GOV.UK blogging platform privacy notice

Updated 31 October 2019

The GOV.UK blogging platform is a tool for people in government to blog about their work.

It’s provided by the Government Digital Service (GDS) which is part of the Cabinet Office.

The Cabinet Office and the employing department or public body are joint data controllers for personal data included in blogs by staff. The lead data controller for personal data included in blogs by staff is your employing department or public body.

The Cabinet Office is the sole data controller for personal data in user accounts, email notifications and that included in comments.

A data controller determines how and why personal data is processed. Read the Cabinet Office’s entry in the Data Protection Public Register for more information.

What data we collect

The personal data we collect from you will include:

  • email address
  • phone number
  • name

The legal basis for processing this data is that it is necessary for carrying out a task in the public interest.

Why we need it

We collect personal data in order to:

  • create a user account
  • set up and send email notifications about new blog posts
  • allow you to leave a comment
  • know you’re a real person and respond to your comments on our blog posts

We will not:

  • sell or rent your data to third parties
  • share your data with third parties for marketing purposes

We will share your data if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.

How long we keep your data

We will retain your account and email data for as long as you continue to want to receive a service from us.

Children’s privacy protection

Our services are not designed for, or intentionally targeted at, children 13 years of age or younger. It is not our policy to intentionally collect or maintain data about anyone under the age of 13.

Where your data is processed and stored

We design, build and run our systems to make sure that your data is as safe as possible at every stage, both while it’s processed and when it’s stored.

As your personal data is stored on our IT infrastructure, and shared with our data processors, it may be transferred and stored securely outside the European Union. Where that is the case it will be subject to equivalent legal protection through the use of Model Contract Clauses and the supplier’s membership of the Privacy Shield scheme.

How we protect your data and keep it secure

We are committed to keeping your data secure. We set up systems and processes to prevent unauthorised access or disclosure of the data we collect about you – for example, we protect your data using varying levels of encryption. We also make sure that third parties we deal with have an obligation to keep all personal data they process on our behalf secure.

Your rights

You have the right to request:

  • information about how your personal data is processed
  • a copy of any personal data you have provided in an accessible format
  • that anything inaccurate in your personal data is corrected immediately

You can also:

  • raise an objection about how your personal data is processed
  • request that your personal data is erased if there is no longer a justification for it
  • ask that the processing of your personal data is restricted in certain circumstances

If you have any of these requests, get in contact with the GDS Privacy Team. Contact details can be found below.

Changes to this notice

We may modify or amend this privacy notice at our discretion at any time. When we make changes to this notice, we will amend the last modified date at the top of this page. Any modification or amendment to this privacy notice will be applied to you and your data as of that revision date. If these changes affect how your personal data is processed, GDS will take reasonable steps to make sure you know.

How to contact us

Contact the Privacy Team if you either:

  • have any questions about anything in this document
  • think that your personal data has been misused or mishandled


The contact details for our Data Protection Officer are:

Data Protection Officer

Cabinet Office
70 Whitehall

The Data Protection Officer provides independent advice and monitoring of our use of personal information.

If you have a complaint, you can also contact the Information Commissioner, who is an independent regulator set up to uphold information rights.

Information Commissioner's Office


Contact form

Telephone 0303 123 1113

Textphone 01625 545 860