1. Home
  2. Safer Neighbourhoods
  3. Safety Advice
  4. News & Events
  5. Join Us
  6. About Us
  7. Contact Us
You are here:
  1. Home Page >
  2. About Us >
  3. Your Right to Information >
  4. Data Protection >
  5. Frequently Asked Questions

Menu

Frequently Asked Questions

Below are some of the frequently asked questions regarding Data Protection and Norfolk Constabulary. If you can not find the answer to your question here please contact us:

The Data Protection Officer
Norfolk Constabulary
Operations and Communications Centre
Falconers Chase
Wymondham
Norfolk NR18 0WW

 

Telephone: 0845 456 4567

Email: dataprotection@norfolk.pnn.police.uk

 

Frequently Asked Questions

1. What laws and policies are relevant to personal information?

Personal information is managed in accordance with the following legislation and policy:

  • The Data Protection Act 1998
  • Human Rights Act 1998
  • Freedom of Information Act 2000 (currently under implementation)
  • Computer Misuse Act 1990
  • Association of Chief Police Officers Code of Practice for Data Protection
  • Her Majesty's Government Manual for Protective Security

Reference will also be made to relevant case law and to legal guidance and codes of practice issued by the Office of the Information Commissioner.

 

2. Who is the Data Controller for Norfolk Constabulary?

The person ultimately responsible for the management of personal information by Norfolk Constabulary is the Chief Constable. All employees of Norfolk Constabulary act as the representatives and agents of the Chief Constable.

 

3. What is the purpose for holding personal information?

The Constabulary has notified the Office of the Information Commissioner that personal information is held and used for the following purposes:

Staff Administration: appointments or removals; pay; discipline; superannuation; work management or other personnel matters in relation to the staff of the data controller

Policing: the prevention and detection of crime; apprehension and prosecution of offenders; protection of life and property; maintenance of law and order; also rendering assistance to the public in accordance with force policies and procedures

Administration and Ancillary Support for Policing Purpose: including transaction logs; telephone logs; property maintenance; information and communications technology management; analysis and research; sound and visual monitoring of police property; incident and emergency planning; staff training and system testing

Full details of the Constabulary's notification can be obtained from the Office of the Information Commissioner's website.

 

4. Who might the police pass my personal information to?

Disclosure or passing of personal information to other organisations or individuals is strictly controlled. There are some occasions when we will pass personal information to other official agencies because we are required to do so by law or because that agency has a legitimate reason supported by legislation to be given the information. For example: the Health and Safety Executive when investigating accidents, the Inland Revenue when investigating tax fraud and Social Services when considering child protection and welfare.

The Police work in partnership with other agencies to reduce crime and disorder, reduce the fear of crime and protect the vulnerable. In order to work together it is necessary to share information. Often this information is about crime figures or areas where crime or disorder is a particular problem. However, sometimes it is necessary to share personal information to tackle a particular problem involving an identified offender or victim. Sometimes information is shared to assist the partner agency in carrying out their lawful functions, but only when it is necessary and proportionate to do so.

Agencies we work in partnership with include:

  • Local Authority Departments, including. Social Services, Housing, Environmental
  • The Probation Service
  • The Prison Service
  • NHS Trust
  • Department of Work and Pensions

The sharing of personal information is covered by documents, known as protocols. These say who the sharing agencies are; when, why and what personal information might be shared and set out procedures for making and responding to requests for information and keeping the information secure.

 

5. Can I get a copy of my personal information?

The Data Protection Act provides the right for the individual to request a copy of personal information held about them by a data controller. This is known as 'subject access' (see Section 7 of the Data Protection Act 1998).

If you would like to find out whether the Constabulary has any personal information about you and would like a copy of that information you can apply either directly at a police station or by contacting us using the following details:

Write to:

The Data Protection Officer

Norfolk Constabulary

Operations and Communications Centre

Falconers Chase

Wymondham

Norfolk NR18 0WW

Telephone: 01953 424104

Email: dataprotection@norfolk.pnn.police.uk

People want access to their information for a variety of reasons but in general we categorise requests as:

  • those wanting details of their criminal convictions history only
  • those wanting reports from a specialist unit eg. domestic violence unit reports.
  • those wanting access to ALL information

 

6. I need confirmation that I do not have a criminal record or a list of my criminal convictions

Many people need this information as part of their application for visas, residency or work permits for countries abroad. You will be asked to complete a Data Protection Form A220 in order to provide the information necessary to search against our records. You will also be required to provide two documents that prove your identity and a fee of £10 is charged. More information is given on the form.

The National Identification Service (NIS) based at New Scotland Yard, London, carries out these checks on behalf of all Constabularies in England and Wales. If you live or have lived at some time in the previous 10 years, in Scotland you will have to apply separately to the appropriate Scottish police force.

NIS will reply directly to you at the postal address you give on the form. The reply will take the form of a letter which has a watermark and two blue bands to identify it as an authentic record.

The Data Protection Act requires that you are given a response to any request for your personal information within 40 days. On average, NIS respond within 14-30 days although some responses will take the full 40-day period.

