Data Protection Act 2018

Alert Sample

View the Parallel Parliament page for the Data Protection Act 2018

Information since 24 Jan 2026, 1:21 p.m.

Data Protection Act 2018 mentioned

Parliamentary Debates
Railways Bill 168 speeches (47,967 words) Report stageReport Stage Wednesday 10th June 2026 - Commons Chamber Department for Transport Mentions: 1: Nusrat Ghani (Con - Sussex Weald) rights under the Equality Act 2010, data protection legislation (including the UK GDPR and the Data Protection Act - Link to Speech
Oral Answers to Questions 168 speeches (11,702 words) Monday 8th June 2026 - Commons Chamber Home Office Mentions: 1: Dan Jarvis (Lab - Barnsley North) criminalised in legislation, including the Fraud Act 2006, the Computer Misuse Act 1990 and the Data Protection Act - Link to Speech
Lord Mandelson: Response to Humble Address 165 speeches (35,182 words) Wednesday 3rd June 2026 - Commons Chamber Cabinet Office Mentions: 1: Nick Thomas-Symonds (Lab - Torfaen) such as the Freedom of Information Act, the duty of Ministers under the ministerial code, the Data Protection Act - Link to Speech
Equality Act 2010: Code of Practice 34 speeches (4,952 words) Wednesday 3rd June 2026 - Lords Chamber Leader of the House Mentions: 1: Baroness Stedman-Scott (Con - Life peer) Information about sex is likely to constitute special category data for the purposes of the Data Protection Act - Link to Speech

Select Committee Documents
Tuesday 9th June 2026 Written Evidence - defend digital me AIE0217 - The use of Artificial Intelligence and EdTech in Education The use of Artificial Intelligence and EdTech in Education - Education Committee Found: This used to be s33 of the Data Protection Act.
Tuesday 9th June 2026 Written Evidence - Department for Education AIE0205 - The use of Artificial Intelligence and EdTech in Education The use of Artificial Intelligence and EdTech in Education - Education Committee Found: personal data which is governed by the UK’s data protection legislation: the UK GDPR and the Data Protection Act
Tuesday 9th June 2026 Written Evidence - defend digital me AIE0203 - The use of Artificial Intelligence and EdTech in Education The use of Artificial Intelligence and EdTech in Education - Education Committee Found: The UK GDPR and the Data Protection Act 2018 embed the General Data Protection Regulation principles
Monday 8th June 2026 Written Evidence - Henderson, Gibson , and Louise CSC0049 - Human Rights of Children in the Social Care System in England Human Rights of Children in the Social Care System in England - Human Rights (Joint Committee) Found: Breaches: - UK GDPR & Data Protection Act 2018 - ECHR Article 8 - Working Together to Safeguard Children
Wednesday 3rd June 2026 Written Evidence - defend digital me AIE0148 - The use of Artificial Intelligence and EdTech in Education The use of Artificial Intelligence and EdTech in Education - Education Committee Found: The UK GDPR and the Data Protection Act 2018 embed the General Data Protection Regulation principles
Wednesday 3rd June 2026 Written Evidence - Cambridge School of Bucharest AIE0110 - The use of Artificial Intelligence and EdTech in Education The use of Artificial Intelligence and EdTech in Education - Education Committee Found: The existing regulatory framework, primarily the UK GDPR, the Data Protection Act 2018, the Age Appropriate
Wednesday 3rd June 2026 Written Evidence - defend digital me AIE0148 - The use of Artificial Intelligence and EdTech in Education The use of Artificial Intelligence and EdTech in Education - Education Committee Found: The UK GDPR and the Data Protection Act 2018 embed the General Data Protection Regulation principles
Wednesday 3rd June 2026 Written Evidence - Cambridge School of Bucharest AIE0110 - The use of Artificial Intelligence and EdTech in Education The use of Artificial Intelligence and EdTech in Education - Education Committee Found: The existing regulatory framework, primarily the UK GDPR, the Data Protection Act 2018, the Age Appropriate
Wednesday 3rd June 2026 Written Evidence - Oak National Academy AIE0053 - The use of Artificial Intelligence and EdTech in Education The use of Artificial Intelligence and EdTech in Education - Education Committee Found: Data handling complies with the UK GDPR and the Data Protection Act. ● Governance and accountability

