Data Protection Act 2018

Alert Sample

View the Parallel Parliament page for the Data Protection Act 2018

Information since 7 Mar 2025, 10:09 a.m.

Data Protection Act 2018 mentioned

Select Committee Documents
Thursday 24th July 2025 Report - 6th Report - Forced Labour in UK Supply Chains Human Rights (Joint Committee) Found: For example, companies can be fined 4% of annual turnover for certain breaches of the Data Protection Act
Friday 18th July 2025 Report - Thirty-second Report - No Statutory Instruments Reported Statutory Instruments (Joint Committee) Found: The Markets in Financial Instruments (Miscellaneous Amendments) Regulations 2025 Draft The Data Protection Act
Tuesday 15th July 2025 Written Evidence - Independent Monitoring Boards (IMB) RAR0114 - Rehabilitation and resettlement: ending the cycle of reoffending Rehabilitation and resettlement: ending the cycle of reoffending - Justice Committee Found: of Information Act 2000 (FOIA), the Environmental Information Regulations (EIR) 2004, the Data Protection Act

Written Answers
Personation Asked by: Lisa Smart (Liberal Democrat - Hazel Grove) Wednesday 23rd July 2025 Question to the Home Office: To ask the Secretary of State for the Home Department, if her Department has considered making identity theft a police recordable crime. Answered by Diana Johnson - Minister of State (Home Office) At present, identity theft is not a standalone criminal offence, but criminal acts which exploit stolen identities are already covered under existing legislation such as the Fraud Act 2006, Computer Misuse Act 1990, and Data Protection Act 2018. However, we recognise the evolving nature and increasing prevalence of identity-related crime and are taking additional proactive steps to address it. That is why the Independent Review of Fraud Offences will also consider whether a specific offence for identity theft is needed. Alongside this, we will also consider whether to include further initiatives to prevent the misuse of stolen identities and strengthen protections for the public as part of the Government’s upcoming Fraud Strategy.
NHS: Artificial Intelligence Asked by: Martin Wrigley (Liberal Democrat - Newton Abbot) Tuesday 15th July 2025 Question to the Department of Health and Social Care: To ask the Secretary of State for Health and Social Care, whether he plans to periodically review NHS AI models to ensure continued alignment with (a) data protection and (b) clinical safety standards. Answered by Karin Smyth - Minister of State (Department of Health and Social Care) There are strict safeguards in place throughout the National Health Service to protect data. All providers of services which handle patient data must protect that data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and every health organisation is required to appoint a Caldicott Guardian to advise on the protection of people’s health and care data, and to ensure that it is used properly. This includes where artificial intelligence (AI) is used in relation to patient records. The Information Commissioners Office has developed detailed AI guidance which provides an overarching view of data protection, including the need for Data Protection Impact Assessments and to ensure compliance with UK GDPR. They have also produced an AI toolkit to support organisations auditing compliance of their AI-based technologies. NHS bodies are expected to make use of this guidance and toolkit. The NHS has published two clinical risk management standards relating to clinical safety, with the codes DCB0129 and DCB0160, both of which are applicable to AI. Under the Health and Social Care Act 2012, manufacturers of health IT systems and health organisations that deploy and use these systems must have regard to these standards. In line with current Data Coordination Board practice, each standard comprises of: a specification, which defines the requirements and conformance criteria to be met by the user of the standard, and with the user responsible for how these requirements are met; and implementation guidance, which provides an interpretation of the requirements and, where appropriate, defines possible approaches to achieving them.

Written Answers

Personation
Asked by: Lisa Smart (Liberal Democrat - Hazel Grove)
Wednesday 23rd July 2025

Question to the Home Office:

To ask the Secretary of State for the Home Department, if her Department has considered making identity theft a police recordable crime.

Answered by Diana Johnson - Minister of State (Home Office)

At present, identity theft is not a standalone criminal offence, but criminal acts which exploit stolen identities are already covered under existing legislation such as the Fraud Act 2006, Computer Misuse Act 1990, and Data Protection Act 2018. However, we recognise the evolving nature and increasing prevalence of identity-related crime and are taking additional proactive steps to address it. That is why the Independent Review of Fraud Offences will also consider whether a specific offence for identity theft is needed.

Alongside this, we will also consider whether to include further initiatives to prevent the misuse of stolen identities and strengthen protections for the public as part of the Government’s upcoming Fraud Strategy.

NHS: Artificial Intelligence
Asked by: Martin Wrigley (Liberal Democrat - Newton Abbot)
Tuesday 15th July 2025

Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, whether he plans to periodically review NHS AI models to ensure continued alignment with (a) data protection and (b) clinical safety standards.

Answered by Karin Smyth - Minister of State (Department of Health and Social Care)

There are strict safeguards in place throughout the National Health Service to protect data. All providers of services which handle patient data must protect that data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and every health organisation is required to appoint a Caldicott Guardian to advise on the protection of people’s health and care data, and to ensure that it is used properly. This includes where artificial intelligence (AI) is used in relation to patient records.

The Information Commissioners Office has developed detailed AI guidance which provides an overarching view of data protection, including the need for Data Protection Impact Assessments and to ensure compliance with UK GDPR. They have also produced an AI toolkit to support organisations auditing compliance of their AI-based technologies. NHS bodies are expected to make use of this guidance and toolkit.

The NHS has published two clinical risk management standards relating to clinical safety, with the codes DCB0129 and DCB0160, both of which are applicable to AI. Under the Health and Social Care Act 2012, manufacturers of health IT systems and health organisations that deploy and use these systems must have regard to these standards. In line with current Data Coordination Board practice, each standard comprises of: a specification, which defines the requirements and conformance criteria to be met by the user of the standard, and with the user responsible for how these requirements are met; and implementation guidance, which provides an interpretation of the requirements and, where appropriate, defines possible approaches to achieving them.

Secondary Legislation
Criminal Procedure Rules 2025 The Criminal Procedure Rules 2025: Ministry of Justice Parliamentary Status - Text of Legislation - Made negative Laid: Tuesday 22nd July - In Force: 6 Oct 2025 Found: information about material, other than evidence, disclosed by the prosecutor; (e)Part 3 of the Data Protection Act
Global Irregular Migration and Trafficking in Persons Sanctions Regulations 2025 These Regulations are made under the Sanctions and Anti-Money Laundering Act 2018 (c. 13) to establish a sanctions regime for the purpose of preventing and combating people smuggling, trafficking in persons and the instrumentalisation of migration for the purpose of destabilising a country. Foreign, Commonwealth & Development Office Parliamentary Status - Text of Legislation - Made affirmative Laid: Tuesday 22nd July - In Force: 23 Jul 2025 Found: licence. (6) In this regulation— “the data protection legislation” has the same meaning as in the Data Protection Act
Financial Services and Markets Act 2023 (Mutual Recognition Agreement) (Switzerland) Regulations 2025 These Regulations implement provisions in the Agreement between the United Kingdom of Great Britain and Northern Ireland and the Swiss Confederation on Mutual Recognition in Financial Services done at Berne on 21st December 2023(52) (“the Agreement”). HM Treasury Parliamentary Status - Text of Legislation - Draft affirmative Laid: Monday 21st July - In Force: Not stated Found: . 2019/1043. (45)Section 391A of FSMA 2000 was amended by paragraph 50 of Schedule 2 to the Data Protection Act

Bill Documents
Jul. 24 2025 11th Report from the Select Committee on the Constitution Crime and Policing Bill 2024-26 Select Committee report Found: other legislation regulating access to personal data is arguably more narrowly framed; the Data Protection Act
Jul. 23 2025 HL Bill 129 (as amended on Report) Employment Rights Bill 2024-26 Bill Found: (4) In subsection (3)(a) “the data protection legislation” has the same meaning as in the Data Protection Act
Jul. 15 2025 HL Bill 128 (as amended on Report) Renters' Rights Bill 2024-26 Bill Found: fine. 30(8) In this section— “data protection legislation” has the same meaning as in the Data Protection Act
Jul. 14 2025 HL Bill 124 (as brought from the Commons) Rare Cancers Bill 2024-26 Bill Found: subsection (6A) “the data protection legislation” and “processing” have the same meanings as in the Data Protection Act

Department Publications - Statistics
Friday 25th July 2025 Department for Work and Pensions Source Page: Sector-based Work Academy Programmes (SWAPs) Management Information, April 2021 to June 2025 Document: (ODS) Found: Figures fewer than 5 are supressed due to rounding to avoid disclosure required by the Data Protection Act
Thursday 17th July 2025 Department for Work and Pensions Source Page: Move to Universal Credit DWP Legacy Benefit Customer Qualitative Research Document: (PDF) Found: The UK General Data Protection Regulation (GDPR) and the UK Data Protection Act (DPA) 2018 Ipsos is
Thursday 17th July 2025 Department for Digital, Culture, Media & Sport Source Page: Research report: sport integrity systems (international comparison) Document: (PDF) Found: Data Protection and Confidentiality Your data will be processed in accordance with the Data Protection Act
Monday 14th July 2025 Department for Business and Trade Source Page: Review of the whistleblowing framework in Great Britain Document: (PDF) Found: legislation has indicators of what is considered public interest, for example in Part 2 of the Data Protection Act

Department Publications - Guidance
Thursday 24th July 2025 Home Office Source Page: Afghan schemes: funding instructions 2025 to 2026 and interim data sharing protocol Document: (PDF) Found: “Data Protection Legislation” means (i) the UK GDPR, (ii) the Data Protection Act 2018 (‘DPA 2018’)
Thursday 17th July 2025 Cabinet Office Source Page: Guidance on the Model Services Contract Document: (PDF) Found: informational and reporting obligations, including those under the Procurement Act 2023, the Data Protection Act
Thursday 17th July 2025 Department of Health and Social Care Source Page: National Child Measurement Programme: operational guidance Document: National Child Measurement Programme: operational guidance (webpage) Found: information sharing under the NCMP regulations, General Data Protection Regulation (GDPR) and the Data Protection Act
Thursday 17th July 2025 Department of Health and Social Care Source Page: National Child Measurement Programme: operational guidance Document: (webpage) Found: children’s personal information for the NCMP under the General Data Protection Regulations and the Data Protection Act
Tuesday 15th July 2025 HM Treasury Source Page: 2025 Mortgage Guarantee Scheme Document: (PDF) Found: Data and privacy in any applicable jurisdiction including, without limitation, the GDPR, the Data Protection Act

