FCDO privacy notice: fraud and safeguarding investigations
Published 6 March 2023
© Crown copyright 2023
This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.
Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.
This publication is available at https://www.gov.uk/government/publications/fcdo-privacy-notice-fraud-and-safeguarding-investigations/fcdo-privacy-notice-fraud-and-safeguarding-investigations
What a privacy notice is
The General Data Protection Regulation requires that data controllers provide information to people whose personal information they process. Processing information means how we use it, store it, and share it, how long we keep it and how we destroy it.
This privacy notice includes:
- who we are
- what information we collect about you and how
- how we use your information
- why we collect personal information about you
- who we share your information with and why
- our lawful basis for processing
- how long we keep your personal information for
- your rights
- how to contact us
- how to make a complaint
Who we are
The Foreign, Commonwealth & Development Office (FCDO) pursues our national interests and projects the UK as a force for good in the world. We promote the interests of British citizens and provide consular services overseas, safeguard the UK’s security, defend our values and tackle global challenges with our international partners. To do this effectively we must collect, store, share and use personal information.
The Internal Audit and Investigations Directorate’s Investigations Department is part of the FCDO. It is the central point for raising concerns, suspicions and/or allegations of fraud, sexual exploitation and abuse or other corrupt practices. This includes internal and external cases where FCDO funds, assets or interests (including FCDO’s reputation) are involved, as well as any breach of the Civil Service Code.
You can contact the fraud and safeguarding investigation teams:
- email the secure email address: reportingconcerns@fcdo.gov.uk
- phone the confidential hotline on +44 (0)1355 843747
- write to:
The Director of Internal Audit and Investigations
Foreign, Commonwealth & Development Office
King Charles Street
Whitehall
London SW1A 2AH
United Kingdom
What information we collect about you and how
To respond to reports of fraud and safeguarding concerns, we may collect personal information from you.
We may collect this information from you in a number of ways which may include:
- information you provide to us when reporting a fraud or safeguarding concern
- information provided to us by partner organisations or other third parties in relation to a fraud or safeguarding concern
This personal data may include your:
- full name
- address
- contact details including address, email address, telephone numbers, and social media profiles
- employer
Depending on the circumstances of a concern, we may process sensitive and special category data including:
- children’s data
- nationality
If proactively disclosed, other sensitive and special category data that we may process includes:
- cultural/social identity
- racial/ethnic origin
- religious belief
- sexual orientation
- physical and mental heath
Due to the nature of our work, we may also occasionally process criminal data including information concerning alleged criminality.
How we use your information
The Internal Audit and Investigations Directorate’s Investigations Department uses the information to prevent, detect and respond to fraud, safeguarding and related issues. In conducting investigations, our investigators will pursue all reasonable lines of inquiry. We may gather information from many sources such as HR records, internal IT systems, departmental management, external organisations, third parties, and individuals themselves.
Why we collect personal information about you
We collect personal data for the purposes of responding to concerns, suspicions and/or allegations of fraud, sexual exploitation and abuse or other corrupt practices.
Who we share your information with and why
The Investigation Department may share data on a case by case basis with:
- police, social services and other law enforcement agencies
- other government departments
There may be other circumstances in which we may lawfully share your data with third parties. For example, we may be required to do so by law, by court order, or to prevent fraud or other crimes. Where we share data, however, we shall do so in accordance with applicable data protection laws.
Our lawful basis for processing
We process this data in order to perform official functions of the FCDO Investigations Department, such that Article 6(1)(e) of the General Data Protection Regulation (GDPR) applies.
Where we process special category data, we do this on the basis that it is necessary for:
- reasons of substantial public interest under Article 9(2)(g) in connection with the exercise of the official functions of the FCDO (paragraph 6 of Part 2 of Schedule 1 of the Data Protection Act (DPA) 2018), or
- preventing or detecting unlawful acts (paragraph 10, Part 2 of Schedule 1 of the DPA 2018) or safeguarding of children and individuals at risk (paragraph 18, Part 2 of Schedule 1 of the DPA 2018)
Where we process criminal data, we do this on the basis that it is necessary:
- in connection with the exercise of the official functions of the FCDO and is in the substantial public interest (paragraph 6 of Part 2 of Schedule 1 of the DPA 2018)
- for preventing or detecting unlawful acts (paragraph 10 of Part 2 of Schedule 1 of the DPA 2018), or
- for safeguarding children and individuals at risk (paragraph 18 of Part 2 of Schedule 1 of the DPA 2018)
How long we keep your personal information for
We will retain your personal data for as long as necessary to fulfil the purposes we collected it for. This includes the purposes of satisfying any legal or reporting requirements. Details of retention periods for different aspects of your personal information are in the FCDO retention and disposal policy. Your personal data will be destroyed securely in line with that policy.
Your rights
You have 8 rights if the Internal Audit Directorate’s Investigations Department is using your personal information. If you have any questions about these rights, contact the Data Protection Officer for more information.
- right to be informed: you have the right to be informed about what we do with your personal data
- right of access: you have the right to request a copy of any personal information we hold about you and what we do with it. This is known as a Subject Access Request. You can make a request by emailing information.rights@fcdo.gov.uk
- right to rectification: you have the right to request that any inaccurate personal data we hold is corrected or have incomplete personal information completed
- right to erasure: you have the right to request that your personal data is erased. This only applies in certain circumstances
- right to restrict processing: you have the right to request that we limit the use of your personal data. This only applies in certain circumstances
- right to data portability: you have the right to move, copy or transfer personal information from one IT system to another in a safe and secure way. This right only applies to certain information in certain circumstances
- right to object: you have the right to object to the use of your information, which means that we would have to stop using your personal information. This right only applies to certain information in certain circumstances
- rights related to automated decision making including profiling: if a decision is being made without human involvement in the decision making, you have the right to challenge and request a review of any decisions made
If your personal data is processed on the basis of consent, you have the right to withdraw consent to the use of your personal data at any time.
How to contact us
If you have any questions about this notice, consider that your personal data has been misused or mishandled, or would like to exercise any of your rights, you can contact us at:
Director of Internal Audit and Investigations
Foreign, Commonwealth and Development Office
King Charles Street, Whitehall
London
SW1A 2AH
You can also contact the Data Protection Officer at the Foreign, Commonwealth & Development Office:
Data Protection Officer
Foreign, Commonwealth and Development Office
King Charles Street
London
SW1A 2AH
Email: Data.Protection@fcdo.gov.uk
Tel: 020 7008 5000
How to make a complaint
You may also make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Email: casework@ico.org.uk
Tel: 0303 123 1113
Changes to this notice
We encourage you to reread this privacy notice occasionally, as we aim to update it regularly, to stay informed about how we use your personal information.
This privacy notice was last updated on 6 March 2023.