Written Answers
Police: Biometrics Asked by: Iqbal Mohamed (Independent - Dewsbury and Batley) Thursday 11th June 2026 Question to the Home Office: To ask the Secretary of State for the Home Department, what safeguards she has introduced to help ensure that digital forensic tools cannot be used for (a) remote access and (b) bulk data collection beyond lawful investigations. Answered by Sarah Jones - Minister of State (Home Office) All digital forensic activity must comply with existing legislation, including the Police and Criminal Evidence Act 1984, the Investigatory Powers Act 2016, the Regulation of Investigatory Powers Act 2000, and the Data Protection Act 2018.
Medical Records: Data Protection Asked by: Neil Duncan-Jordan (Labour - Poole) Friday 5th June 2026 Question to the Department of Health and Social Care: To ask the Secretary of State for Health and Social Care, what safeguards are in place to prevent identifiable NHS patient data being accessed by (a) foreign governments and (b) entities subject to foreign jurisdiction. Answered by Preet Kaur Gill - Parliamentary Under-Secretary (Department of Health and Social Care) The NHS Federated Data Platform (NHS FDP) allows for the information in different National Health Service IT systems to be connected, in a single, safe, secure environment. This allows more effective management of the data, so care can be better co-ordinated. It allows for better use to be made of operating theatres, improves cancer pathways, so that patients get a quicker diagnosis, and allows for faster patient discharge from hospital. To date, 24 integrated care board clusters and 168 NHS trusts have signed up to the NHS FDP, including the University Hospitals Dorset NHS Foundation Trust. NHS England publishes quarterly information on the benefits realised from the NHS FDP at the following link: https://www.england.nhs.uk/digitaltechnology/nhs-federated-data-platform/impact/fdp-uptake-and-benefits/ The NHS FDP has been designed with stringent safeguards to ensure that patient data is protected in full compliance with the UK General Data Protection Regulation and the Data Protection Act 2018. Access to NHS data is tightly controlled. Only authorised users are granted access, and solely for approved purposes that benefit patient care or NHS operations. The supplier operates under the instruction of NHS England. They do not control the data, nor are they permitted to access, use, or share it for any independent purpose. The platform operates within a robust contractual and governance framework, including strict requirements relating to data protection, confidentiality, and the lawful and proportionate use of data. This is supported by ongoing audit, monitoring, and reporting, as well as Data Protection Impact Assessments to assess and mitigate risks to individuals’ rights and freedoms. Data held within the NHS FDP is hosted in United Kingdom based data centres and access to data and systems is subject to UK legal, regulatory, and contractual controls. These arrangements ensure that data is processed in line with UK law and NHS England requirements, and that access to identifiable patient data cannot be undertaken independently by external organisations or for purposes outside those authorised by NHS England.
Artificial Intelligence: Cybersecurity Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer) Wednesday 3rd June 2026 Question to the Department for Science, Innovation & Technology: To ask His Majesty's Government what assessment they have made of risks arising from the overseas processing of data by AI systems used by UK companies; and what steps they are taking to ensure compliance with data protection and cybersecurity requirements. Answered by Baroness Lloyd of Effra - Baroness in Waiting (HM Household) (Whip) The Government recognises that UK companies’ use of AI systems often relies on global infrastructure, which can create challenges in how organisations manage transfer risks. Where personal data is processed in AI systems, in the UK or overseas, it will be subject to the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, which includes maintaining the UK's high data protection standards when transferred internationally. The Information Commissioner’s Office (ICO) is responsible for monitoring and enforcing compliance with these requirements.

Written Answers

Police: Biometrics
Asked by: Iqbal Mohamed (Independent - Dewsbury and Batley)
Thursday 11th June 2026

Question to the Home Office:

To ask the Secretary of State for the Home Department, what safeguards she has introduced to help ensure that digital forensic tools cannot be used for (a) remote access and (b) bulk data collection beyond lawful investigations.

Answered by Sarah Jones - Minister of State (Home Office)

All digital forensic activity must comply with existing legislation, including the Police and Criminal Evidence Act 1984, the Investigatory Powers Act 2016, the Regulation of Investigatory Powers Act 2000, and the Data Protection Act 2018.

Medical Records: Data Protection
Asked by: Neil Duncan-Jordan (Labour - Poole)
Friday 5th June 2026

Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, what safeguards are in place to prevent identifiable NHS patient data being accessed by (a) foreign governments and (b) entities subject to foreign jurisdiction.

Answered by Preet Kaur Gill - Parliamentary Under-Secretary (Department of Health and Social Care)

The NHS Federated Data Platform (NHS FDP) allows for the information in different National Health Service IT systems to be connected, in a single, safe, secure environment. This allows more effective management of the data, so care can be better co-ordinated. It allows for better use to be made of operating theatres, improves cancer pathways, so that patients get a quicker diagnosis, and allows for faster patient discharge from hospital.

To date, 24 integrated care board clusters and 168 NHS trusts have signed up to the NHS FDP, including the University Hospitals Dorset NHS Foundation Trust. NHS England publishes quarterly information on the benefits realised from the NHS FDP at the following link:

https://www.england.nhs.uk/digitaltechnology/nhs-federated-data-platform/impact/fdp-uptake-and-benefits/

The NHS FDP has been designed with stringent safeguards to ensure that patient data is protected in full compliance with the UK General Data Protection Regulation and the Data Protection Act 2018.

Access to NHS data is tightly controlled. Only authorised users are granted access, and solely for approved purposes that benefit patient care or NHS operations. The supplier operates under the instruction of NHS England. They do not control the data, nor are they permitted to access, use, or share it for any independent purpose.

