Our information charter sets out the standards that you expect from Derbyshire Constabulary when it requests or holds personal information, including but not limited to personal data about you or your enquiries. The charter covers both personal data and other information the Chief Constable holds in connection with his policing duties.
It will tell you how you can get access to information, including your personal data and what you can do if you think standards are not being met. It will also assist any individual or organisation in contact with the Constabulary or subject to its enforcement procedures to understand how the information concerning them is treated and when the Constabulary will consider it for disclosure on request.
This charter will be reviewed annually and updated to take into account any changes in legislation or our policies.
The Head of Information Management owns this charter on behalf of the Chief Constable and is responsible for its implementation.
The Head of Professional Standards will ensure that information security policies and procedures are reviewed and implemented across business functions ensuring ongoing continuous improvement. These policies aim to ensure that the requirements of confidentiality, integrity and availability are maintained at each stage in the information lifecycle. The Head of Information Management is also responsible for responding to requests for information and for dealing with complaints about how the Constabulary has handled personal data.
The Information Asset Owners actively manage and monitor the whole of the information lifecycle from the creation of documents through to deletion.
Heads of Departments are responsible for ensuring that their staff are compliant with all policies and procedures.
All staff and contractors are trained in and are aware of their responsibilities as set out in these policies.
Types of information
Derbyshire Constabulary holds both personal and non-personal information in a variety of databases and information stores which are critical to its regulatory activities, together with systems relating to its support functions such as human resources, facilities and finance.
How our information is managed
Derbyshire Constabulary manages, maintains and protects all information according to legislation, policy and best practices. Security measures are in place to maintain and safeguard the confidentiality, integrity and availability of our systems and data.
All information is stored, processed and communicated in a secure manner making it readily available to authorised users.
The Constabulary is also committed to the proactive dissemination of information, to be open and transparent and will routinely publish information unless restricted by legislation or public policy considerations.
Derbyshire Constabulary understands the importance of protecting individuals’ privacy in compliance with the Data Protection Act 2018 (Act) and the EU General Data Protection Regulation 2016 (GDPR). Your information will be safeguarded and in most circumstances we will not disclose personal data without consent.
If we ask customers for personal information we will:
- let them know why it is needed, where it is not obvious;
- only ask for what is needed, and not collect excessive or irrelevant information;
- make sure nobody has access to it who should not;
- let customers know if it is shared with other organisations; and
- only keep it for as long as it is needed, in accordance with our retention schedule.
In return, to help us to keep information reliable and up to date, you are asked to:
- give us accurate information, and
- tell us as soon as possible of any changes, such as a change of address.
Please note: Derbyshire Constabulary does not place a
pre-recorded ‘fair processing notice’ on telephone lines that may receive
emergency calls (including misdirected ones) because of the associated risk of
harm that may be caused through the delay in response to the call.
Access to personal information
You can find out if any personal information is held about you by making a ‘subject access request’ under the Data Protection Act. If information is held about you we will:
- give you a description of it
- tell you why it is being held
- tell you who it could be disclosed to, and
- let you have a copy of the information in an intelligible form.
All information is handled in a manner that respects the rights of individuals and which complies with the requirements of the Data Protection Act and the EU Genera Data Protection Regulation. Information may be withheld in limited circumstances where an exemption applies.
To request any of your personal information held by Derbyshire Constabulary you should contact us using the contact details provided at the end of this charter. If information is held about you, you can ask us to correct any mistakes by contacting us using the same contact details.
For further information about how the Constabulary processes personal data, please refer to our Privacy Notice document ‘How we use your personal data’, attached.
The Information Commissioner’s Office (ICO) maintains a public register of data controllers. The Data Protection Act 2018 requires that every organisation that processes personal information to register with the ICO, unless they are exempt. The register contains information including a description of the processing undertaken and the purposes of processing personal data. There is a link at the bottom of this page to the electronic register.
Access to information
The Freedom of Information Act 2000 enables the public to have access to unpublished information from a public body subject to certain conditions.
Derbyshire Constabulary is committed to the proactive dissemination of information, to be open and transparent and will publish information unless restricted by legislation. Like all other public sector organisations, the Constabulary is required to make the information it holds available unless it is subject to an exemption.
If you wish to request information or have a query about a request please contact Derbyshire Constabulary using the contact details provided at the bottom of this page.
Legislation – disclosure of information
The Freedom of Information Act 2000 and the Data Protection Act 2018 have a number of exemptions which must be considered before publication or disclosure. However, information will not be withheld simply because it falls into a relevant exemption. The impact of disclosure will be assessed in relation to the requested information and a decision will be made on a case-by-case basis (except where it has been decided that information of that type should be published proactively).
Part 6, Section 170 of the Data Protection Act 2018 makes it an offence for the Chief Officer or member of his staff to knowingly or recklessly obtain or disclose personal data without lawful authority.
The following factors will be taken into account when considering whether information should be disclosed:
he extent to which the information, or some of it, is already in the public domain;
who is asking for the information and why they want it;
the extent to which a requester is prepared to give an assurance of confidentiality and the extent to which this can be relied on;
whether the needs of the requester can be met by supplying part of the information or supplying it in a different form;
whether the information is personal in nature and the extent to which its disclosure would be an intrusion on privacy;
the reasonable expectations of the person or organisation who supplied the information as to confidentiality, onwards disclosure etc; and
- whether disclosing the information would be likely to prejudice the Constabulary's functions, for example, by undermining an investigation, development of a policy or a potential prosecution.
Data Protection Compliance Unit
Telephone: (0300) 1228756
Or email: email@example.com|