regulatory office dealing with the Data Protection Act
PDF - Building Safety (Wales) Bill as amended at stage 2 Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Building Safety (Wales) Bill Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements

Welsh Government Publications
Thursday 9th April 2026 Source Page: FOI release 26783: Godre’r Graig School Document: Godre’r Graig School (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 9th April 2026 Source Page: FOI release 26779: Allergic conditions Document: Allergic conditions (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Thursday 9th April 2026 Source Page: FOI release 26778: Digital Health Advisor Document: Digital Health Advisor (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Tuesday 7th April 2026 Source Page: Challenging bullying and harassment Document: Rights, respect, equality: statutory guidance for schools and settings (PDF) Found: protection legislation such as the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act
Tuesday 7th April 2026 Source Page: Armed forces (National Survey for Wales): April 2024 and March 2025 Document: Armed forces (National Survey for Wales): April 2024 and March 2025 (webpage) Found: personal data underlying these statistics is processed in accordance with the requirements of the Data Protection Act
Tuesday 7th April 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 27 March 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 27 March 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 7th April 2026 Source Page: Taxi and private hire vehicles: licensing guidance Document: Taxi and private hire vehicles: licensing guidance (webpage) Found: Welsh local authorities should also ensure that information is processed in accordance with the Data Protection Act
Thursday 2nd April 2026 Source Page: Welsh Revenue Authority equality report 2026 Document: Welsh Revenue Authority equality report 2026 (webpage) Found: great importance on protecting people’s privacy and their data in full compliance with the Data Protection Act
Tuesday 31st March 2026 Source Page: 'Making wood work for Wales' capital grant scheme: guidance Document: Guidance (PDF) Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act
Tuesday 31st March 2026 Source Page: Welsh Revenue Authority retention and disposal schedule Document: Retention and disposal schedule (PDF) Found: information, including that covered by the UK General Data Protection Regulation (UK GDPR), and the Data Protection Act
Friday 27th March 2026 Source Page: National framework for Continuing NHS Healthcare Document: Continuing NHS Healthcare, the national framework for implementation in Wales (PDF) Found: practitioners 38 Sharing of Information Individuals without capacity 3.16 Under the Data Protection Act
Friday 27th March 2026 Source Page: Wales air quality awareness survey Document: Wales air quality awareness survey (PDF) Found: The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 (DPA) Ipsos
Thursday 26th March 2026 Source Page: FOI release 26771: Wildlife Incident Investigation Scheme Document: Wildlife Incident Investigation Scheme (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 26th March 2026 Source Page: FOI release 26615: Wadham College of Science Document: Wadham College of Science (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Thursday 26th March 2026 Source Page: FOI release 26749: Natural Resources Wales Document: Natural Resources Wales (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 26th March 2026 Source Page: FOI release 26748: Cadw Historic Building Grants Document: Cadw Historic Building Grants (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 26th March 2026 Source Page: Refreshed Intellectual Property guidance for NHS Wales organisations (WHC/2026/004) Document: Appendix 1: Intellectual property (IP) guidance for National Health Service (NHS) Wales organisations (PDF) Found: protection and privacy legislation in force from time to time in the UK including the UK GDPR; the Data Protection Act
Thursday 26th March 2026 Source Page: Relative income poverty: April 2024 to March 2025 Document: Relative income poverty: April 2023 to March 2025 (Official Statistics in Development) (webpage) Found: are presented impartially and objectively and are in accordance with the requirements of the Data Protection Act
Thursday 26th March 2026 Source Page: Exploring the devolution of social security administration Document: Report (PDF) Found: far the Welsh Government or local authorities can use or share data without breaching the Data Protection Act
Wednesday 25th March 2026 Source Page: Direct payments for Continuing NHS healthcare Document: Guidance on direct payments for Continuing NHS healthcare (PDF) Found: should ensure all actions undertaken in the delivery of direct payments are in line with the Data Protection Act
Tuesday 24th March 2026 Source Page: FOI release 26744: Solar developments Document: Solar developments (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 24th March 2026 Source Page: Model social public works clauses Document: Model social public works clauses (PDF) Found: protection and privacy legislation in force from time to time in the UK including the UK GDPR; the Data Protection Act
Tuesday 24th March 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 13 March 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 13 March 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Friday 20th March 2026 Source Page: Ynni Cymru capital grant funding programme 2026 to 2027: guidance Document: Ynni Cymru capital grant funding programme 2026 to 2027: guidance (PDF) Found: protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Wednesday 18th March 2026 Source Page: FOI release 26712: Deleted files Document: Doc 2 (PDF) Found: 7 Complaints The handling of some of this information is subject to the provisions of the Data Protection Act
Monday 16th March 2026 Source Page: FOI release 26725: Wales Japan Club Document: Wales Japan Club (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 16th March 2026 Source Page: FOI release 26725: Wales Japan Club Document: Doc C (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Monday 16th March 2026 Source Page: FOI release 26725: Wales Japan Club Document: Doc B (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Monday 16th March 2026 Source Page: FOI release 26725: Wales Japan Club Document: Doc A (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Thursday 12th March 2026 Source Page: FOI release 26677: Pollution incident Document: Pollution incident (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 12th March 2026 Source Page: Visitor levy: guidance for local authorities Document: Visitor levy: guidance for local authorities (webpage) Found: and relevant data protection legislation, including their existing statutory duties under the Data Protection Act
Thursday 12th March 2026 Source Page: Visitor levy: guidance for local authorities Document: Visitor levy: guidance for local authorities (PDF) Found: relevant data protection legislation, including their existing statutory duties under the Data Protection Act
Wednesday 11th March 2026 Source Page: National strategy for preventing and responding to child sexual abuse in Wales 2026 to 2036: children's rights impact assessment Document: National strategy for preventing and responding to child sexual abuse in Wales 2026 to 2036: children's rights impact assessment (PDF) Found: Informed consent procedures and secure data protection practices, in line with the Data Protection Act
Wednesday 11th March 2026 Source Page: FOI release 26675: Flooding and agriculture Document: Doc 1 (PDF) Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act
Tuesday 10th March 2026 Source Page: Active travel (National Survey for Wales): April 2024 to March 2025 Document: Active travel (National Survey for Wales): April 2024 to March 2025 (webpage) Found: personal data underlying these statistics is processed in accordance with the requirements of the Data Protection Act
Tuesday 10th March 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 27 February 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 27 February 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Friday 6th March 2026 Source Page: Ffermio Bro - Farming in Designated Landscapes (stage 1): rules booklet 2026-28 Document: Ffermio Bro - Farming in Designated Landscapes (stage 1): rules booklet 2026-28 (webpage) Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act
Wednesday 4th March 2026 Source Page: FOI release 26668: Wildlife Incident Investigation Scheme reports Document: Wildlife Incident Investigation Scheme reports (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Friday 27th February 2026 Source Page: Single Application Form (SAF) 2026: rules booklet for woodland and organic schemes when claiming Sustainable Farming Scheme Document: Single Application Form (SAF) 2026: rules booklet for woodland and organic schemes when claiming Sustainable Farming Scheme (PDF) Found: accordance with its obligations and duties under the: • Freedom of Information Act 2000 • The Data Protection Act
Friday 27th February 2026 Source Page: Small Grants – Woodland Creation (window 10): rules booklet Document: Small Grants – Woodland Creation (window 10): rules booklet (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act
Friday 27th February 2026 Source Page: Woodland Creation Grant (window 6): rules booklet Document: Woodland Creation Grant (window 6): rules booklet (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act
Thursday 26th February 2026 Source Page: Common legislative solutions: a guide to tackling recurring policy issues in legislation Document: Common legislative solutions: a guide to tackling recurring policy issues in legislation (PDF) Found: schedule/1) (failure to comply with a stop notice is an offence) • section 155(1)(b) of the Data Protection Act
Tuesday 24th February 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 13 February 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 13 February 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 23rd February 2026 Source Page: FOI release 26622: Rhos-farch Farm Document: Rhos-farch Farm (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 23rd February 2026 Source Page: Single Application Form (SAF) 2026: rules booklet for Basic Payment Scheme, woodland and organic schemes Document: Single Application Form (SAF) 2026: rules booklet for Basic Payment Scheme, woodland and organic schemes (PDF) Found: accordance with its obligations and duties under the: • Freedom of Information Act 2000 • The Data Protection Act
Thursday 19th February 2026 Source Page: Small Grant Scheme: Food and Drink Festivals and Events Scheme 2026 to 2027: application form Document: Small Grant Scheme: Food and Drink Festivals and Events Scheme 2026 to 2027: application form (webpage) Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act
Wednesday 18th February 2026 Source Page: FOI release 26596: Glyndŵr National Park Document: Doc 1 (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Wednesday 18th February 2026 Source Page: FOI release 26606: Nation of Sanctuary Document: Nation of Sanctuary (PDF) Found: data protection principles. 5 ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act
Monday 16th February 2026 Source Page: FOI release 26586: St Ann Street, Chepstow Document: St Ann Street, Chepstow (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 16th February 2026 Source Page: FOI release 26579: St Ann Street, Chepstow Document: St Ann Street, Chepstow (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 16th February 2026 Source Page: FOI release 26571: Bridge House Farm Document: Bridge House Farm (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 12th February 2026 Source Page: FOI release 26442and26567: Marine Nitrates Development Taskforce Document: Marine Nitrates Development Taskforce (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 12th February 2026 Source Page: Performance and improvement framework for social services: additional guidance 2023 to 2024 Document: Performance and improvement framework for social services: additional guidance 2023 to 2024 (PDF) Found: collected under this framework is governed by the General Data Protection Regulation (GDPR) and Data Protection Act
Wednesday 11th February 2026 Source Page: Changes to two codes of practice: Part 6 and Special Guardianship Orders Document: Part 6 Code of Practice (Looked After and Accommodated Children): As amended with tracked changes (PDF) Found: Authorities will need to satisfy themselves that they are complying with the Data Protection Act 2018
Wednesday 11th February 2026 Source Page: Changes to two codes of practice: Part 6 and Special Guardianship Orders Document: Part 6 Code of Practice (Looked After and Accommodated Children): As amended (PDF) Found: Authorities will need to satisfy themselves that they are complying with the Data Protection Act 2018
Tuesday 10th February 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 30 January 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 30 January 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 9th February 2026 Source Page: FOI release 26553: Councillors standards Document: Councillors standards (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Monday 9th February 2026 Source Page: FOI release 26556: St David’s Day Pilot Document: St David’s Day Pilot (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 5th February 2026 Source Page: Fair work (National Survey for Wales): April 2024 to March 2025 Document: Fair work (National Survey for Wales): April 2024 to March 2025 (webpage) Found: personal data underlying these statistics is processed in accordance with the requirements of the Data Protection Act
Thursday 5th February 2026 Source Page: FOI release 26544: Buckland Hall Document: Buckland Hall (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 29th January 2026 Source Page: Young people not in education, employment or training (NEET): October 2024 to September 2025 Document: Young people not in education, employment or training (NEET): October 2024 to September 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Thursday 29th January 2026 Source Page: Evaluation of the elective home education statutory guidance Document: Evaluation of the elective home education statutory guidance (PDF) Found: with such services, in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act
Tuesday 27th January 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 16 January 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 16 January 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 26th January 2026 Source Page: FOI release 26526: Great British Railways Document: Great British Railways (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 21st January 2026 Source Page: Labour market statistics (Annual Population Survey): October 2024 to September 2025 Document: Labour market statistics (Annual Population Survey): October 2024 to September 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 20th January 2026 Source Page: FOI release 26510: BBC Document: BBC (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 20th January 2026 Source Page: FOI release 26383: Dingestow crossing Document: Doc 7 (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 15th January 2026 Source Page: FOI release 26503: Animal welfare Document: Doc 1 (PDF) Found: Commissioner's Data Sharing Code of Practice of May 2011 1.1.5 Data Protection Legislation : (i) the Data Protection Act
Thursday 15th January 2026 Source Page: FOI release 26503: Animal welfare Document: Animal welfare (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 13th January 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 2 January 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 2 January 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Wednesday 7th January 2026 Source Page: General funding round window 3 (Welsh Marine and Fisheries Scheme): guidance Document: General funding round window 3 (Welsh Marine and Fisheries Scheme): guidance (PDF) Found: Freedom of Information Act 2000, the 28 Environmental Information Regulations 2004 and the Data Protection Act
Tuesday 6th January 2026 Source Page: FOI release 26504: Respiratory Protective Equipment Document: Respiratory Protective Equipment (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Tuesday 6th January 2026 Source Page: FOI release 26422: Rhydycar West Document: Rhydycar West (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 6th January 2026 Source Page: FOI release 26399 and 26498: Water quality Document: Water quality (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 6th January 2026 Source Page: FOI release 26401: Rhydycar West Document: Rhydycar West (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 5th January 2026 Source Page: Small Grants - Environment (landscape and pollinators): general rules booklet 2026 Document: Small Grants - Environment (landscape and pollinators): general rules booklet 2026 (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act
Monday 5th January 2026 Source Page: Woodland Creation Planning Scheme (January 2026): rules booklet Document: Woodland Creation Planning Scheme (January 2026): rules booklet (webpage) Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act
Monday 22nd December 2025 Source Page: Freedom of Information (FOI): request from the Welsh Government Document: Requesting information from the Welsh Government (webpage) Found: The Data Protection Act 2018, Freedom of Information Act 2000 and the Environmental Information Regulations
Wednesday 17th December 2025 Source Page: FOI release 26284: Llansteffan North Green car park Document: Llansteffan North Green car park (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 17th December 2025 Source Page: Sustainable Farming Scheme (2026): universal layer: rules booklet Document: Sustainable Farming Scheme (2026): universal layer: rules booklet (PDF) Found: used by the Welsh Government in accordance with its obligations and duties under the: • The Data Protection Act
Tuesday 16th December 2025 Source Page: FOI release 26391: Cafcass complaints Document: Cafcass complaints (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 16th December 2025 Source Page: Significant infrastructure projects (SIP): notification of proposed application Document: Significant infrastructure projects (SIP): notification of proposed application (PDF) Found: supplied by you in this form, is in accordance with the terms of our registration under the Data Protection Act
Tuesday 16th December 2025 Source Page: Attendance of pupils in maintained schools: 2 September to 5 December 2025 Document: Attendance of pupils in maintained schools: 2 September to 5 December 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 16th December 2025 Source Page: Remote working (National Survey for Wales): April 2024 to March 2025 Document: Remote working (National Survey for Wales): April 2024 to March 2025 (webpage) Found: personal data underlying these statistics is processed in accordance with the requirements of the Data Protection Act

Welsh Senedd Debates
Group 11: Office of Environmental Governance: disclosure of information and confidentiality (Amendments 16, 17, 18) Thursday 11th December 2025 Mentions: 1: Huw Irranca-Davies (Welsh Labour and Co-operative Party - Ogmore) Amendments 16, 17, 18 in my name make necessary amendments to reflect changes to the Data Protection Act - Link to Speech