The platform operates within a robust contractual and governance framework, including strict requirements relating to data protection, confidentiality, and the lawful and proportionate use of data. This is supported by ongoing audit, monitoring, and reporting, as well as Data Protection Impact Assessments to assess and mitigate risks to individuals’ rights and freedoms.

Data held within the NHS FDP is hosted in United Kingdom based data centres and access to data and systems is subject to UK legal, regulatory, and contractual controls. These arrangements ensure that data is processed in line with UK law and NHS England requirements, and that access to identifiable patient data cannot be undertaken independently by external organisations or for purposes outside those authorised by NHS England.

Artificial Intelligence: Cybersecurity
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Wednesday 3rd June 2026

Question to the Department for Science, Innovation & Technology:

To ask His Majesty's Government what assessment they have made of risks arising from the overseas processing of data by AI systems used by UK companies; and what steps they are taking to ensure compliance with data protection and cybersecurity requirements.

Answered by Baroness Lloyd of Effra - Baroness in Waiting (HM Household) (Whip)

The Government recognises that UK companies’ use of AI systems often relies on global infrastructure, which can create challenges in how organisations manage transfer risks.

Where personal data is processed in AI systems, in the UK or overseas, it will be subject to the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, which includes maintaining the UK's high data protection standards when transferred internationally.

The Information Commissioner’s Office (ICO) is responsible for monitoring and enforcing compliance with these requirements.

