Statutory guidance

National Fraud Initiative: privacy notices

NFI participants must tell individuals that their data will be processed.



Privacy notices will help to deter fraud as well as informing applicants about the use of data in data matching.

Participants should, so far as is practicable and unless an exemption from the fair processing requirement applies provide, or make readily available, privacy notices to the individuals about whom they are sharing information. That privacy notice should:

  • clearly explain that their data may be disclosed for the purpose of preventing and detecting fraud
  • include details of the legal basis on which the data controller relies for the processing
  • in accordance with the Information Commissioner’s guidance specify who the data will be shared with
  • contain details of how individuals can find out more information about the processing in question

For more information on privacy notices, participants should refer to the Information Commissioner’s guidance as updated from time to time. Current guidance is: privacy notices, transparency and control – a code of practice on communicating privacy information to individuals published 7 October 2016.

Published 20 March 2015
Last updated 19 February 2018 + show all updates
  1. Updates to page text.
  2. First published.