We will follow all applicable UK and EU data protection laws in how we treat your personal information.
When GDS collects, holds, uses or processes your personal information, you have a right to be told:
- what the data is being used for
- why we’re legally able to process your data (also called the ‘lawful basis for processing’)
- how long we will keep your data
- who we will share it with
- whether it will be transferred or accessed outside the UK or EU, and what legal protection it will have
- who our Data Protection Officer is
- about any rights you have, including the right to access your information or to object to its being used
- about your right to complain to the Information Commissioner if you feel that your personal information has been mishandled
You are also entitled to have your personal information:
- protected and kept secure
- kept accurate and up to date
- not used for purposes which are incompatible with those for which it was collected
- kept only for as long as it is needed for the purpose for which it was collected (unless it must be kept as part of the historic record)
GDS privacy notices
These privacy notices explain how specific GDS platforms and services handle your information:
You can also see privacy notices for GDS staff tools and the cross-government networks and communities administered by GDS.
The data controller for GDS is the Cabinet Office – a data controller determines how and why personal data is processed.
Contact the Cabinet Office:
- to get a copy of the personal information we have about you
- with any other questions
Contact the Cabinet Office’s Data Protection Officer (DPO) with any concerns about how a GDS service or GDS handles your personal information.
The DPO is responsible for independent advice and monitoring of Cabinet Office’s use of personal information.
Independent advice on data protection and privacy
Contact the Information Commissioner for independent advice about data protection, privacy and data-sharing issues.