Department Publications - Guidance
Friday 12th June 2026 Department for Education Source Page: Apply for Department for Education (DfE) personal data Document: statistical disclosure control (PDF) Found: in this Schedule and Agreement, as well as DfE and MoJ’s responsibilities under law, e.g., Data Protection Act
Friday 12th June 2026 Department for Education Source Page: Apply for Department for Education (DfE) personal data Document: application form (webpage) Found: ☐ Not Applicable (N/A) ☐ Official authority ☐ Specific condition in Data Protection Act 2018 (DPA
Friday 12th June 2026 Department for Education Source Page: Best Start Family Hubs and Healthy Babies: guidance for local authorities Document: (PDF) Found: • BSFHs train staff on child-centred, trauma-informed practice and data protection (GDPR, Data Protection Act
Friday 12th June 2026 Department for Business, Energy and Industrial Strategy Source Page: Oil and gas: offshore environmental legislation Document: Consultation Document (PDF) Found: Climate Change DepCon Deposit Consent Dft Department for Transport DP Dynamic Positioning DPA Data Protection Act
Friday 12th June 2026 Department for Environment, Food and Rural Affairs Source Page: Create a woodland management plan Document: inventory and plan of operations worksheet (V5): no formulas (Excel) Found: Data ProtectionThe Forestry Commission is registered as a data controller under the Data Protection Act
Friday 12th June 2026 Department for Environment, Food and Rural Affairs Source Page: Create a woodland management plan Document: inventory and plan of operations worksheet (V5): with formulas (Excel) Found: Data ProtectionThe Forestry Commission is registered as a data controller under the Data Protection Act
Thursday 11th June 2026 Ministry of Defence Source Page: The Military Court Service Document: Case Center - terms and conditions for use and acceptable use policy (PDF) Found: I will comply with UK Data Protection Act 2018, relevant privacy regulations and all professional codes
Thursday 11th June 2026 Ministry of Defence Source Page: DCYP forms and information sheets Document: (webpage) Found: purposes only in line with the General Data Protection Regulations (GDPR), Article 6(1)(e); Data Protection Act
Thursday 11th June 2026 Ministry of Defence Source Page: DCYP forms and information sheets Document: (webpage) Found: purposes only in line with the General Data Protection Regulations (GDPR), Article 6(1)(e); Data Protection Act
Thursday 11th June 2026 Ministry of Defence Source Page: DCYP forms and information sheets Document: (webpage) Found: purposes only in line with the General Data Protection Regulations (GDPR), Article 6(1)(e); Data Protection Act
Thursday 11th June 2026 Ministry of Defence Source Page: DCYP forms and information sheets Document: (PDF) Found: purposes only in line with the General Data Protection Regulations (GDPR), Article 6(1)(e); Data Protection Act
Thursday 11th June 2026 Ministry of Defence Source Page: DCYP forms and information sheets Document: (PDF) Found: Data Protection The MOD has a legal duty under the Data Protection Act 2018 (DPA18) to respect third
Thursday 11th June 2026 Ministry of Defence Source Page: DCYP forms and information sheets Document: (webpage) Found: purposes only in line with the General Data Protection Regulations (GDPR), Article 6(1)(e); Data Protection Act
Thursday 11th June 2026 Foreign, Commonwealth & Development Office Source Page: Call for proposals: Jordan Humanitarian and Systems Strengthening Programme (JHASS): protection component Document: Accountable grant agreement template (webpage) Found: Environmental Information Regulations 2004, the UK General Data Protection Regulation (UKGDPR), the Data Protection Act
Thursday 11th June 2026 Department for Work and Pensions Source Page: DWP procurement: security policies and standards Document: (PDF) Found: OFFICIAL, in line with UK (United Kingdom) GDPR (General Data Protection Regulation) and DPA (Data Protection Act
Thursday 11th June 2026 Department for Work and Pensions Source Page: DWP procurement: security policies and standards Document: (PDF) Found: applicable legal and regulatory obligations: General Data Protection Regulation (GDPR) and Data Protection Act
Thursday 11th June 2026 Department for Work and Pensions Source Page: DWP procurement: security policies and standards Document: (PDF) Found: actions must comply with contractual obligations and all applicable laws, such as the UK Data Protection Act
Wednesday 10th June 2026 Ministry of Defence Source Page: Recruitment and management of transgender personnel in the armed forces (JSP 889) Document: (PDF) Found: DATA PROTECTION ACT (DPA) 2018 7.
Wednesday 10th June 2026 Ministry of Defence Source Page: Recruitment and management of transgender personnel in the armed forces (JSP 889) Document: Recruitment and management of transgender personnel in the armed forces (JSP 889) (webpage) Found: Based on the Equality Act 2010, The Gender Recognition 2004, The Data Protection Act 2018 and the Human
Wednesday 10th June 2026 Ministry of Defence Source Page: Recruitment and management of transgender personnel in the armed forces (JSP 889) Document: (PDF) Found: DATA PROTECTION ACT (DPA) 2018 7.
Tuesday 9th June 2026 Cabinet Office Source Page: Procurement Act 2023 guidance documents - Procure phase Document: (PDF) Found: However, the Data Protection Act 2018 and GDPR do still apply to all other information that is published
Tuesday 9th June 2026 Department for Education Source Page: Appropriate bodies guidance: induction for early career teachers Document: (PDF) Found: to retain records for longer than six years, they may do so as long as they comply with the Data Protection Act
Tuesday 9th June 2026 Department for Education Source Page: Appropriate bodies guidance: induction for early career teachers Document: (PDF) Found: to retain records for longer than six years, they may do so as long as they comply with the Data Protection Act
Tuesday 9th June 2026 Department for Education Source Page: Induction for early career teachers (England) Document: (PDF) Found: to retain records for longer than six years, they may do so as long as they comply with the Data Protection Act
Tuesday 9th June 2026 Department for Work and Pensions Source Page: Jobs Guarantee Document: (PDF) Found: for Disposal and the term “Dispose” shall be construed accordingly; DPA 2018 means the Data Protection Act
Tuesday 9th June 2026 Department for Work and Pensions Source Page: Jobs Guarantee Document: (PDF) Found: comply with its obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Tuesday 9th June 2026 Department for Work and Pensions Source Page: Jobs Guarantee Document: (PDF) Found: ensure compliance with all applicable data protection legislation, including the UK GDPR and Data Protection Act
Tuesday 9th June 2026 Department for Work and Pensions Source Page: Jobs Guarantee Document: (PDF) Found: ensure compliance with all applicable data protection legislation, including the UK GDPR and Data Protection Act
Friday 5th June 2026 Home Office Source Page: Detainee Custody Officer and Detainee Custody Officer (Escort) certification Document: (PDF) Found: should comply with the principles of UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Friday 5th June 2026 Department for Transport Source Page: Guidance: Grant funding to transport freight by rail and water Document: (PDF) Found: as binding on the Department. 6.8 We will process your personal data in accordance with the Data Protection Act
Friday 5th June 2026 Ministry of Housing, Communities and Local Government Source Page: Development Management Funding: privacy notice for monitoring returns Document: Development Management Funding: privacy notice for monitoring returns (webpage) Found: notice is to explain your rights and give you the information you are entitled to under the Data Protection Act
Thursday 4th June 2026 Ministry of Housing, Communities and Local Government Source Page: Planning guidance: letters to chief planning officers Document: (PDF) Found: It will repeal the Data Protection Directive, which was implemented by the Data Protection Act 1998
Thursday 4th June 2026 Department for Education Source Page: Children looked after return 2026 to 2027: guide Document: (PDF) Found: of the SSDA903 collection 9 1.1 Purpose of the SSDA903 return 9 1.2 Legal duties under the Data Protection Act
Thursday 4th June 2026 Department for Work and Pensions Source Page: Guidance: Decision makers’ guide: Vol 1: Decision making and appeals: staff guide Document: (PDF) Found: documents 01420 The Department destroys documents in order to meet the obligations of the Data Protection Act
Thursday 4th June 2026 Department for Work and Pensions Source Page: Guidance: Decision makers’ guide: Vol 1: Decision making and appeals: staff guide Document: (PDF) Found: documents 01420 The Department destroys documents in order to meet the obligations of the Data Protection Act
Thursday 4th June 2026 Department for Work and Pensions Source Page: Guidance: Decision makers’ guide: Vol 1: Decision making and appeals: staff guide Document: (PDF) Found: also no obligation to supply the advice where there is a request to disclose it under the Data Protection Act
Wednesday 3rd June 2026 Department for Energy Security & Net Zero Source Page: Heat Pump Investment Accelerator Competition: round 2 Document: (webpage) Found: DESNZ’s legal obligations (including under the Freedom of Information Act 2000 (FOIA), the Data Protection Act
Wednesday 3rd June 2026 Foreign, Commonwealth & Development Office Source Page: International Growth Centre (IGC): pre-qualification round Document: Accountable grant arrangement template (webpage) Found: Environmental Information Regulations 2004, the UK General Data Protection Regulation (UKGDPR), the Data Protection Act
Tuesday 2nd June 2026 Department of Health and Social Care Source Page: DHSC group accounting manual 2026 to 2027 Document: (PDF) Found: special severance payments conflicting with a legal obligation arising as a result of the Data Protection Act
Monday 1st June 2026 Ministry of Justice Source Page: Legal Aid Agency cyber-security incident - Frequently Asked Questions Document: Criminal Legal Aid Manual (PDF) Found: sensitive data when you send emails, and it avoids the risk of possible data breaches under the Data Protection Act