 

7. My employer has asked me to provide proof that I do not have a criminal record.

You cannot be forced by an employer to make a subject access application in order to provide to them proof of your criminal record. In the near future it will become an offence under the Data Protection Act 1998 for an employer to require an employee or candidate for employment to make a subject access request for this purpose.

If you chose to make a subject access request for this purpose you should make an application using form A220.

However if your work will involve access to children, vulnerable adults or the elderly please see number 8 below.

 

8. My work will involve access to children, vulnerable adults or the elderly.

You should not use the subject access procedures if your work will involve these categories of people. The Criminal Records Bureau (CRB) has been established by the Home Office to provide employers with a means of checking the criminal background of potential employees.

If you will be working or volunteering with children, vulnerable adults or the elderly you should ask your employer to contact the Criminal Records Bureau on 0870 9090811.

Some categories of self-employed people cannot use the Criminal Records Bureau at present. If you are self-employed check with the Criminal Records Bureau first. However, they may refer you to your local police force. If this is the case you will be asked to make a subject access application.

 

9. I want access to any information Norfolk Constabulary might have about me or to specific information such as incident records or crime reports.

Such a request is managed via subject access. You will be asked to complete an In-house Data Protection Form A221 in order to provide the information necessary to search against our records. You will also be required to provide two documents that prove your identity and a fee of £10 is charged. More information is given on the form. You may make such a request through your solicitor if appropriate, and give your authority for the information to be disclosed directly to them.

Subject access does not entitle you to receive information that might identify another person, known as a third party. If possible and appropriate we will contact the third party and ask for their consent to disclose their information to you. If we cannot obtain their consent the information may be removed, in the case of whole documents, or obscured in the case of information contained within a document. These issues will be discussed with you or your solicitor as appropriate.

The Data Protection Act requires that you are given a response to any request for your personal information within 40 days. We will always try to respond to your application in the early part of this period and will try to take account of any impending court dates. However, if the enquiry is particularly complicated or there is a lot of information to locate, check and reproduce the response may take the full 40-day period to reach you.

 

10. Is there any reason why I will not get my information?

The Data Protection Act 1998 does contain some exemptions from providing information following a subject access request. In brief, those most likely to be relevant to information held by the police are:

Information held for the purpose of safeguarding national security.

Information held for the purpose of preventing and detecting crime, apprehending and prosecuting offenders BUT only when disclosure to the applicant might prejudice those purposes.

The police service will also consider whether to disclose information to an application might prejudice the wider public interest or might be relevant to current or future criminal proceedings in the courts.

 

11. Will I get ALL the information?

Subject Access entitles you to computerised records, except when an exemption is relevant. Manual or paper records are only included if they are held in a 'relevant filing system'. This term is used in the Data Protection Act 1998. Such a system will be managed in a way that is similar to a computer system so that specific information about a person is easily located, using indexes, reference numbers, file dividers etc.

It may be the case that information about you or provided by you is held by the Constabulary in a manual file but unless it is held in a 'relevant filing system' you will not be entitled to receive a copy of it.

From 1 January 2005 the Freedom of Information Act 2000 will allow people access to ALL information about themselves, including information held in unstructured manual files. However, you will need to say exactly what information you require.

 

12. What do I do if I believe my information is wrong or that the police should not have or use that information?

The Data Protection Act 1998 gives you the right to request that inaccurate information is corrected or deleted. You can also request that your information is no longer used or held if you can show that you are being caused significant and unwarranted damage or distress. In some cases you might be entitled to compensation.

Making such a request will not automatically result in the information being changed or removed. If the Constabulary can show that the information is necessary and relevant to its lawful and legitimate functions as a police force the information will be retained.

These are the actions you can take:

  • Contact the Data Protection Officer with your complaint.
  • Contact the Chief Constable or the Constabulary's Professional Standards Department.
  • Contact the Office of the Information Commissioner. This is the government department responsible for ensuring organisations are using personal information in accordance with the Data Protection Act. They can be contacted as follows:

The Office of the Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 01958 545700

website: www.ico.gov.uk

You can of course take advice from a solicitor or the Citizens Advice Bureau.


13, What are the eight principles of data protection?
Data Protection Principles


Principle 1

‘Personal information shall be processed fairly and lawfully and, in particular, shall not be processed unless conditions are met’.

Principle 2

‘Personal information be obtained only for specified and lawful purposes and shall not be further processed in a manner incompatible with those purposes.’

Principle 3

‘Personal information shall be adequate, relevant and not excessive for the purpose’

Principle 4

‘Personal information shall be accurate and, where necessary, kept up to date’

Principle 5

‘Personal information shall not be kept for longer than is necessary for the purpose’

Principle 6

‘Personal information should be processed in accordance with the rights of data subjects’ These rights are:

  • access to personal information
  • prevent processing likely to cause damage or distress
  • prevent processing for direct marketing
  • automated decision making
  • compensation
  • rectification, blocking, erasure & destruction
  • jurisdiction & procedure

Principle 7

‘Appropriate measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss, destruction or damage to the data.’

Principle 8

The final principle refers to passing information to countries outside the EU who may not have the same levels of security.

Bookmark and Share

Related links:

Related documents: