Guidance

Driving instructor appeals: privacy notice

Updated 8 April 2024

© Crown copyright 2024

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/dvsa-privacy-notices/driving-instructor-appeals

1. About this service

The Driver and Vehicle Standards Agency (DVSA) is responsible for providing information to applicants who have appealed against a decision by the Registrar. The appeal and relevant information including personal data is made directly to the General Regulatory Chamber (GRC).

DVSA is an executive agency of the Department for Transport (DfT).

This process lets you appeal a decision made by the ADI Registrar to an independent body

The data controller for DVSA is DfT – a data controller determines the reasons and how personal data is processed. For more information, see the Information Commissioner’s Office (ICO) Data Protection Public Register. DfT’s registration number is Z7122992.

The data controller for GRC is HM Courts and Tribunal Service. You can find their privacy notice on GOV.UK.

2. What data we need

The personal data we collect from you will include:

  • name
  • address
  • personal reference number
  • motoring and non-motoring convictions
  • driving instructor test history
  • any other personal data supplied as part of the appeal

The lawful basis for processing this data is legal obligation.

Our legal powers are contained within section 15 of The Tribunal Procedure (First-tier Tribunal) (General Regulatory Chamber) Rules 2009 (SI 2009/1976).

3. Why we need it

We need the personal data we collect from you to:

  • disclose any information we hold relating to your registration and the matter being appealed to enable GRC to reach a decision
  • hold copies of all correspondence with GRC and a copy of the decision

4. What we do with it

We collect, use and store the data you give us for the reasons set out in this policy.

We will not:

  • sell or rent your data to third parties
  • share your data with third parties for marketing purposes

Besides providing information to the GRC, your information is not routinely shared with anyone outside of DVSA.

GRC will provide us with the result of your appeal. We will hold details of the result against your record on our Testing and Registration System.

We scan information about your appeal. The scans are then stored by an external company called Iron Mountain.

We will share your data if required to do so by law – for example, by court order, or to prevent fraud or other crime.

5. How long we keep your data

We’ll only keep your personal data for as long as it is needed for the reasons set out in this policy or as long as is required by law.

We will hold your personal data for:

  • 10 years after the last activity on our system
  • 15 years from the last activity when it’s a scanned record by our contractor

6. Where it might go

Our IT infrastructure and technology has been checked to make sure it’s safe and secure.

The storage is on UK based servers.

All your data is held on DVSA servers based in the UK or hosted within cloud services based in the European Economic Area (EEA). They meet security safeguards equivalent to those required by data protection legislation.

7. Protecting your data and your rights

The DVSA personal information charter sets out what steps are taken to protect your data, and the rights you have over your data.

8. Automated decision making and profiling

Your data is not subject to automated decision making or profiling as defined in data protection legislation.

9. Changes to this notice

We may change this privacy notice at its discretion at any time.

When we change this notice, the date on the page will be updated. Any changes to this privacy notice will be applied to you and your data as of the revision date.

We encourage you to periodically review this privacy notice to be informed about how your data is protected.

10. How to contact us

If you have any questions about anything in this document or if you consider that your personal data has been misused or mishandled you can contact the DVSA data protection manager

DVSA data protection manager

Data Protection Manager
DVSA
1 Unity Square
Nottingham
NG2 1AY

Contact DVSA customer services if you have a query that is not about how your personal data is used.

You may also make a complaint to the Information Commissioner, who is an independent regulator.

Back to top