Personal information charter

How UK Export Finance handles your personal information

This is UK Export Finance’s personal information charter page. It’s about our data protection policy, and includes information on the data we hold on you and how you make a request for this information.

We may need to handle information about you or your business so that we can provide better services for you. This is how we look after that information.

Non-personal information

If we receive non-personal information from third parties we must comply with any legal obligations which apply to that information.

Personal information

If we ask you for personal information - and you provide it to us - we must comply with our obligations under the Data Protection Act. They include:

  • saying why we need that information
  • asking only for the information that we need, and not to collect too much or irrelevant information
  • protecting that information and making sure that nobody has access to it who shouldn’t
  • letting you know if we will share it with other organisations - and whether you can object to that
  • not keeping it for longer than necessary

In return, we ask you to:

  • give us accurate information
  • tell us as soon as possible if there are any changes to that information

This helps us to keep your information reliable and up to date.

You can find more details on:

  • how to find out what information we hold about you and how to ask us to correct any mistakes
  • agreements we have with other organisations for sharing information
  • how we check the information we hold is accurate and up to date - see our information security risk management policy below
  • how to make a complaint

Information security risk management

UK Export Finance’s information security policy is aligned to ISO2700 best practice. It covers:

  • security policy
  • the organisation of security
  • asset management
  • human resources security
  • physical and environmental security
  • communications and operations management
  • access control
  • information systems acquisition, development and maintenance
  • information security incident management
  • business continuity management
  • compliance

Rights to request information under the Data Protection Act

To make a request under the Data Protection Act for information which we hold on you, please email us on

Requests for other types of information

The Freedom of Information Act (FOIA) and the Enviromental Information Regulations (EIRs) gives you the right to request general information held by us. Find out how to make an FOI request.

Queries and concerns

If you have any queries or concerns or want to make a complaint regarding our holding or use of personal or non-personal information, please email us at

Information Commissioner

For independent advice about data protection, privacy and data sharing issues, please contact the Information Commissioner at:

Wycliffe House
Water Lane

Telephone: 08456 30 60 60 or 01625 54 57 45
Fax: 01625 524510

You can find out more on the Information Commissioner’s Office website.

Help us improve GOV.UK

Please don't include any personal or financial information, for example your National Insurance or credit card numbers.