Department Publications - Policy and Engagement
Friday 12th June 2026 Department for Energy Security & Net Zero Source Page: Eskdalemuir seismic array: revised approach to managing onshore wind turbine interference Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Friday 12th June 2026 Department for Energy Security & Net Zero Source Page: Eskdalemuir seismic array: revised approach to managing onshore wind turbine interference Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Friday 12th June 2026 Department for Energy Security & Net Zero Source Page: Eskdalemuir seismic array: revised approach to managing onshore wind turbine interference Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Friday 12th June 2026 Department for Energy Security & Net Zero Source Page: Eskdalemuir seismic array: revised approach to managing onshore wind turbine interference Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Friday 12th June 2026 Department for Business and Trade Source Page: Time off for public duties Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Monday 8th June 2026 Department for Energy Security & Net Zero Source Page: Draft National Policy Statement for fusion energy generation (EN-8) Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Friday 5th June 2026 Ministry of Justice Source Page: A fairer end to relationships Document: (PDF) Found: to information regimes (these are primarily the Freedom of Information Act 2000 (FOIA), the Data Protection Act
Thursday 4th June 2026 HM Treasury Source Page: Treasury Minutes progress report – June 2026 Document: (PDF) Found: This role does not replace departmental accountability under UK GDPR and the Data Protection Act 2018
Thursday 4th June 2026 HM Treasury Source Page: Treasury Minutes progress report – June 2026 Document: (PDF) Found: This role does not replace departmental accountability under UK GDPR and the Data Protection Act 2018
Thursday 4th June 2026 Department for Energy Security & Net Zero Source Page: Assessing the case for community batteries Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Tuesday 2nd June 2026 Department of Health and Social Care Source Page: Changes to DHSC group accounting manual 2026 to 2027 Document: (PDF) Found: special severance payments conflicting with a legal obligation arising as a result of the Data Protection Act
Tuesday 2nd June 2026 Department of Health and Social Care Source Page: 2024 voluntary scheme for branded medicines pricing, access and growth Document: (PDF) Found: confidentiality owed to a third party or other statutory obligations (including but not limited to the Data Protection Act
Tuesday 2nd June 2026 Department for Business and Trade Source Page: Make Work Pay: ending one-sided flexibility – reforms of zero hours and similar contracts Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act

Department Publications - Consultations
Friday 12th June 2026 Department for Business and Trade Source Page: Make Work Pay: employment rights for unpaid carers and parents of seriously ill children Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Friday 12th June 2026 Department for Business and Trade Source Page: Make Work Pay: employment rights for unpaid carers and parents of seriously ill children Document: (PDF) Found: disclosed in accordance with UK 15 legislation (the Freedom of Information Act 2000, the Data Protection Act
Monday 8th June 2026 Department for Science, Innovation & Technology Source Page: Empowering people through data intermediaries Document: (PDF) Found: The Data Protection Act 2018 Part 5 allows for statutory codes of 22 practice to set out guidance
Monday 8th June 2026 Department for Science, Innovation & Technology Source Page: Empowering people through data intermediaries Document: (PDF) Found: The Data Protection Act 2018 Part 5 allows for statutory codes of 22 practice to set out guidance
Thursday 4th June 2026 Department for Science, Innovation & Technology Source Page: Growing up in the online world: a national consultation Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Thursday 4th June 2026 Department for Science, Innovation & Technology Source Page: Growing up in the online world: a national consultation Document: (PDF) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act

Department Publications - Transparency
Thursday 11th June 2026 Department for Digital, Culture, Media & Sport Source Page: National Citizen Service Trust annual report and accounts: 1 April 2025 to 11 July 2025 Document: (PDF) Found: personal data on NCS participants, including ‘special category data’, in compliance with the Data Protection Act
Thursday 4th June 2026 Department for Education Source Page: DfE external data shares Document: (Excel) Found: and their characteristics including items described as ‘sensitive personal data’ within the Data Protection Act
Wednesday 3rd June 2026 Department for Education Source Page: National Careers Service: course directory Document: (Excel) Found: Data Protection training course will broaden your understanding of the laws concerning the Data Protection Act

Department Publications - Statistics
Thursday 11th June 2026 Department for Energy Security & Net Zero Source Page: National Energy Efficiency Data-Framework (NEED) report: summary of analysis 2026 Document: (PDF) Found: Data protection NEED is constructed to ensure it is compliant with the Data Protection Act 2018 and

Department Publications - Policy paper
Thursday 11th June 2026 HM Treasury Source Page: HM Treasury Market Engagement Group Document: (PDF) Found: the UK GDPR – Substantial public interest Schedule 1, Part 2, Paragraph 6(2)(b) of the Data Protection Act

Department Publications - Services
Tuesday 9th June 2026 Department for Environment, Food and Rural Affairs Source Page: Landscape Recovery scheme: complaints and reconsiderations Document: (PDF) Found: or lead applicant) Date Page 4 of 4 Part E – Data Protection We use data in line with the Data Protection Act

Department Publications - Research
Friday 5th June 2026 Ministry of Justice Source Page: Measuring civil legal aid demand Document: (PDF) Found: The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 (DPA) Ipsos

Non-Departmental Publications - Transparency
Jun. 12 2026 Government Internal Audit Agency Source Page: Government Internal Audit Agency Framework Agreement 2023 Document: (PDF) Transparency Found: all requests for information made to it under the Freedom of Information Act 2000, or the Data Protection Act
Jun. 11 2026 National Citizen Service Source Page: National Citizen Service Trust annual report and accounts: 1 April 2025 to 11 July 2025 Document: (PDF) Transparency Found: personal data on NCS participants, including ‘special category data’, in compliance with the Data Protection Act
Jun. 09 2026 Security Industry Authority Source Page: SIA business plan: 2026 to 2027 Document: (PDF) Transparency Found: investigators and assessed 90 criminal investigation cases completed Corporate Services 280 Data Protection Act
Jun. 09 2026 Security Industry Authority Source Page: SIA business plan: 2026 to 2027 Document: (PDF) Transparency Found: investigators and assessed 90 criminal investigation cases completed Corporate Services 280 Data Protection Act
Jun. 08 2026 The Insolvency Service Source Page: Insolvency Service FOI responses: January to March 2026 Document: (PDF) Transparency Found: As well as potential breaches of the Data Protection Act.
Jun. 08 2026 The Insolvency Service Source Page: Insolvency Service FOI responses: January to March 2026 Document: (PDF) Transparency Found: As well as potential breaches of the Data Protection Act.

Non-Departmental Publications - Guidance and Regulation
Jun. 12 2026 Forestry Commission Source Page: Create a woodland management plan Document: inventory and plan of operations worksheet (V5): no formulas (Excel) Guidance and Regulation Found: Data ProtectionThe Forestry Commission is registered as a data controller under the Data Protection Act
Jun. 12 2026 Forestry Commission Source Page: Create a woodland management plan Document: inventory and plan of operations worksheet (V5): with formulas (Excel) Guidance and Regulation Found: Data ProtectionThe Forestry Commission is registered as a data controller under the Data Protection Act
Jun. 10 2026 Veterinary Medicines Directorate Source Page: VMD Service Standards Document: VMD Service Standards (webpage) Guidance and Regulation Found: of the Freedom of Information Act 2005, Environmental Information Regulations 2004 and the Data Protection Act
Jun. 10 2026 Veterinary Medicines Directorate Source Page: VMD Service Standards Document: VMD Service Standards (webpage) Guidance and Regulation Found: of the Freedom of Information Act 2005, Environmental Information Regulations 2004 and the Data Protection Act
Jun. 10 2026 Veterinary Medicines Directorate Source Page: Veterinary Medicines Directorate: Privacy Notice Document: Veterinary Medicines Directorate: Privacy Notice (webpage) Guidance and Regulation Found: to us and protected in law through the UK General Data Protection Regulation (UK GDPR), the Data Protection Act
Jun. 09 2026 Immigration Enforcement Source Page: Offender management: caseworker guidance Document: (PDF) Guidance and Regulation Found: information is stored and handled in line with the General Data Protection Regulation (GDPR) and Data Protection Act
Jun. 09 2026 Immigration Enforcement Source Page: Offender management: caseworker guidance Document: (PDF) Guidance and Regulation Found: Your personal data will be handled securely and in compliance with the Data Protection Act 2018.
Jun. 09 2026 Immigration Enforcement Source Page: Offender management: caseworker guidance Document: (PDF) Guidance and Regulation Found: Request to DVLA for information All immigration application forms contain a Data Protection Act (DPA
Jun. 09 2026 Immigration Enforcement Source Page: Offender management: caseworker guidance Document: (PDF) Guidance and Regulation Found: personal information must be in accordance with the General Data Protection Regulation and the Data Protection Act
Jun. 09 2026 Regulator of Social Housing Source Page: Supplementary Privacy Notice - More and Better Social Homes Document: Supplementary Privacy Notice - More and Better Social Homes (webpage) Guidance and Regulation Found: necessary for reasons of substantial public interest), together with Schedule 1, paragraph 6 of the Data Protection Act
Jun. 08 2026 Forestry Commission Source Page: Apply for the England Woodland Creation Offer Document: (PDF) Guidance and Regulation Found: Data Protection Act 2018 The Forestry Commission (FC) will use any information you provide to support
Jun. 05 2026 Immigration Enforcement Source Page: Detainee Custody Officer and Detainee Custody Officer (Escort) certification Document: (PDF) Guidance and Regulation Found: should comply with the principles of UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Jun. 05 2026 Ofsted Source Page: School inspection data summary report (IDSR) guide Document: School inspection data summary report (IDSR) guide (webpage) Guidance and Regulation Found: Ofsted IDSR service, you must recognise the privacy of that data and always comply with the Data Protection Act
Jun. 05 2026 Ofsted Source Page: School inspection data summary report (IDSR) guide Document: School inspection data summary report (IDSR) guide (webpage) Guidance and Regulation Found: Ofsted IDSR service, you must recognise the privacy of that data and always comply with the Data Protection Act
Jun. 04 2026 Offshore Petroleum Regulator for Environment and Decommissioning Source Page: Oil and gas: decommissioning of offshore installations and pipelines Document: Fees consultation document - May 2021 (PDF) Guidance and Regulation Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Jun. 04 2026 Offshore Petroleum Regulator for Environment and Decommissioning Source Page: Oil and gas: decommissioning of offshore installations and pipelines Document: OPRED Decommissioning Charging Regulations 2026 Consultation Document (PDF) Guidance and Regulation Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Jun. 04 2026 Offshore Petroleum Regulator for Environment and Decommissioning Source Page: Oil and gas: decommissioning of offshore installations and pipelines Document: OPRED Fee Rates Consultation 2026 (PDF) Guidance and Regulation Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act
Jun. 03 2026 Marine Management Organisation Source Page: East Inshore and Offshore Marine Plan Areas - Statement of Public Participation Document: (PDF) Guidance and Regulation Found: information gathered from stakeholders will be used and disposed of in accordance with The Data Protection Act
Jun. 03 2026 Planning Inspectorate Source Page: Appeal a discontinuance notice Document: (webpage) Guidance and Regulation Found: supplied by you in this form, is in accordance with the terms of our registration under the Data Protection Act
Jun. 03 2026 Planning Inspectorate Source Page: Appeal a discontinuance notice Document: (webpage) Guidance and Regulation Found: supplied by you in this form, is in accordance with the terms of our registration under the Data Protection Act
Jun. 03 2026 Driver and Vehicle Standards Agency Source Page: MOT test fees and appeals poster for MOT centres Document: (PDF) Guidance and Regulation Found: Vehicle Standards Agency, who is responsible for how the system is used under the UK GDPR and Data Protection Act
Jun. 02 2026 HM Revenue & Customs Source Page: HMRC Privacy Notice Document: HMRC Privacy Notice (webpage) Guidance and Regulation Found: The Data Protection Act 2018 requires organisations who process personal data to meet certain legal obligations
Jun. 02 2026 Natural England Source Page: Volunteering with Natural England: support directory Document: Volunteering Promise (PDF) Guidance and Regulation Found: your volunteering role in accordance with General Data Protection Regulation (GDPR) and the Data Protection Act
Jun. 02 2026 Serious Fraud Office Source Page: Recruitment privacy notice Document: Recruitment privacy notice (webpage) Guidance and Regulation Found: which relates to our obligations in employment law, paired with Schedule 1 part 1(1) of the Data Protection Act
Jun. 02 2026 Homes England Source Page: Homes England: privacy notice Document: Homes England: privacy notice (webpage) Guidance and Regulation Found: ‘data controller’ for the purposes of the General Data Protection Regulation (GDPR) and the Data Protection Act
Jun. 01 2026 Legal Aid Agency Source Page: Legal Aid Agency cyber-security incident - Frequently Asked Questions Document: Criminal Legal Aid Manual (PDF) Guidance and Regulation Found: sensitive data when you send emails, and it avoids the risk of possible data breaches under the Data Protection Act

Non-Departmental Publications - Policy and Engagement
Jun. 11 2026 Medicines and Healthcare products Regulatory Agency Source Page: Regulation of AI in Healthcare Document: (PDF) Policy and Engagement Found: the purpose of ‘Equality of Opportunity or Treatment’ [UK GDPR Article 9(2)(a and g); and Data Protection Act
Jun. 09 2026 Regulator of Social Housing Source Page: More and better homes Document: (PDF) Policy and Engagement Found: 2000 or the Environmental Information Regulations 2004, subject to the requirements of the Data Protection Act
Jun. 09 2026 Regulator of Social Housing Source Page: More and better homes Document: (PDF) Policy and Engagement Found: 2000 or the Environmental Information Regulations 2004, subject to the requirements of the Data Protection Act