Department Publications - Consultations
Wednesday 23rd July 2025 Department for Energy Security & Net Zero Source Page: Hydrogen blending into the GB gas transmission network Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Wednesday 23rd July 2025 Department for Energy Security & Net Zero Source Page: Consumer-led flexibility: consumer engagement Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Tuesday 22nd July 2025 Cabinet Office Source Page: Consultation on the NSI Act Notifiable Acquisition Regulations Document: (PDF) Found: the Freedom of Information Act 2000, the Environmental Information Regulations 2004, and the Data Protection Act
Thursday 17th July 2025 Department for Energy Security & Net Zero Source Page: Raising product standards for household tumble dryers Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Tuesday 15th July 2025 Department for Energy Security & Net Zero Source Page: Hydrogen Economic Regulatory Framework: developing an effective framework for pipeline networks Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act

Department Publications - News and Communications
Wednesday 23rd July 2025 HM Treasury Source Page: NS&I Chair to step down Document: Framework Document (PDF) Found: information is received by either party under the Freedom of Information Act 2000, or the Data Protection Act

Department Publications - Policy and Engagement
Wednesday 23rd July 2025 Department for Energy Security & Net Zero Source Page: Improving the visibility of distributed energy assets Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Thursday 17th July 2025 Department for Business and Trade Source Page: Making Work Pay: call for evidence on unpaid internships Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Wednesday 16th July 2025 Home Office Source Page: Identification of victims of modern slavery Document: (PDF) Found: All information provided during the Call for Evidence will be held securely according to the Data Protection Act
Tuesday 15th July 2025 HM Treasury Source Page: Targeted Support Document: (PDF) Found: This is set out in the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR

Department Publications - Transparency
Tuesday 22nd July 2025 Cabinet Office Source Page: Royal Mail Statutory Pension Scheme 2024-2025 Document: (PDF) Found: In line with the GDPR and the Data Protection Act 2018, the Scheme has ensured that: • contracts with
Tuesday 22nd July 2025 Cabinet Office Source Page: Royal Mail Statutory Pension Scheme 2024-2025 Document: (PDF) Found: In line with the GDPR and the Data Protection Act 2018, the Scheme has ensured that: • contracts
Monday 21st July 2025 HM Treasury Source Page: HM Treasury annual report and accounts 2024 to 2025 Document: (PDF) Found: were considered under the terms of the UK General Data Protection Regulation (UK GDPR) and Data Protection Act
Wednesday 16th July 2025 Northern Ireland Office Source Page: Northern Ireland Human Rights Commission Annual Report 2024 - 2025 Document: (PDF) Found: the General Data Protection Regulation as it applies in the United Kingdom, tailored by the Data Protection Act
Monday 14th July 2025 Department for Business and Trade Source Page: Post Office Limited: shareholder relationship framework document (July 2025) Document: (PDF) Found: information 14.2 The parties acknowledge that the Freedom of Information Act 2000 (“FOIA”), the Data Protection Act

Department Publications - Policy paper
Thursday 17th July 2025 HM Treasury Source Page: Financial Services Regulators Complaints Commissioner Annual Report and Accounts 2024-25 and regulator responses Document: (PDF) Found: The OCC processed 2 data subject access request (DSAR) under the Data Protection Act 2018 (related to

Non-Departmental Publications - Statistics
Jul. 24 2025 Centre for Connected and Autonomous Vehicles Source Page: Automated vehicles and sanctions systems Document: (PDF) Statistics Found: The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 (DPA) Ipsos
Jul. 17 2025 Government Social Research Profession Source Page: Move to Universal Credit DWP Legacy Benefit Customer Qualitative Research Document: (PDF) Statistics Found: The UK General Data Protection Regulation (GDPR) and the UK Data Protection Act (DPA) 2018 Ipsos is

Non-Departmental Publications - Transparency
Jul. 23 2025 Crown Prosecution Service Source Page: Crown Prosecution Service annual report and accounts 2024 - 2025 Document: (PDF) Transparency Found: teams ensure that data is effectively managed in line with the principles of UKGDPR, the Data Protection Act
Jul. 22 2025 Committee on Standards in Public Life Source Page: Response to FOI request about staff training in AI Document: (PDF) Transparency Found: the UK General Data Protection Regulation and section 34(1) of the Data Protection Act
Jul. 22 2025 Forensic Science Regulator Source Page: Forensic Science Regulator annual report for 2023 to 2024 Document: (PDF) Transparency Found: (9) In subsection (8)(a) “the data protection legislation” has the same meaning as in the Data Protection Act
Jul. 22 2025 Maritime and Coastguard Agency Source Page: Maritime and Coastguard Agency framework agreement Document: (PDF) Transparency Found: under the Freedom of Information Act 2000, the environmental information regulations, or the Data Protection Act
Jul. 22 2025 NHS Business Services Authority Source Page: NHSBSA annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: is subject to the requirements of the General Data Protection Regulation (GDPR) and the Data Protection Act
Jul. 22 2025 NHS Business Services Authority Source Page: NHSBSA annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: is subject to the requirements of the General Data Protection Regulation (GDPR) and the Data Protection Act
Jul. 22 2025 Nuclear Decommissioning Authority Source Page: Nuclear Decommissioning Authority: Annual Report and Accounts 2024 to 2025 Document: (PDF) Transparency Found: responded to all Subject Access Requests within the allotted timeframes allowed under the Data Protection Act
Jul. 21 2025 Driver and Vehicle Licensing Agency Source Page: DVLA annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: number of payments, no further information is disclosed, as in doing so would conflict with the Data Protection Act
Jul. 21 2025 Trade Remedies Authority Source Page: TRA Annual Report and Accounts 2024-25 Document: (PDF) Transparency Found: data protection legislation: the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Jul. 21 2025 Trade Remedies Authority Source Page: TRA Annual Report and Accounts 2024-25 Document: (PDF) Transparency Found: data protection legislation: the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Jul. 21 2025 Defence Science and Technology Laboratory Source Page: Defence Science and Technology Laboratory annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: We handled seven Data Subject Access Requests (DSAR) under the Data Protection Act (DPA) 2018.
Jul. 18 2025 NHS Business Services Authority Source Page: NHS Pension Scheme annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: NHSBSA is subject to the requirements of the General Data Protection Regulation (GDPR) and the Data Protection Act
Jul. 18 2025 Human Tissue Authority Source Page: Human Tissue Authority annual report and accounts: 2024 to 2025 Document: (PDF) Transparency Found: recorded on the HTA’s digital platforms are subject to specific legislative provisions, the Data Protection Act
Jul. 18 2025 HM Land Registry Source Page: HM Land Registry Annual Report and Accounts 2024 to 2025 Document: (PDF) Transparency Found: information holder, through adherence to the UK GDPR (General Data Protection Regulation) and Data Protection Act
Jul. 18 2025 HM Land Registry Source Page: HM Land Registry Annual Report and Accounts 2024 to 2025 Document: (PDF) Transparency Found: information holder, through adherence to the UK GDPR (General Data Protection Regulation) and Data Protection Act
Jul. 17 2025 UK Export Finance (UKEF) Source Page: UKEF Annual Report and Accounts 2024 to 2025: by section Document: (PDF) Transparency Found: payments made as doing so would conflict with a legal obligation arising as a result of the Data Protection Act
Jul. 17 2025 UK Export Finance (UKEF) Source Page: UK Export Finance Annual Report and Accounts 2024 to 2025 Document: (PDF) Transparency Found: payments made as doing so would conflict with a legal obligation arising as a result of the Data Protection Act
Jul. 17 2025 Homes England Source Page: Homes England RFI releases for June 2025 Document: (PDF) Transparency Found: Regeneration Agency principles set out in the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Jul. 17 2025 Homes England Source Page: Homes England RFI releases for May 2025 Document: (PDF) Transparency Found: to or reverts to another person and Dispose shall be construed accordingly; DPA means the Data Protection Act
Jul. 17 2025 Homes England Source Page: Homes England RFI releases for May 2025 Document: (PDF) Transparency Found: Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (the GDPR); (ii) the Data Protection Act
Jul. 17 2025 Crown Commercial Service Source Page: Crown Commercial Service annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: , CCS received 118 Freedom of Information requests and 6 Subject Access Requests under the Data Protection Act
Jul. 17 2025 Homes England Source Page: Homes England RFI releases for August 2024 Document: (PDF) Transparency Found: Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (the GDPR); (ii) the Data Protection Act
Jul. 17 2025 The Pensions Regulator Source Page: The Pensions Regulator annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: legislative obligations, such as the UK General Data Protection Regulation (GDPR) and the Data Protection Act
Jul. 17 2025 The Pensions Regulator Source Page: The Pensions Regulator annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: legislative obligations, such as the UK General Data Protection Regulation (GDPR) and the Data Protection Act
Jul. 17 2025 The Pensions Regulator Source Page: The Pensions Regulator annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: legislative obligations, such as the UK General Data Protection Regulation (GDPR) and the Data Protection Act
Jul. 17 2025 NS&I Source Page: National Savings and Investments Annual Report and Accounts 2024 to 2025 Document: (PDF) Transparency Found: to customer data, as well as destruction of data, in line with our obligations under the Data Protection Act
Jul. 17 2025 NS&I Source Page: National Savings and Investments Annual Report and Accounts 2024 to 2025 Document: (PDF) Transparency Found: to customer data, as well as destruction of data, in line with our obligations under the Data Protection Act
Jul. 17 2025 The Pension Protection Fund Ombudsman Source Page: Pensions Ombudsman and Pension Protection Fund Ombudsman annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: supported by an Information Governance Manager, overseeing our responsibilities under the Data Protection Act
Jul. 17 2025 The Pension Protection Fund Ombudsman Source Page: Pensions Ombudsman and Pension Protection Fund Ombudsman annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: supported by an Information Governance Manager, overseeing our responsibilities under the Data Protection Act
Jul. 17 2025 The Pension Protection Fund Ombudsman Source Page: Pensions Ombudsman and Pension Protection Fund Ombudsman annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: supported by an Information Governance Manager, overseeing our responsibilities under the Data Protection Act
Jul. 17 2025 Criminal Injuries Compensation Authority Source Page: CICA Annual Report and Accounts 2024-25 Document: (PDF) Transparency Found: In addition, we processed 2,703 SARs under the Data Protection Act 2018 and UK General Data Protection
Jul. 17 2025 Criminal Injuries Compensation Authority Source Page: CICA Annual Report and Accounts 2024-25 Document: (PDF) Transparency Found: In addition, we processed 2,703 SARs under the Data Protection Act 2018 and UK General Data Protection
Jul. 17 2025 Rural Payments Agency Source Page: Rural Payments Agency annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: Environmental Information Regulations 2004, and the General Data Protection Regulations (GDPR)/Data Protection Act
Jul. 17 2025 Health Services Safety Investigations Body Source Page: HSSIB annual report and accounts: 2024 to 2025 Document: (PDF) Transparency Found: information are responded to in compliance with the Health and Care Act 2022, the General Data Protection Act
Jul. 17 2025 NHS Counter Fraud Authority Source Page: NHS Counter Fraud Authority annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: subject to the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Jul. 17 2025 Valuation Office Agency Source Page: Valuation Office Agency annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: Information security In accordance with our responsibilities under the Data Protection Act 2018
Jul. 16 2025 British Transport Police Authority Source Page: British Transport Police Fund: statement of accounts 2024 to 2025 Document: (PDF) Transparency Found: The Commissioner considered that BTP had not complied with the Data Protection Act in two cases and
Jul. 15 2025 UK Research and Innovation Source Page: UKRI annual report and accounts, 2024 to 2025 Document: (PDF) Transparency Found: payments are not disclosed as doing so would conflict with UKRI’s legal obligation under the Data Protection Act
Jul. 15 2025 UK Research and Innovation Source Page: UKRI annual report and accounts, 2024 to 2025 Document: (PDF) Transparency Found: payments are not disclosed as doing so would conflict with UKRI’s legal obligation under the Data Protection Act
Jul. 15 2025 UK Research and Innovation Source Page: Research Councils’ pension schemes accounts, 2024 to 2025 Document: (PDF) Transparency Found: committed to protecting the personal data of RCPS members in accordance with the UK GDPR and the Data Protection Act
Jul. 15 2025 Homes England Source Page: Homes England Annual Report and Accounts 2024 and 2025 Document: (PDF) Transparency Found: Related Incidents Since 25 May 2018, under the UK General Data Protection Regulation and the Data Protection Act
Jul. 15 2025 Independent Reviewer of Terrorism Legislation Source Page: The Terrorism Acts in 2023 Document: (PDF) Transparency Found: data” 107. 106 Report of Metrics of Privacy Conference (14.11.18). 107 Section 205(1) Data Protection Act
Jul. 15 2025 Independent Reviewer of Terrorism Legislation Source Page: The Terrorism Acts in 2023 Document: (PDF) Transparency Found: terrorist manifesto, then it would appear to amount to biometric data. 107 Section 205(1) Data Protection Act
Jul. 15 2025 College of Policing Source Page: College of Policing Limited: annual report and accounts, 2023 to 2024 Document: (PDF) Transparency Found: Our responses to the public exercise of rights under the Data Protection Act 2018 and UK General Data
Jul. 15 2025 Office of Rail and Road Source Page: ORR annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: a data controller with the Information Commissioner and adheres to the provisions of the Data Protection Act
Jul. 15 2025 Office of Rail and Road Source Page: ORR annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: a data controller with the Information Commissioner and adheres to the provisions of the Data Protection Act
Jul. 15 2025 Office of Rail and Road Source Page: ORR annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: a data controller with the Information Commissioner and adheres to the provisions of the Data Protection Act
Jul. 14 2025 Single Source Regulations Office Source Page: SSRO Annual Report and Accounts 2024/25 Document: (PDF) Transparency Found: Information assurance The SSRO is a data controller under the Data Protection Act 2018 and is subject
Jul. 14 2025 Post Office Source Page: Post Office Limited: shareholder relationship framework document (July 2025) Document: (PDF) Transparency Found: information 14.2 The parties acknowledge that the Freedom of Information Act 2000 (“FOIA”), the Data Protection Act

Non-Departmental Publications - News and Communications
Jul. 23 2025 NS&I Source Page: NS&I Chair to step down Document: Framework Document (PDF) News and Communications Found: information is received by either party under the Freedom of Information Act 2000, or the Data Protection Act
Jul. 21 2025 Independent Water Commission Source Page: Roadmap to rebuild trust in water sector unveiled in major new report Document: Call for Evidence (PDF) News and Communications Found: about your individual rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Non-Departmental Publications - Guidance and Regulation
Jul. 23 2025 Office of Financial Sanctions Implementation Source Page: OFSI General Licence INT/2022/1679676 Document: (PDF) Guidance and Regulation Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act
Jul. 22 2025 Regulator of Social Housing Source Page: Memorandum of Understanding between the Regulator of Social Housing and The Health and Safety Executive (Building Safety Regulator) Document: (PDF) Guidance and Regulation Found: with arrangements under this MoU, each party will ensure that they fully comply with the Data Protection Act
Jul. 18 2025 Office of Financial Sanctions Implementation Source Page: OFSI General Licence - INT/2025/6641960 Document: (PDF) Guidance and Regulation Found: third parties only in compliance with the UK General Data Protection Regulation and the UK Data Protection Act
Jul. 17 2025 Government Legal Department Source Page: Guidance on the Model Services Contract Document: (PDF) Guidance and Regulation Found: informational and reporting obligations, including those under the Procurement Act 2023, the Data Protection Act
Jul. 17 2025 Department for Levelling Up, Housing and Communities Source Page: English Housing Survey: quality report Document: (PDF) Guidance and Regulation Found: handled in the strictest confidence as directed by the Code of Practice for Statistics, the Data Protection Act
Jul. 17 2025 Department for Levelling Up, Housing and Communities Source Page: English Housing Survey: quality report Document: (PDF) Guidance and Regulation Found: handled in the strictest confidence as directed by the Code of Practice for Statistics, the Data Protection Act
Jul. 17 2025 Department for Levelling Up, Housing and Communities Source Page: English Housing Survey: quality report Document: (PDF) Guidance and Regulation Found: handled in the strictest confidence as directed by the Code of Practice for Statistics, the Data Protection Act
Jul. 16 2025 Natural England Source Page: Volunteering with Natural England: support directory Document: Volunteering Promise (PDF) Guidance and Regulation Found: your volunteering role in accordance with General Data Protection Regulation (GDPR) and the Data Protection Act
Jul. 16 2025 Legal Aid Agency Source Page: Criminal Defence Direct Contract 2026 Document: (PDF) Guidance and Regulation Found: any Personal Data Breach; “Data Protection Impact Assessment” means as specified in the Data Protection Act

Non-Departmental Publications - Policy and Engagement
Jul. 21 2025 HM Revenue & Customs Source Page: Modernising and mandating tax adviser registration with HMRC Document: (PDF) Policy and Engagement Found: (6) In this section— “the data protection legislation” has the same meaning as in the Data Protection Act
Jul. 21 2025 HM Revenue & Customs Source Page: Enhancing HMRC’s powers: tackling tax adviser facilitated non-compliance Document: (PDF) Policy and Engagement Found: (meaning of “control”); “the data protection legislation” has the same meaning as in the Data Protection Act
Jul. 21 2025 HM Revenue & Customs Source Page: Proposals to close in on promoters of marketed tax avoidance Document: (PDF) Policy and Engagement Found: the purpose of this Chapter; “data protection legislation” has the same meaning as in the Data Protection Act
Jul. 21 2025 Medicines and Healthcare products Regulatory Agency Source Page: Medicines and Medical Devices Act 2021 – Stakeholder survey Document: (PDF) Policy and Engagement Found: Data Privacy This Review complies with data protection legislation including the Data Protection Act

Non-Departmental Publications - Research
Jul. 17 2025 HM Revenue & Customs Source Page: Agents, Small and Mid-Sized Businesses Customer Survey 2024 Document: (webpage) Research Found: mainstage fieldwork, in addition to the remaining sample which had not previously been used.Under Data Protection Act
Jul. 15 2025 HM Revenue & Customs Source Page: Research with traders 2020 to 2023 Document: (webpage) Research Found: throughout the organisation.Data Protection Act 2018Ipsos MORI is required to comply with the Data Protection Act
Jul. 15 2025 HM Revenue & Customs Source Page: Research with traders 2020 to 2023 Document: (webpage) Research Found: be awarded this in August 2008.The UK General Data Protection Regulation (GDPR) and the UK Data Protection Act
Jul. 15 2025 HM Revenue & Customs Source Page: Research with traders 2020 to 2023 Document: (webpage) Research Found: be awarded this in August 2008.The UK General Data Protection Regulation (GDPR) and the UK Data Protection Act
Jul. 15 2025 HM Revenue & Customs Source Page: Research into customs administrative burden (2017 and 2023) Document: (webpage) Research Found: be awarded this in August 2008.The UK General Data Protection Regulation (GDPR) and the UK Data Protection Act
Jul. 15 2025 HM Revenue & Customs Source Page: Research with traders 2020 to 2023 Document: (webpage) Research Found: be awarded this in August 2008.The UK General Data Protection Regulation (GDPR) and the UK Data Protection Act

Non-Departmental Publications - Open consultation
Jul. 15 2025 Intellectual Property Office Source Page: Consultation on Standard Essential Patents (SEPs) Document: (PDF) Open consultation Found: These are primarily the Freedom of Information Act 2000 2 (FOIA), the Data Protection Act 2018 3 (DPA
Jul. 15 2025 Intellectual Property Office Source Page: Consultation on Standard Essential Patents (SEPs) Document: (PDF) Open consultation Found: These are primarily the Freedom of Information Act 2000 2 (FOIA), the Data Protection Act 2018 3 (DPA

Arms Length Bodies Publications
Jul. 23 2025 NHS England Source Page: NHS FDP product data protection impact assessment – Cancer 360 Document: NHS FDP product data protection impact assessment – Cancer 360 (PDF) Data and statistics Found: Legal basis under UK GDPR & Data Protection Act 2018 (DPA 2018): Article 6 – Personal Data To be completed
Jul. 23 2025 NHS England Source Page: NHS FDP product data protection impact assessment – Timely Care Hub Document: NHS FDP product data protection impact assessment – Timely Care Hub (PDF) Data and statistics Found: Legal basis under UK GDPR & Data Protection Act 2018 (DPA 2018): Article 6 – Personal Data To be completed
Jul. 23 2025 NHS England Source Page: NHS FDP product data protection impact assessment – London Ambulance Service, My Clinical Feedback (LAS MCF) Document: NHS FDP product data protection impact assessment – London Ambulance Service (LAS) My Clinical Feedback (PDF) Regulatory Found: NHS Act 2006 LAS Dataset NHS Act 2006 NHS Act 2006 NHS Act 2006 Legal basis under UK GDPR & Data Protection Act
Jul. 23 2025 NHS England Source Page: NHS FDP product data protection impact assessment – Transport cancellation Document: NHS FDP product data protection impact assessment – Transport cancellation (PDF) Data and statistics Found: Legal basis under UK GDPR & Data Protection Act 2018 (DPA 2018): Article 6 – Personal Data To be completed
Jul. 23 2025 NHS England Source Page: NHS FDP product data protection impact assessment – Covid validated vaccination events Document: NHS FDP product data protection impact assessment – Covid validated vaccination events (VVEs) (PDF) Guidance Found: Social Care Act 2012 s.261(5)(d) and s.13Z3 (e) and (f) Legal basis under UK GDPR & Data Protection Act
Jul. 23 2025 NHS England Source Page: NHS FDP product data protection impact assessment – flu vaccination events Document: NHS FDP product data protection impact assessment – flu vaccination events (PDF) Guidance Found: and Social Care Act 2012 s.261(5)(d) and s.13Z3 (e) and (f) Legal basis under UK GDPR & Data Protection Act
Jul. 23 2025 NHS England Source Page: NHS FDP product data protection impact assessment – National vaccination programme reporting Document: NHS FDP product data protection impact assessment – National vaccination programme reporting (PDF) Guidance Found: Legal basis under UK GDPR & Data Protection Act 2018 (DPA 2018): Article 6 – Personal Data - Article
Jul. 23 2025 NHS England Source Page: NHS FDP product data protection impact assessment – Ambulance data services dashboard Document: NHS FDP product data protection impact assessment – Ambulance data services dashboard (ADS) (PDF) Data and statistics Found: and Social Care Act 2012 s261(5)(d) and s13Z3 (e) and (f) Legal basis under UK GDPR & Data Protection Act
Jul. 16 2025 NHS England Source Page: NHS FDP product data protection impact assessment (DPIA) – FDP national ontology Document: NHS FDP product data protection impact assessment – FDP national ontology (PDF) Data and statistics Found: Additional pseudonymised NMTR dataset to be ingested into Ontologies Legal basis under UK GDPR & Data Protection Act

Draft Secondary Legislation
The Financial Services and Markets Act 2023 (Mutual Recognition Agreement) (Switzerland) Regulations 2025 These Regulations implement provisions in the Agreement between the United Kingdom of Great Britain and Northern Ireland and the Swiss Confederation on Mutual Recognition in Financial Services done at Berne on 21st December 2023(52) (“the Agreement”). HM Treasury Found: . 2019/1043. (45)Section 391A of FSMA 2000 was amended by paragraph 50 of Schedule 2 to the Data Protection Act

Draft Secondary Legislation

The Financial Services and Markets Act 2023 (Mutual Recognition Agreement) (Switzerland) Regulations 2025
These Regulations implement provisions in the Agreement between the United Kingdom of Great Britain and Northern Ireland and the Swiss Confederation on Mutual Recognition in Financial Services done at Berne on 21st December 2023(52) (“the Agreement”).

HM Treasury

Found: . 2019/1043. (45)Section 391A of FSMA 2000 was amended by paragraph 50 of Schedule 2 to the Data Protection Act

Deposited Papers
Wednesday 23rd July 2025 Department for Transport Source Page: I. Executive Agency Framework Document: the Maritime and Coastguard Agency. Incl. annex. 50p. II. Letter dated 11/07/2025 from Mike Kane MP to the Deposited Papers Clerk regarding a document for deposit in the House libraries. 1p. Document: Accessible_241001-MCA_FD_FINAL__2_.pdf (PDF) Found: under the Freedom of Information Act 2000, the environmental information regulations, or the Data Protection Act
Wednesday 23rd July 2025 Home Office Source Page: Ransomware legislative proposals: reducing payments to cyber criminals and increasing incident reporting. Government response. Incl. annex. 89p. Document: Ransomware_legislative_proposals__22_July_2025_.pdf (PDF) Found: access to information regimes, primarily the Freedom of Information Act 2000 (FOIA) and the Data Protection Act
Friday 18th July 2025 Home Office Source Page: Identification of victims of modern slavery: call for evidence. 40p. Document: Identification_of_Victims_of_Modern_Slavery.pdf (PDF) Found: All information provided during the Call for Evidence will be held securely according to the Data Protection Act
Wednesday 16th July 2025 Source Page: What works to engage library non-users: mixed-mode research report. 88p. Document: What_works_to_engage_library_non-users.pdf (PDF) Found: The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 (DPA) Ipsos

