Guidance

OPG privacy notice: deputy supervision

Updated 29 May 2019

Applies to England and Wales

• Publication for Northern Ireland
• Publication for Scotland

This privacy notice sets out the standards that you can expect from the Office of the Public Guardian (OPG):

• when we request or hold personal information (‘personal data’) about you
• how you can get access to a copy of your personal data
• what you can do if you think the standards are not being met

OPG is an executive agency of the Ministry of Justice (MOJ).

MOJ is the data controller for the personal information we hold.

OPG collects and processes personal data for the exercise of its own and associated public functions. This includes supervision of court-appointed deputies, investigating safeguarding concerns raised by third parties, and responding to complaints.

About personal data

Personal data is information about you as an individual. It can be your name, address or telephone number. It can also include information about finances, benefit entitlement or medical conditions.

We know how important it is to protect customers’ privacy and to comply with data protection laws. We will safeguard your personal data and will only disclose it where it is lawful to do so, or with your consent. This applies to the client, deputy, and any third parties.

Any information received, from any source, can form part of a court application.

Types of personal data we process

We only process personal data that is relevant for the services we are providing to you. This may include:

• reviewing the report of a court-appointed deputy
• arranging a visit by a Court of Protection visitor
• offering guidance and support to deputies and answering queries
• processing a fee payment or application for remission or exemption of fees
• investigating any safeguarding concerns of a vulnerable adult

The legal basis for processing data

The information is processed so that OPG may carry out its lawful duties as set out in section 58 of the Mental Capacity Act (MCA) 2005.

The MCA states that the Public Guardian must, among other duties:

• establish and maintain a register of orders appointing deputies
• supervise court-appointed deputies

And that for the purpose of carrying out these functions may examine and take copies of:

• health records
• records held by a local authority
• any records held by a person registered under the Care Standards Act 2000

Failure to comply with the reasonable directions or requests of OPG in the exercise of these functions may result in an application for the removal of the appointed deputy.

Sharing information

We sometimes need to share the personal information we process with the individual themselves and also with other organisations. Where this is necessary we will comply with all aspects of the data protection laws.

The organisations we share your personal information with include:

• the Department for Work and Pensions (DWP)
• the Court of Protection
• Court of Protection visitors
• Solicitors Regulation Authority
• the police
• local authorities and social services
• court approved bond provider
• Notify and web service provider
• other government agencies
• prisons or probation services

This list is not exhaustive and any decision to share information will be made on a case-by-case basis.

Although we make every attempt to protect your rights, under certain circumstances we have a legal duty to share your information, even if you do not consent. This might include the prevention or detection of crime, interests of counter-terrorism, and safeguarding responsibilities including child protection.

Court-appointed deputies are offered a free newsletter which we will only send out with your consent.

If you agree to receive this your name, address and email address will be shared with a third party publishing company, CDS, in order to send our InTouch newsletter.

You can ask to be removed from this mailing list at any time by contacting us, and we will offer you the option to withdraw your consent with every correspondence.

Office of the Public Guardian registers

When the Court of Protection appoints a deputy, we add the details of the deputy and client to the register.

Anyone can apply to search the Office of the Public Guardian registers as long as they can provide certain details about the person that want to search for.

Not all the information we hold about a person is on the registers. We disclose additional information only when the request for it is reasonable and justified and where the law says we can.

Find out more about the Office of the Public Guardian registers

Transfer of personal data overseas

It may sometimes be necessary to transfer personal information overseas. When this is needed information may be transferred as necessary. Any transfers made will be in full compliance with all aspects of the data protection law.

How long we keep personal data

We will keep personal data only for as long as:

• we need it to carry out the services we provide to you
• the law requires us to

MOJ keeps a collection of documents called the record retention disposition schedule (RRDS) which shows how long different types of information are kept in each of its agencies.

Access to personal data

You can find out if we hold any personal data about you by making a subject access request.

To request details of personal data we hold, please send your request to:

Information Governance and Data Protection
Ministry of Justice
Post point 10.38
10th Floor
102 Petty France
London
SW1H 9AJ

You can find more information about your rights under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) or our personal information charter.

When we ask you for personal data

We promise:

• to inform you why we need your personal data and ask only for the personal data we need
• not to collect information that is irrelevant or excessive
• you can withdraw consent at any time, where relevant
• you can lodge a complaint with the supervisory authority
• to protect your personal data and make sure no unauthorised person has access to it
• only to share your data with other organisations for legitimate purposes where appropriate and necessary
• to make sure we don’t keep it longer than is necessary
• not to make your personal data available for commercial use without your consent
• to consider your request to correct, stop processing or erase your personal data

You can get more details on:

• agreements we have with other organisations for sharing information
• circumstances where we can pass on personal information without telling you, for example, to help with the prevention or detection of crime or to produce anonymised statistics
• our instructions to staff on how to collect, use or delete your personal information
• how we check that the information we hold is accurate and up-to-date
• how to make a complaint
• how to contact the Ministry of Justice Data Protection Officer

For more information about these issues, please contact:

OPG information Assurance
PO Box 16185
Birmingham
B2 2WH

Or alternatively you can contact:

MOJ Data Protection Officer
Post point 10.38
102 Petty France
London
SW1H 9AJ

For more information on how and why your information is processed please see the information provided when you accessed our services or were contacted by us.

Data Protection Officer

If you have any concerns about how OPG is handling your personal data, you may contact the Data Protection Officer (DPO).

The DPO provides independent advice and monitoring of our use of personal information.

You can contact the Data Protection Officer at:

MOJ Data Protection Officer
Post point 10.38
102 Petty France
London
SW1H 9AJ

Complaints

When we ask you for information, we will keep to the law. If you consider that your information has been handled incorrectly, you can contact the Information Commissioner for independent advice about data protection.

You can contact the Information Commissioner at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113

Website: www.ico.org.uk