We hold records on 48 million drivers and 40 million licensed vehicles.
This personal and non-personal information is held on a variety of databases and information stores, together with systems that support legal, correspondence, customer service, marketing, personnel, policy and related areas.
How our information is managed
We manage, maintain and protect all information according to legislation, DVLA policies and best practices.
We have security measures in place to maintain and safeguard the confidentiality, integrity and availability of our systems and data. We know how important it is to protect customers’ privacy and to comply with the Data Protection Act 1998 (DPA).
If we ask customers for personal information we will:
- let them know why we need it
- only ask for what we need, and not collect excessive or irrelevant information
- make sure nobody has access to it who shouldn’t
- let customers know if we share it with other organisations in order to give customers better public services, and whether customers can say no
- only keep it for as long as we need to
- not make it available for commercial use without your permission
In return, to help us keep your information reliable and up to date, we ask customers to:
- give us accurate information
- tell us as soon as possible of any changes, such as new address
All information is stored, processed and communicated in a secure manner making it readily available to authorised users.
These fall under 4 main categories:
You can find out if we hold any personal information about you by making a ‘subject access request’ under the DPA. If we do hold information about you we will:
- give you a description of it
- tell you why we are holding it
- tell you who it could be disclosed to
- let you have a copy of the information in an intelligible form
We handle all information in a manner that respects the rights of individuals which complies with data protection.
The DPA regulates the information held on individuals by DVLA and enables individuals to access this information.
Further details can be obtained from the Information Commissioner’s Office (ICO) website.
The Freedom of Information Act 2000 (FOI) enables the public to have access to unpublished information from a public body subject to certain conditions. DVLA has a publication scheme which provides an overview of the information that is available to access.
Some of the non-personal information is available for commercial re-use or academic research. This re-use is strictly controlled under the Information Fair Trader Scheme (IFTS). IFTS is the best practice model for public sector bodies wishing to demonstrate compliance with the Re-use of Public Sector Information Regulations 2005.
IFTS ensures that re-users of public sector information can be confident that they will be treated reasonably and fairly by public sector information providers and that information released meets with legislative requirements and best practice. The main themes are improving transparency, fairness and consistency of approach.
Further details can be obtained from the Office of Public Sector Information (OPSI) website.
The records management policy provides the structure to managing the whole information cycle. DVLA’s records management team work to guidance issued by The National Archives (TNA).
Intellectual property rights (IPR)
Intellectual property rights (IPR) protect the people who create information which is seen as having value either to the individual or in the commercial world. IPR is regulated by a number of pieces of legislation in the United Kingdom (UK) and most major countries in the world and includes copyright, patents, database rights, trademarks and designs (both registered and unregistered). In the case of DVLA, IPR protection is most usually seen in Crown Copyright of the printed work.
All the information created and held by DVLA falls under Crown Copyright. This is managed under delegated powers given by the OPSI and complies with the Copyright, Designs and Patents Act 1988.
Further information can be obtained from the OPSI website.
When we share information
Data sharing protocols and procedures are in place that allows the safe sharing of information.
A data sharing policy has been published to ensure that all staff handling data follow the correct protocols and receive appropriate training about data protection. This policy supports DVLA’s objectives and those of wider government bodies, and protects privacy rights of all individuals.
We are committed to providing the best and most efficient service to our customers. We may share personal information within our organisation or with other bodies where it would not be inconsistent with the purposes for which we collected it, and/or where we are required or permitted to do so by law.
There are some cases where we can pass on your information without telling you, for example to prevent and detect crime or to produce anonymised statistics. In all cases - whether data is shared internally or externally - DVLA will act in accordance with the DPA and other relevant legislation.
Making a formal complaint
If you’ve tried to resolve matters with the department you’ve been dealing with and you’re not happy with the outcome, write to our complaints team telling them your concerns.
If you haven’t tried to resolve the issue before writing to our complaints team, we’ll get the relevant department to reply to you.