Data Protection Act 2018 mentioned in Scottish results

Scottish Government Publications
Thursday 24th July 2025 Communications and Ministerial Support Directorate Source Page: Covid Counter-Fraud Commissioner correspondence: FOI release Document: Covid Counter-Fraud Commissioner correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulations and in section 34(1) of the Data Protection Act
Thursday 24th July 2025 Agriculture and Rural Economy Directorate Source Page: Former Crofting Commission CEO information: EIR release Document: Former Crofting Commission CEO information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 24th July 2025 International Trade and Investment Directorate Source Page: Documentation and correspondence regarding bank closures: FOI release Document: Documentation and correspondence regarding bank closures: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Energy and Climate Change Directorate Source Page: Briefing materials and minutes for the zonal pricing meeting: FOI Review Document: FOI 202500464189 - Information released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Source Page: First Minister and Eric Trump meeting notes: FOI release Document: First Minister and Eric Trump meeting notes: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Environment and Forestry Directorate Source Page: Managing radioactive waste from nuclear power plants documentation: EIR release Document: EIR 202500463938 - Information released - Annex A and B (PDF) Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Marine Directorate Source Page: Scottish National Marine Plan (NMP2) information: EIR release Document: Scottish National Marine Plan (NMP2) information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Marine Directorate Source Page: Sea fishing licence transfer information: EIR release Document: Sea fishing licence transfer information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Energy and Climate Change Directorate Source Page: Scottish Government correspondence with SSEN regarding overhead transmission line proposals: EIR release Document: Scottish Government correspondence with SSEN regarding overhead transmission line proposals: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Communications and Ministerial Support Directorate Source Page: Queries regarding draft responses to Freedom of Information requests: FOI release Document: FOI 202500464096 - Information released - Attachments (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Communications and Ministerial Support Directorate Source Page: Queries regarding draft responses to Freedom of Information requests: FOI release Document: Queries regarding draft responses to Freedom of Information requests: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Marine Directorate Source Page: Conduct of representatives of Salmon Scotland or of fish farming companies: FOI release Document: Conduct of representatives of Salmon Scotland or of fish farming companies: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 23rd July 2025 Source Page: A90 Swallow Hotel roundabout road safety audit information: EIR release Document: A90 Swallow Hotel roundabout road safety audit information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 22nd July 2025 Chief Nursing Officer Directorate Source Page: Personal Footcare Guidance equality impact assessment: FOI Review Document: Personal Footcare Guidance equality impact assessment: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 22nd July 2025 Marine Directorate Source Page: Scottish Quality Salmon Ltd information: EIR release Document: Scottish Quality Salmon Ltd information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 22nd July 2025 Marine Directorate Source Page: Scottish Quality Salmon Ltd information: EIR release Document: EIR 202500462487 - Information released - Documents 1 - 20 (PDF) Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act
Tuesday 22nd July 2025 Marine Directorate Source Page: Scottish Quality Salmon Ltd information: EIR release Document: EIR 202500462487 - Information released - Documents 41 - 57 (PDF) Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act
Tuesday 22nd July 2025 Marine Directorate Source Page: Scottish Quality Salmon Ltd information: EIR release Document: EIR 202500462487 - Information released - Documents 21 - 40 (PDF) Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act
Tuesday 22nd July 2025 Marine Directorate Source Page: Scottish Quality Salmon Ltd information: EIR release Document: EIR 202500462487 - Information released - Documents 60 - 68 (PDF) Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act
Tuesday 22nd July 2025 Equality, Inclusion and Human Rights Directorate Source Page: A Fairer Scotland for Older People report information: FOI release Document: A Fairer Scotland for Older People report information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 22nd July 2025 Strategy Directorate Source Page: Civic Gathering correspondence, attendees and costs: FOI release Document: Civic Gathering correspondence, attendees and costs: FOI release (webpage) Found: principles in Article 5 (1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 21st July 2025 Marine Directorate Source Page: Fisheries Management Strategy 2020-2030 delivery plan information: EIR release Document: Fisheries Management Strategy 2020-2030 delivery plan information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 21st July 2025 Marine Directorate Source Page: Fisheries Management Strategy 2020-2030 delivery plan information: EIR release Document: EIR 202500462876 - Information released - Annex (PDF) Found: information I give will be treated confidentially and securely, in accordance with the terms of the Data Protection Act
Monday 21st July 2025 Source Page: Cabinet Secretary for Finance and Local Government's letter to House of Commons Scottish Affairs Committee: FOI release Document: Cabinet Secretary for Finance and Local Government's letter to House of Commons Scottish Affairs Committee: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 21st July 2025 Source Page: Business Improvement Districts Policy Changes (BIDs): FOI release Document: FOI 202500456342 - Information Released - Documents (PDF) Found: as a breach of this agreement 5 5.3 The Grantee shall ensure that all requirements of the Data Protection Act
Monday 21st July 2025 Marine Directorate Source Page: Assynt and Coigach Protection Order Area queries: EIR release Document: Assynt and Coigach Protection Order Area queries: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 21st July 2025 Scottish Procurement and Property Directorate Source Page: Copies of Social Research Framework tenders: FOI release Document: FOI 202500463102 - Information released - Documents (PDF) Found: Data Handling Data Protection AECOM is compliant with the GDPR and is registered under the Data Protection Act
Monday 21st July 2025 Local Government and Housing Directorate Source Page: Ministerial meetings regarding reinforced autoclaved aerated concrete: EIR release Document: Ministerial meetings regarding reinforced autoclaved aerated concrete: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 21st July 2025 Local Government and Housing Directorate Source Page: Passivhaus energy efficiency standards correspondence: FOI release Document: Passivhaus energy efficiency standards correspondence: FOI release (webpage) Found: individuals, and disclosing it would contravene the data protection principles in Schedule 1 to the Data Protection Act
Monday 21st July 2025 Agriculture and Rural Economy Directorate Source Page: Animals and Wildlife (Penalties, Protections And Powers) (Scotland) Act 2020: information sharing report Document: The Animals and Wildlife (Penalties, Protections And Powers) (Scotland) Act 2020: Information Sharing Report (PDF) Found: comply with data protection rules under the UK General Data Protection Regulation and the Data Protection Act
Monday 21st July 2025 Source Page: Progress in International Reading Literacy Study (PIRLS) - 2026 - Privacy Notice Document: PIRLS 2026 Privacy Notice Word version (webpage) Found: for making sure that the way your data is collected and used meets the requirements of the Data Protection Act
Monday 21st July 2025 Source Page: Progress in International Reading Literacy Study (PIRLS) - 2026 - Privacy Notice Document: PIRLS 2026 Privacy Notice PDF (PDF) Found: for making sure that the way your data is collected and used meets the requirements of the Data Protection Act
Friday 18th July 2025 Chief Medical Officer Directorate Source Page: A Common Understanding 2025 Document: A Common Understanding 2025 Working Together for the People of Scotland (PDF) Found: includes, but is not limited to, the UK General Data Protection Regulation (UKGDPR) and the Data Protection Act
Thursday 17th July 2025 Source Page: Appointment of Chief Planning Officers communications: FOI Review Document: Appointment of Chief Planning Officers communications: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 17th July 2025 Source Page: Scottish Income Tax operation by HMRC: service level agreement Document: Scottish Income Tax operation by HMRC: service level agreement (webpage) Found: wider data protection law, including the General Data Protection Regulation (GDPR) and the Data Protection Act
Thursday 17th July 2025 Source Page: Scottish Income Tax operation by HMRC: service level agreement Document: Service level agreement for Scottish Income Tax by HMRC (PDF) Found: wider data protection law, including the General Data Protection Regulation (GDPR) and the Data Protection Act
Thursday 17th July 2025 Equality, Inclusion and Human Rights Directorate Source Page: Single-sex spaces (Public Sector) speech information: FOI Review Document: Single-sex spaces (Public Sector) speech information: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 17th July 2025 Communications and Ministerial Support Directorate Source Page: Scottish Government request responses and use of free & frank advice exception: FOI release Document: Scottish Government request responses and use of free & frank advice exception: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 17th July 2025 Communications and Ministerial Support Directorate Source Page: Scottish Government request responses and use of free & frank advice exception: FOI release Document: FOI 202500461547 - Information released - Annex (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 17th July 2025 Source Page: Environmental Standards Scotland (ESS) investigation: EIR Review Document: Environmental Standards Scotland (ESS) investigation: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Source Page: Design and approval materials of the Cockplay woodland development: EIR release Document: Design and approval materials of the Cockplay woodland development: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Source Page: Adult Disability Payment recipients removed from caseload: FOI release Document: Adult Disability Payment recipients removed from caseload: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Economic Development Directorate Source Page: Paisley manufacturing centre visit documentation: FOI release Document: Paisley manufacturing centre visit documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Source Page: Cockplay woodland scheme Environmental Impact Assessments: EIR release Document: Cockplay woodland scheme Environmental Impact Assessments: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Energy and Climate Change Directorate Source Page: Heat in Buildings Bill correspondence: EIR release Document: Heat in Buildings Bill correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Communications and Ministerial Support Directorate Source Page: Correspondence regarding Elon Musk and President Carter: FOI release Document: Correspondence regarding Elon Musk and President Carter: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Marine Directorate Source Page: Correspondence related to external requests received concerning a previous response: EIR release Document: Correspondence related to external requests received concerning a previous response: EIR release (webpage) Found: data subject, and so it is subject to the General Data Protection Regulation (GDPR) and the Data Protection Act
Wednesday 16th July 2025 Communications and Ministerial Support Directorate Source Page: Supplementary question information regarding Portfolio Question sessions: FOI Review Document: Supplementary question information regarding Portfolio Question sessions: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in Section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Marine Directorate Source Page: Western Landfall change of location information: EIR release Document: Western Landfall change of location information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 Source Page: Todrig woodland scheme consultation information: EIR release Document: EIR 202500459951 - Information released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 16th July 2025 People Directorate Source Page: Transgender Day of Visibility: FOI release Document: Transgender Day of Visibility: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 15th July 2025 Source Page: Scottish Child Payment (SCP) applicant statistics: FOI release Document: Scottish Child Payment (SCP) applicant statistics: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 15th July 2025 Social Security Directorate Source Page: Correspondence regarding minimum income guarantee: FOI release Document: Correspondence regarding minimum income guarantee: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 15th July 2025 Marine Directorate Source Page: Correspondence between Scottish Government and SalMar Aker Ocean: EIR Review Document: Correspondence between Scottish Government and SalMar Aker Ocean: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 15th July 2025 Source Page: A90 trunk road pedestrian overbridges: FOI release Document: A90 trunk road pedestrian overbridges: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 15th July 2025 Chief Operating Officer, NHS Scotland Directorate Source Page: Correspondence for the Remote, Rural and Islands Overarching Task & Finish Group: FOI release Document: Correspondence for the Remote, Rural and Islands Overarching Task & Finish Group: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 14th July 2025 Agriculture and Rural Economy Directorate Source Page: Agri Environmental Climate Scheme - planting or replanting of hedges data: EIR release Document: Agri Environmental Climate Scheme - planting or replanting of hedges data: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 14th July 2025 Chief Operating Officer, NHS Scotland Directorate Source Page: Ministerial correspondence relating to the Scottish Government’s National Treatment Centres: FOI Review Document: Ministerial correspondence relating to the Scottish Government’s National Treatment Centres: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 14th July 2025 Chief Operating Officer, NHS Scotland Directorate Source Page: Communications from Aberdeen Royal Infirmary or NHS Grampian in relation to the incident declared on 29 November 2024: FOI release Document: Communications from Aberdeen Royal Infirmary or NHS Grampian in relation to the incident declared on 29 November 2024: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 14th July 2025 Source Page: First Minister correspondence including phrase "full fiscal autonomy": FOI release Document: First Minister correspondence including phrase "full fiscal autonomy": FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Friday 11th July 2025 Source Page: Land and Buildings Transaction Tax - Property Investment Funds Document: Land and Buildings Transaction Tax Property Investment Funds (PDF) Found: prohibits, restricts access or relates to the disclosure of that information, for example the Data Protection Act
Friday 11th July 2025 Marine Directorate Source Page: Sea fisheries - operations and access: privacy notice Document: Sea fisheries - operations and access: privacy notice (webpage) Found: purposes.Where this is the case, the processing will be in accordance with the UK GDPR and Data Protection Act
Thursday 10th July 2025 Agriculture and Rural Economy Directorate Source Page: Breakdown of spend on IT systems and external consultancy services since 2016: FOI release Document: Breakdown of spend on IT systems and external consultancy services since 2016: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 10th July 2025 Energy and Climate Change Directorate Source Page: Suspensive condition to address outstanding Ministry of Defence objections for undetermined Section 36 applications: EIR release Document: Suspensive condition to address outstanding Ministry of Defence objections for undetermined Section 36 applications: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 10th July 2025 Lifelong Learning and Skills Directorate Source Page: Repairing Glasgow School of Art's Mackintosh Building: FOI release Document: Repairing Glasgow School of Art's Mackintosh Building: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 10th July 2025 Source Page: Capital spending and budget: FOI release Document: Capital spending and budget: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 9th July 2025 Source Page: Special Adviser's correspondence which includes the phrase “full fiscal autonomy”: FOI release Document: Special Adviser's correspondence which includes the phrase “full fiscal autonomy”: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 9th July 2025 Source Page: Director of Fiscal Sustainability and Exchequer Development correspondence on Full Fiscal Autonomy: FOI release Document: Director of Fiscal Sustainability and Exchequer Development correspondence on Full Fiscal Autonomy: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 9th July 2025 Source Page: Director General Scottish Exchequer correspondence including phrase "full fiscal autonomy": FOI release Document: Director General Scottish Exchequer correspondence including phrase "full fiscal autonomy": FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Tackling Child Poverty and Social Justice Directorate Source Page: Studies to improve data collection on quality of Scottish rental properties: FOI Review Document: FOI 202500458787 - Information released - Documents (PDF) Found: legitimised by the controller’s statutory obligations and is processed in accordance with the Data Protection Act
Tuesday 8th July 2025 Tackling Child Poverty and Social Justice Directorate Source Page: Studies to improve data collection on quality of Scottish rental properties: FOI Review Document: Studies to improve data collection on quality of Scottish rental properties: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Source Page: Information relative to the A83 east of Kilmory Roundabout in Lochgilphead: EIR release Document: Information relative to the A83 east of Kilmory Roundabout in Lochgilphead: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Source Page: Documentation and correspondence regarding Eric Trump meeting: FOI release Document: Documentation and correspondence regarding Eric Trump meeting: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Source Page: Abolition of peak rail fares correspondence with Green Members of Parliament: FOI release Document: FOI 202500456511 - Information released - Documents (PDF) Found: the requirements of the General Data Protection Regulation (EU) 2016/679 (the GDPR), the Data Protection Act
Tuesday 8th July 2025 Source Page: First Minister and Eric Trump meeting information: FOI release Document: First Minister and Eric Trump meeting information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Environment and Forestry Directorate Source Page: Stobo Woodland Creation scheme: EIR release Document: EIR 202500453790 - Information released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Equality, Inclusion and Human Rights Directorate Source Page: Human Rights Bill for Scotland documents that relate to the right for food: FOI release Document: FOI 202500458689 - Information released - Annex C (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Energy and Climate Change Directorate Source Page: Exploration for oil and gas and low-carbon jobs correspondence: EIR release Document: Exploration for oil and gas and low-carbon jobs correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Energy and Climate Change Directorate Source Page: Briefing materials prepared for the former Minister for Climate Action for the “Supporting Households with Cost of Living” debate: FOI release Document: FOI 202500458276 - Information released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 8th July 2025 Source Page: Correspondence for meeting with Eric Trump: FOI release Document: Correspondence for meeting with Eric Trump: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 7th July 2025 Communications and Ministerial Support Directorate Source Page: Training materials for the application of Freedom Of Information (Scotland) Act exemptions: FOI release Document: FOI 202500460007 - Information released - Documents 1 - 3 (PDF) Found: [6] But exemption is not absolute if: • disclosure would contravene s.10 of Data Protection Act 1998
Monday 7th July 2025 Source Page: Documentation regarding civil servants working a 35 hour week: FOI release Document: Documentation regarding civil servants working a 35 hour week: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 7th July 2025 Energy and Climate Change Directorate Source Page: Correspondence between Energy Consents Unit and Logan Property Management regarding Braidfield Energy Storage Project: EIR release Document: Correspondence between Energy Consents Unit and Logan Property Management regarding Braidfield Energy Storage Project: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 7th July 2025 Source Page: TV programme "River City" correspondence: FOI release Document: TV programme "River City" correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 7th July 2025 Local Government and Housing Directorate Source Page: Council tax relief funding information: FOI Review Document: Council tax relief funding information: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 7th July 2025 Economic Development Directorate Source Page: South of Scotland Enterprise (SoSE) documentation: FOI Review Document: South of Scotland Enterprise (SoSE) documentation: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 7th July 2025 Local Government and Housing Directorate Source Page: Business rates relief for hospitality business information: FOI release Document: Business rates relief for hospitality business information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 7th July 2025 Energy and Climate Change Directorate Source Page: First Minister visit to St Fergus Gas Terminal documentation: EIR release Document: First Minister visit to St Fergus Gas Terminal documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 3rd July 2025 Source Page: Scottish Forestry Spring/Summer Forestry Plans at Dalbuaick: EIR release Document: Scottish Forestry Spring/Summer Forestry Plans at Dalbuaick: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 3rd July 2025 Source Page: City of Edinburgh Council’s proposed Supplementary Guidance on Developer Contributions and Infrastructure Delivery for City Plan 2030 information: EIR Review Document: City of Edinburgh Council’s proposed Supplementary Guidance on Developer Contributions and Infrastructure Delivery for City Plan 2030 information: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 2nd July 2025 Marine Directorate Source Page: Ocean Farm 2 working group information: EIR release Document: Ocean Farm 2 working group information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 2nd July 2025 Local Government and Housing Directorate Source Page: Rent pressure zone and rent control information: FOI release Document: Rent pressure zone and rent control information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 2nd July 2025 Marine Directorate Source Page: Cabinet Secretary for Rural Affairs, Land Reform and Islands briefing notes on salmon farming debate: EIR release Document: Cabinet Secretary for Rural Affairs, Land Reform and Islands briefing notes on salmon farming debate: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 2nd July 2025 Safer Communities Directorate Source Page: User Guide to Recorded Crime Statistics in Scotland Document: User guide to Recorded Crime Statistics in Scotland, 2024-25 (PDF) Found: telecommunications offs • Disclosure of information • Interception of Communications Act 1984 • Data Protection Act
Tuesday 1st July 2025 Marine Directorate Source Page: Correspondence between BP employees and Scottish Government: EIR release Document: Correspondence between BP employees and Scottish Government: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 Children and Families Directorate Source Page: Scotland's Redress Scheme – 2025 Combined Annual Report Document: Scotland’s Redress Scheme – 2025 Combined Annual Report (PDF) Found: processes in place to support the individual’s right to access their own personal data under the Data Protection Act
Monday 30th June 2025 Source Page: Information regarding footpath upgrade between Borders General Hospital and Tweedbank roundabout: EIR release Document: Information regarding footpath upgrade between Borders General Hospital and Tweedbank roundabout: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 Propriety and Ethics Directorate Source Page: Correspondence between the Deputy Director of Propriety and Ethics and the former Permanent Secretary: FOI release Document: Correspondence between the Deputy Director of Propriety and Ethics and the former Permanent Secretary: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 External Affairs Directorate Source Page: Correspondence regarding visit by the son of the President of the United States: FOI release Document: Correspondence regarding visit by the son of the President of the United States: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 External Affairs Directorate Source Page: First Minister's meeting with the son of the President of the United States: FOI release Document: First Minister's meeting with the son of the President of the United States: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 External Affairs Directorate Source Page: Meetings with the son of the President of the United States: FOI release Document: Meetings with the son of the President of the United States: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 People Directorate Source Page: Documentation regarding hiring a new Permanent Secretary: FOI release Document: Documentation regarding hiring a new Permanent Secretary: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 Economic Development Directorate Source Page: Ministerial communications to Scottish public bodies on due diligence: FOI release Document: Ministerial communications to Scottish public bodies on due diligence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 External Affairs Directorate Source Page: Materials from First Minister's meeting with the son of the President of the United States: FOI release Document: Materials from First Minister's meeting with the son of the President of the United States: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 Source Page: Documentation and correspondence on 20 minute neighbourhoods: EIR release Document: Documentation and correspondence on 20 minute neighbourhoods: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 30th June 2025 People Directorate Source Page: Documentation regarding hiring a new Permanent Secretary: FOI release Document: FOI 202500457706 - Information released - Attachments (PDF) Found: All details are held in accordance with the Data Protection Act.
Monday 30th June 2025 Chief Operating Officer, NHS Scotland Directorate Source Page: Implementation support note on managing the long-term effects of COVID-19 materials: FOI release Document: Implementation support note on managing the long-term effects of COVID-19 materials: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 26th June 2025 Learning Directorate Source Page: Health and Wellbeing Census for schools correspondence: FOI release Document: FOI 202500456336 - Information released - Annex (PDF) Found: process your personal data in line with the UK General Data Protection Regulation 2018 and the Data Protection Act
Thursday 26th June 2025 Source Page: Queries concerning the minimum amount of time data is stored for: FOI release Document: FOI 202500456898 - Information released - Retention Schedule (Excel) Found: For Law Enforcement processing, Data Protection Act 2018, section 67.
Thursday 26th June 2025 Source Page: Queries concerning the minimum amount of time data is stored for: FOI release Document: Queries concerning the minimum amount of time data is stored for: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 26th June 2025 Source Page: Queries concerning the minimum amount of time data is stored for: FOI release Document: FOI 202500456898 - Information released - Retention and Disposal Policy (PDF) Found: Under UK General Data Protection Regulation (UK GDPR) and the Data Protection Act (DPA) 2018, personal
Thursday 26th June 2025 External Affairs Directorate Source Page: Separate Scottish visa documentation: FOI release Document: Separate Scottish visa documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 26th June 2025 Communications and Ministerial Support Directorate Source Page: Correspondence between First Minister and Nicola Sturgeon MSP: FOI release Document: Correspondence between First Minister and Nicola Sturgeon MSP: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Source Page: Scottish Forestry salary band information: FOI release Document: Scottish Forestry salary band information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Economic Development Directorate Source Page: GFG group senior management team correspondence: FOI release Document: GFG group senior management team correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Energy and Climate Change Directorate Source Page: Energy and Climate Change Directorate communications on energy, oil and gas taxation and climate policy: EIR release Document: Energy and Climate Change Directorate communications on energy, oil and gas taxation and climate policy: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Energy and Climate Change Directorate Source Page: Environmental Standards Scotland (ESS) sewage report correspondence: EIR release Document: Environmental Standards Scotland (ESS) sewage report correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Education Reform Directorate Source Page: Instrumental music tuition correspondence with Scottish Local Authorities: FOI release Document: Instrumental music tuition correspondence with Scottish Local Authorities: FOI release (webpage) Found: principes in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Energy and Climate Change Directorate Source Page: GB Energy and Aberdeen Hydrogen Hub documentation: EIR release Document: GB Energy and Aberdeen Hydrogen Hub documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Source Page: New Deal for Business Group meeting correspondence: FOI release Document: New Deal for Business Group meeting correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Tackling Child Poverty and Social Justice Directorate Source Page: Evaluation of the Family Wellbeing Partnership in Clackmannanshire Document: Family Wellbeing Partnership Evaluation - Full Report (PDF) Found: The project team has complied with data protection regulations (GDPR and Data Protection Act 1998) with
Tuesday 24th June 2025 Economic Development Directorate Source Page: Sutherland space port documentation: FOI release Document: Sutherland space port documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Source Page: A737 Dalry Bypass scope of works: EIR release Document: A737 Dalry Bypass scope of works: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th June 2025 Source Page: Correspondence relating to meetings with representatives of Israeli embassy and the Israeli government: FOI Appeal Document: Correspondence relating to meetings with representatives of Israeli embassy and the Israeli government: FOI Appeal (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd June 2025 Source Page: Abolition of peak ScotRail fares correspondence: FOI release Document: Abolition of peak ScotRail fares correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Data Protection Act 2018 mentioned in Welsh results

