Skip to content
Text size: A A A
01926 733523
Open Menu
YouTube

WA04135 – Data protection compliance

Request Received: 15 June 2023

Responded: 19 July 2023

Q: I kindly request that you provide me with the following information:

  1. A copy of your organisation’s Records of Processing Activity (ROPA) as defined in Article 30 of the UK General Data Protection Regulation (UK GDPR).
  2. A copy of all legitimate interest assessments conducted by your organisation where you rely on Article 6(1)(f) legitimate interests as your lawful basis for processing.
  3. A copy of all privacy impact assessments conducted by your organisation.
  4. A copy of all data protection impact assessments conducted by your organisation.
  5. A copy of all international transfer risk assessments conducted by your organisation.
  6. A recent copy of your organisation’s data protection compliance assessment using the Information Commissioner’s Office (ICO)’s accountability framework template. If you are using your own standards to monitor compliance with the Data Protection 2018, please provide me with copy of it.
  7. A copy of your organization’s data protection policy.
  8. A copy of your organization’s subject access request policy, procedures, and processes, including any guidance material such as folder structure, naming conventions, and redaction guides.
  9. A copy of your organisation’s privacy notices, including but not limited to employees, customers, ministers, special advisors (SPADs), complaints, NEDS, visitors, and CCTV.
  10. A copy of your organisation’s due diligence questions for vendor management such as independent data controllers or processors.

A: Please see below responses to your initial enquiry made on 15th June 2023:

  1. Please see attached ROPA.
  2. No information held.
  3. DPIA for electronic case management system
  4. DPIA for electronic case management system
  5. No Information held.
  6. See attached GDPR audit.
  7. See attached Data Protection policy.
  8. See attached Data Protection and Requests for Information policy, along with Subject Access guidance, request form.
  9. See attached Privacy notices for Website and Staff and full Privacy Notice.
  10. Exempt due to commercial sensitivity s43 (2) Commercial Interests.

Attachments

Sign up to our newsletter

Want to find out more about the Commissioner's work? Sign up for our free newsletter.

Subscribe Now
Warwickshire Police logo
Warwickshire Police
Warwickshire Road Safety Partnership logo
Warwickshire Road Safety Partnership
Warwickshire County Council logo
Warwickshire County Council
Safe in Warwickshire logo
Safe in Warwickshire
Association of Police and Crime Commisioners logo
Association of Police and Crime Commisioners
Victim Support logo
Victim Support
Action Fraud logo
Action Fraud
His Majesty's Inspectorate of Constabulary and Fire & Rescue Services logo
His Majesty's Inspectorate of Constabulary and Fire & Rescue Services