Welsh Committee Publications
Wednesday 25th June 2025 PDF - Letter from the Leader of Cardiff Council to the Chair in relation to the Bus Services (Wales) Bill - 25 June 2025 Inquiry: Report on the Bus Services (Wales) Bill Found: SWYDDFA’R ARWEINYDD LEADER'S OFFICE Your information is processed under the Data Protection Act 2018
Friday 7th February 2025 PDF - Marshalled List of Amendments - 7 February 2025 Inquiry: Report on the Welsh Language and Education (Wales) Bill Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act
Wednesday 5th February 2025 PDF - Notice of Amendments (v3) - 5 February 2025 Inquiry: Report on the Welsh Language and Education (Wales) Bill Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act
Tuesday 21st January 2025 PDF - Welsh Government Response - 21 January 2025 Inquiry: Children on the Margins Found: share information in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act
PDF - Notice of Amendments – 10 March 2023 Inquiry: Report on the Agriculture (Wales) Bill Found: (3) In this section “data protection legislation” has the same meaning as in the Data Protection Act
PDF - Marshalled list of Amendments – 23 March 2023 Inquiry: Report on the Agriculture (Wales) Bill Found: (3) In this section “data protection legislation” has the same meaning as in the Data Protection Act
PDF - report Inquiry: Report on the Agriculture (Wales) Bill Found: provisions are compliant with the data protection principles enshrined in the UK GDPR and the Data Protection Act
PDF - response Inquiry: Report on the Agriculture (Wales) Bill Found: provisions are compliant with the data protection principles enshrined in the UK GDPR and the Data Protection Act
PDF - Revised Explanatory Memorandum Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: sharing, it is intended that the Commission will be a public authority for the purposes of the Data Protection Act
PDF - Revised Explanatory Memorandum Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: sharing, it is intended that the Commission will be a public authority for the purposes of the Data Protection Act
PDF - Letter from the Counsel General and Minister for the Constitution – 10 November 2023 Inquiry: Elections and Elected Found: duty into account) contravene the data protection legislation within the meaning of the Data Protection Act
PDF - Elections and Elected Bodies (Wales) Bill Inquiry: Elections and Elected Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act
PDF - Elections and Elected Bodies (Wales) Bill Inquiry: Elections and Elected Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act
PDF - Elections and Elected Bodies (Wales) Bill Inquiry: Elections and Elected Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act
PDF - Explanatory Memorandum Inquiry: Elections and Elected Found: duty into account) contravene the data protection legislation within the meaning of the Data Protection Act
PDF - Explanatory Memorandum Inquiry: Elections and Elected Found: duty into account) contravene the data protection legislation within the meaning of the Data Protection Act
PDF - Notice of amendments Inquiry: Report on the Welsh Language and Education (Wales) Bill Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act
PDF - Marshalled List of Amendments Inquiry: Report on the Welsh Language and Education (Wales) Bill Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act
PDF - responded Inquiry: Hospital discharge and its impact on patient flow through hospitals Found: used in line with the requirements of the UK General Data Protection Regulation (UKGDPR), the Data Protection Act
PDF - 7 March 2025 Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Data (Use and Access) Bill Found: provided by UK legislation set out in the General Data Protection Regulation (GDPR) and the Data Protection Act
PDF - Culture, Communications, Welsh Language, Sport, and International Relations Committee Report: The Data Protection and Digital Information (No. 2) Bill Legislative Consent Memoranda No.1 and No.2 - July 2023 Inquiry: The Welsh Government’s Legislative Consent Found: This code must be consistent with the data sharing code prepared and issued under the Data Protection Act
PDF - report Inquiry: The Welsh Government’s Legislative Consent Found: exemption to the Information Commissioner’s assessment notices powers under section 147(6) of the Data Protection Act
PDF - wrote Inquiry: The Welsh Government’s Legislative Consent Found: Bill, clause 41 Interview Notices (clause 38 as introduced) inserts new provisions into the Data Protection Act
PDF - responded Inquiry: The Welsh Government’s Legislative Consent Found: Response: Clause 41 Interview Notices (clause 38 as introduced) inserts new provisions into the Data Protection Act
PDF - report Inquiry: The Welsh Government’s Legislative Consent Found: The GDPR works in tandem with the UK’s Data Protection Act 2018 (the DPA 2018) to govern the processing
PDF - responded to the report Inquiry: The Welsh Government’s Legislative Consent Found: currently in place across the EU and the UK (the General Data Protection Regulation (GDPR) and the Data Protection Act
PDF - Legislative Consent Memorandum Inquiry: The Welsh Government’s Legislative Consent Found: The UK’s Data Protection Act (DPA) 2018 received Royal Assent around the same time, and both pieces
PDF - 2 January 2025 Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Data (Use and Access) Bill Found: interacts with a wide range of other key legislation: • Births and Deaths Registration Act 1953 • Data Protection Act
PDF - Supplementary Legislative Consent Memorandum Inquiry: Procurement Bill Found: been included after clause 88 (Data protection), which seeks to give assurances that the Data Protection Act
PDF - Supplementary Legislative Consent Memorandum Inquiry: The Welsh Government’s Legislative Consent Memoranda Found: UK Government amendments 65 and 66 remove a cross reference to s183A of the Data Protection Act 2018
PDF - The Retained EU Law (Revocation and Reform) Act 2023 (Consequential Amendment) Regulations 2023 Inquiry: Report on the Statutory Instrument Consent Memorandum for The Retained EU Law (Revocation and Reform) Act 2023 (Consequential Amendment) Regulations 2023 Found: Economy Act 2017 (c. 30), and was amended by paragraph 135(4) and (5) of Schedule 19(1) to the Data Protection Act
PDF - Tertiary Education and Research (Wales) Bill, as amended at Stage 3 Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: legislation. 10 (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act
PDF - Tertiary Education and Research (Wales) Bill, as passed Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act
PDF - Explanatory Memorandum Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: sharing, it is intended that the Commission will be a public authority for the purposes of the Data Protection Act
PDF - Elections and Elected Bodies (Wales) Bill - as amended at Stage 2 Inquiry: Elections and Elected Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act
PDF - Elections and Elected Bodies (Wales) Bill - as amended Stage 3 Inquiry: Elections and Elected Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act
PDF - Elections and Elected Bodies (Wales) Bill - as passed Inquiry: Elections and Elected Found: the duty into account) contravene the data protection legislation (within the meaning of the Data Protection Act
PDF - Elections and Elected Bodies (Wales) Bill Inquiry: Elections and Elected Found: duty into account) contravene the data protection legislation 20 (within the meaning of the Data Protection Act
PDF - Marshalled list of amendments Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: (3) In this section, “data pr otection legislation” has the same meaning as in the Data Protection Act
PDF - Tertiary Education and Research (Wales) Bill Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: legislation. 10 (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act
PDF - Tertiary Education and Research (Wales) Bill Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act
PDF - Explanatory Memorandum Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: sharing, it is intended that the Commission will be a public authority for the purposes of the Data Protection Act
PDF - Purpose and Effect table Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act
PDF - Notice of amendments Inquiry: Report on the Tertiary Education and Research (Wales) Bill Found: (3) In this section, “data protection legislation” has the same meaning as in the Data Protection Act
PDF - On the 21 January the Committee received a response Inquiry: Children on the Margins Found: share information in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act
PDF - Comparison of Schedule 5 Agriculture Act 2020 provisions against Agriculture (Wales) Bill provisions - 5 October 2022 Inquiry: Report on the Agriculture (Wales) Bill Found: (3)In this paragraph “data protection legislation” has the same meaning as in the Data Protection Act
PDF - Letter from the Minister for Rural Affairs and North Wales, and Trefnydd – 24 October 2022 Inquiry: Report on the Agriculture (Wales) Bill Found: provisions are compliant with the data protection principles enshrined in the UK GDPR and the Data Protection Act
PDF - 24 March 2025 Inquiry: Legislative Consent: Children’s Wellbeing and Schools Bill Found: Education Act 2002 • The Academies Act 2010 • School Standards and Framework Act 1998 • Data Protection Act
PDF - 01 May 2025 Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Data (Use and Access) Bill Found: provided by UK legislation set out in the General Data Protection Regulation (GDPR) and the Data Protection Act
PDF - Explanatory Memorandum Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: or use of information that would contravene data protection legislation, as defined by the Data Protection Act
PDF - Homelessness and Social Housing Allocation (Wales) Bill, as introduced Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: information which would contravene data protection legislation (within the meaning of the Data Protection Act
PDF - EM - The Legislative Reform (Disclosure of Adult Social Care Data) Order 2025 Inquiry: Report on the Statutory Instrument Consent Memorandum for the Legislative Reform (Disclosure of Adult Social Care Data) Order 2025 Found: Data Protection Act 2018).

Welsh Government Publications
Friday 4th July 2025 Source Page: Distribution Sub Group meeting: 4 July 2025 Document: Paper 09 (PDF) Found: Data was supplied via postcodes and handled in accordance with the 1998 Data Protection Act with special
Thursday 19th June 2025 Source Page: Patterns of attainment in reading and numeracy: September 2018 to August 2024 Document: Patterns of attainment in reading and numeracy: September 2018 to August 2024 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 17th June 2025 Source Page: Homelessness and Social Housing Allocation (Wales) Bill: impact assessments Document: Data protection impact assessment (webpage) Found: Section 8 of the Data Protection Act 2018 (“the 2018 Act”) supplements Article 6(1) of the UK GDPR by
Monday 16th June 2025 Source Page: FOI release 24727: Wales and West Housing Association Document: Doc 1 (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Monday 16th June 2025 Source Page: FOI release 24727: Wales and West Housing Association Document: Doc 2 (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Monday 16th June 2025 Source Page: FOI release 24727: Wales and West Housing Association Document: Wales and West Housing Association (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 11th June 2025 Source Page: FOI release 24708: Staff policies Document: Doc 1 (PDF) Found: Act 2010 4.2 Gender Recognition Act 2004 4.3 UK General Data Protection Regulation and Data Protection Act
Wednesday 11th June 2025 Source Page: FOI release 24699: Indian Office Document: Indian Office (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Monday 9th June 2025 Source Page: FOI release 24700: Planning Applications Document: Planning Applications (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Friday 6th June 2025 Source Page: FOI release 24466: Planning inspectors Document: Internal Review (PDF) Found: data protection principles, or (b) would do so if the exemptions in section 24(1) of the Data Protection Act
Friday 6th June 2025 Source Page: FOI release 24466: Planning inspectors Document: Planning inspectors (PDF) Found: dictated by data protection regulations; General Data Protection Regulations UK (UK GDPR) and Data Protection Act
Wednesday 4th June 2025 Source Page: FOI release 24689: Brexit Document: Brexit (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 3rd June 2025 Source Page: FOI release 24688: Newtown Bypass Document: Newtown Bypass (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 3rd June 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 23 May 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 23 May 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 20th May 2025 Source Page: FOI release 24539: Free School Meals Document: Free School Meals (PDF) Found: Education Act 1996 and that their processing of personal data is in line with UK GDPR and the Data Protection Act
Monday 19th May 2025 Source Page: Small Grants – Environment (water): general rules booklet 2025 Document: Small Grants – Environment (water): general rules booklet 2025 (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act
Monday 19th May 2025 Source Page: FOI release 23214: River Basin Management Plans Document: River Basin Management Plans (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 19th May 2025 Source Page: Rights, respect, equality anti-bullying guidance Document: Rights, respect, equality: statutory guidance for schools and settings (draft) (PDF) Found: protection legislation, such as the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act
Monday 19th May 2025 Source Page: Development management manual Document: Development management manual (without annexes) (PDF) Found: However, under the Data Protection Act 1998, the addresses and other contact information of private
Thursday 15th May 2025 Source Page: Commons Act 2006: apply under section 38 Document: Commons Act 2006: apply under section 38 (PDF) Found: Organisation (if applicable) Date You must keep a copy of your completed form Data Protection Act
Wednesday 14th May 2025 Source Page: Welsh Government’s standard conditions for the supply of services Document: Standard conditions for the supply of services (PDF) Found: this Contract in respect of which such Party is liable to the other; DPA 2018 means the Data Protection Act
Monday 12th May 2025 Source Page: Partnership arrangements for care and support: guidance Document: Part 9 statutory guidance: partnership arrangements (PDF) Found: other duties, including its duties under the General Data Protection Regulations 2018, the Data Protection Act
Thursday 8th May 2025 Source Page: Assets Collaboration Programme Wales Phase 3 (ACPW3): grant offer letter Document: Grant offer letter (webpage) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Wednesday 7th May 2025 Source Page: Access Broadband Cymru: sample standard grant letter Document: Access Broadband Cymru: sample standard grant letter (webpage) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Tuesday 6th May 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 25 April 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 25 April 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 28th April 2025 Source Page: Iaith Athrawon Yfory Incentive Scheme: guidance for ITE partnerships from 2023 and 2024 Document: Iaith Athrawon Yfory Incentive Scheme: guidance for ITE partnerships from 2023 and 2024 (webpage) Found: Information Regulations 2004 (the “EIR”) the General Data Protection Regulation (GDPR) and Data Protection Act
Monday 28th April 2025 Source Page: National multi-agency practice framework for children’s services Document: National multi-agency practice framework for children’s services (webpage) Found: their legal obligations, namely the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Thursday 24th April 2025 Source Page: FOI release 24584: Ceredigion Local Development Plan Document: Doc 1 (PDF) Found: Under the UK GDPR, Data Protection Act 2018 and the Freedom of Information Act 2000 the contents of
Thursday 24th April 2025 Source Page: FOI release 24584: Ceredigion Local Development Plan Document: Ceredigion Local Development Plan (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 22nd April 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 11 April 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 11 April 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Wednesday 16th April 2025 Source Page: Bus Services (Wales) Bill 2020 (withdrawn): integrated impact assessment Document: Bus Services (Wales) Bill 2020 (withdrawn): integrated impact assessment (PDF) Found: will process personal data, or require another organisation to do so, must comply with the Data Protection Act
Monday 14th April 2025 Source Page: FOI release 24421: Swansea maternity services Document: Swansea maternity services (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Friday 11th April 2025 Source Page: Standard for digital health identity verification in primary care Document: The NHS Wales digital health identity standard for primary care (NHS login) (PDF) Found: have a legal requirement: • to adhere to the General Data Protection Regulation (GDPR), Data Protection Act
Thursday 10th April 2025 Source Page: Young people not in education, employment or training (NEET): 2024 Document: Young people not in education, employment or training (NEET): 2024 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 8th April 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 28 March 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 28 March 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 7th April 2025 Source Page: FOI release 24503: Godre'r Graig Primary School Document: Doc 2 (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Wednesday 2nd April 2025 Source Page: FOI release 23323: Tertiary Education Document: Tertiary Education (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Friday 28th March 2025 Source Page: FOI release 24464: Hendy Wind Farm Document: Hendy Wind Farm (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Friday 28th March 2025 Source Page: Food Business Accelerator scheme: pre-qualification form Document: Food Business Accelerator scheme: pre-qualification form (PDF) Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004, Data Protection Act
Friday 28th March 2025 Source Page: Welsh Revenue Authority equality report 2025 Document: Welsh Revenue Authority equality report 2025 (webpage) Found: great importance on protecting people’s privacy and their data in full compliance with the Data Protection Act
Friday 28th March 2025 Source Page: FOI release 24479: Misoprostol Document: Misoprostol (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Thursday 27th March 2025 Source Page: Relative income poverty: April 2023 to March 2024 Document: Relative income poverty: April 2023 to March 2024 (webpage) Found: are presented impartially and objectively and are in accordance with the requirements of the Data Protection Act
Wednesday 26th March 2025 Source Page: Eliminating profit from the care of looked after children: data protection impact assessment Document: Data protection impact assessment (PDF) Found: In our view the requirements of section 10 of and paragraph 1 of Schedule 1 to the Data Protection Act
Tuesday 25th March 2025 Source Page: FOI release 24554: Brilliant Basics Grant Document: Brilliant Basics Grant (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 25th March 2025 Source Page: FOI release 24487: Wildlife poisoning Document: Wildlife poisoning (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 25th March 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 14 March 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 14 March 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 17th March 2025 Source Page: Food Business Accelerator scheme (window 2): general rules booklet Document: Food Business Accelerator scheme (window 2): general rules booklet (webpage) Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004, Data Protection Act
Thursday 13th March 2025 Source Page: Participation of young people in education and the labour market: 2022 and 2023 (provisional) Document: Participation of young people in education and the labour market: 2022 and 2023 (provisional) (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Wednesday 12th March 2025 Source Page: FOI release 24353: A470 access road Document: A470 access road (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 11th March 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 28 February 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 28 February 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 10th March 2025 Source Page: Scoping study for mixed attainment teaching practice in schools in Wales: report Document: Scoping study for mixed attainment teaching practice in schools in Wales (PDF) Found: The information you provide will be handled in accordance with the UK Data Protection Act 1998, which
Thursday 6th March 2025 Source Page: Ffermio Bro - Farming in Designated Landscapes (stage 1): rules booklet Document: Ffermio Bro - Farming in Designated Landscapes (stage 1): rules booklet (webpage) Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act
Thursday 6th March 2025 Source Page: FOI release 23347: Grooming Gangs Document: Grooming Gangs (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Thursday 6th March 2025 Source Page: FOI release 23347: Grooming Gangs Document: Doc 3 (PDF) Found: The present study complied with the 2018 Data Protection Act, which allows sensitive study data to be
Tuesday 4th March 2025 Source Page: Attendance and absence from schools: September 2023 to August 2024 Document: Attendance and absence from schools: September 2023 to August 2024 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Friday 28th February 2025 Source Page: Small Grants – Woodland Creation (windows 7, 8 and 9): rules booklet Document: Small Grants – Woodland Creation (windows 7, 8 and 9): rules booklet (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act
Friday 28th February 2025 Source Page: FOI release 23327: Physician associate students Document: Physician associate students (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Friday 28th February 2025 Source Page: Woodland Creation Grant (window 5): rules booklet Document: Woodland Creation Grant (window 5): rules booklet (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act
Wednesday 26th February 2025 Source Page: FOI release 23335: Ainon Welsh Baptist Chapel, Treorchy Document: Ainon Welsh Baptist Chapel, Treorchy (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 26th February 2025 Source Page: Small Grants – Efficiency (window 4): general rules booklet Document: Small Grants – Efficiency (window 4): general rules booklet (webpage) Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act
Tuesday 25th February 2025 Source Page: FOI release 23329: Protocols Document: Protocols (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 25th February 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 14 February 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 14 February 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 24th February 2025 Source Page: FOI release 23301: Brilliant Basics Grant for Llansteffan North Carpark Document: Brilliant Basics Grant for Llansteffan North Carpark (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 24th February 2025 Source Page: FOI release 23294: Ty Llwyd Quarry Document: Doc 1 (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Wednesday 19th February 2025 Source Page: Single Application Form (SAF) 2025: rules booklet Document: Single Application Form (SAF) 2025: rules booklet (PDF) Found: accordance with its obligations and duties under the: • Freedom of Information Act 2000 • The Data Protection Act
Thursday 13th February 2025 Source Page: FOI release 23265: Tŷ Llwyd Quarry Document: Doc 1 (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Wednesday 12th February 2025 Source Page: FOI release 23211: Special Advisers Document: Special Advisers (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Wednesday 12th February 2025 Source Page: FOI release 23253: Cafcass policies Document: Cafcass policies (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 11th February 2025 Source Page: Contracting authority onboarding Document: Contracting authority onboarding (webpage) Found: It is a requirement under Article 26 of Data Protection Act 2018 and is quite commonly used in Central
Tuesday 11th February 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 31 January 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 31 January 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 10th February 2025 Source Page: FOI release 23243: E Harley Street Primary Care Solutions Document: E Harley Street Primary Care Solutions (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Tuesday 28th January 2025 Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 17 January 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 17 January 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Welsh Written Answers
WQ96336 Asked by: Gareth Davies (Welsh Conservative Party - Vale of Clwyd) Friday 2nd May 2025 Question What Welsh Government guidance is provided to GP practices regarding charging patients for accessing their medical records? Answered by Cabinet Secretary for Health and Social Care The General Data Protection Regulations and the Data Protection Act 2018 were made by the UK government and apply to the four nations of the UK. GP practices cannot charge patients for reasonable access to their medical record. Guidance for GPs has been issued by the BMA to help practices in understanding their statutory obligations. bma-access-to-health-records-nov-19.pdf

Welsh Written Answers

WQ96336
Asked by: Gareth Davies (Welsh Conservative Party - Vale of Clwyd)
Friday 2nd May 2025

Question

What Welsh Government guidance is provided to GP practices regarding charging patients for accessing their medical records?

Answered by Cabinet Secretary for Health and Social Care

The General Data Protection Regulations and the Data Protection Act 2018 were made by the UK government and apply to the four nations of the UK. GP practices cannot charge patients for reasonable access to their medical record. Guidance for GPs has been issued by the BMA to help practices in understanding their statutory obligations. bma-access-to-health-records-nov-19.pdf