Non-Departmental Publications - Services
Jun. 10 2026 UK Visas and Immigration Source Page: Notification of change of circumstances: form MCC Document: (PDF) Services Found: This also sets out your rights under the Data Protection Act 2018 and explains how you can access your
Jun. 09 2026 Natural England Source Page: Landscape Recovery scheme: complaints and reconsiderations Document: (PDF) Services Found: or lead applicant) Date Page 4 of 4 Part E – Data Protection We use data in line with the Data Protection Act

Non-Departmental Publications - Open consultation
Jun. 03 2026 Competition and Markets Authority Source Page: Draft revised guidance on our approach to assessing merger efficiencies Document: (PDF) Open consultation Found: This legislation is the UK General Data Protection Regulation (GDPR)34 and the Data Protection Act 2018

Non-Departmental Publications - Policy paper
Jun. 02 2026 Serious Fraud Office Source Page: SFO Privacy Policy Document: SFO Privacy Policy (webpage) Policy paper Found: protected by either: The General Data Protection Regulation (“UK GDPR”) and Part 2 of the Data Protection Act

Non-Departmental Publications - Research and Statistics
Jun. 01 2026 Planning Inspectorate Source Page: Planning Inspectorate Appeals Data Document: Planning Inspectorate Appeals Data (webpage) Research and Statistics Found: action has been taken to ensure we comply with the UK General Data Protection Requirement (Data Protection Act
Jun. 01 2026 Planning Inspectorate Source Page: Planning Inspectorate Appeals Data Document: Planning Inspectorate Appeals Data (webpage) Research and Statistics Found: action has been taken to ensure we comply with the UK General Data Protection Requirement (Data Protection Act

Draft Secondary Legislation
The Supply of Machinery (Safety) (Amendment etc.) and the EU Machinery Regulation (Enforcement etc. in Northern Ireland) Regulations 2026 The Supply of Machinery (Safety) Regulations 2008 (S.I. 2008/1597) (“the 2008 Regulations”) implemented Directive 2006/42/EC of the European Parliament and of the Council on machinery (“the Directive”) in the United Kingdom when the United Kingdom was a member of the European Union. Arising out of the United Kingdom’s withdrawal from the European Union, the 2008 Regulations were amended to ensure that deficiencies were corrected in relation to Great Britain (England and Wales and Scotland). The 2008 Regulations were also amended to ensure that machinery products meeting specified requirements of the Directive were able to be placed on the market in Great Britain. Department for Business and Trade Found: Union; and “data protection legislation” has the same meaning as it has in section 3 of the Data Protection Act

Draft Secondary Legislation

The Supply of Machinery (Safety) (Amendment etc.) and the EU Machinery Regulation (Enforcement etc. in Northern Ireland) Regulations 2026
The Supply of Machinery (Safety) Regulations 2008 (S.I. 2008/1597) (“the 2008 Regulations”) implemented Directive 2006/42/EC of the European Parliament and of the Council on machinery (“the Directive”) in the United Kingdom when the United Kingdom was a member of the European Union. Arising out of the United Kingdom’s withdrawal from the European Union, the 2008 Regulations were amended to ensure that deficiencies were corrected in relation to Great Britain (England and Wales and Scotland). The 2008 Regulations were also amended to ensure that machinery products meeting specified requirements of the Directive were able to be placed on the market in Great Britain.

Department for Business and Trade

Found: Union; and “data protection legislation” has the same meaning as it has in section 3 of the Data Protection Act

Deposited Papers
Thursday 4th June 2026 Department for Environment, Food and Rural Affairs Source Page: Framework document: Office for Environmental Protection. Incl. annex. 37p. Document: OEP_Framework_final.pdf (PDF) Found: Information Regulations 2004 (EIR), the UK GDPR (General Data Protection Regulation) or the Data Protection Act

Data Protection Act 2018 mentioned in Scottish results

Scottish Government Publications
Wednesday 18th March 2026 Marine Directorate Source Page: Fishing vessel monitoring system (VMS) data for all of the International Council for the Exploration of the Seas (ICES) rectangles in Scotland: EIR release Document: Fishing vessel monitoring system (VMS) data for all of the International Council for the Exploration of the Seas (ICES) rectangles in Scotland: EIR release (webpage) Found: reason why that exception applies is explained in the Annex to this letter.To comply with the Data Protection Act
Wednesday 18th March 2026 Source Page: Scottish Forestry - Revised hydrological assessment information and correspondence regarding Carlinden Burn: EIR release Document: Scottish Forestry - Revised hydrological assessment information and correspondence regarding Carlinden Burn: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th March 2026 Energy and Climate Change Directorate Source Page: Peterhead Carbon Capture Power Station documentation: EIR release Document: Peterhead Carbon Capture Power Station documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th March 2026 Justice Directorate Source Page: Information held by the Justice Directorate relating to the progression of rape and attempted rape cases in Scotland: FOI release Document: Information held by the Justice Directorate relating to the progression of rape and attempted rape cases in Scotland: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th March 2026 Safer Communities Directorate Source Page: Code of Practice on the Exercise by Constables in Scotland of Search Powers Conferred by Sections 289, 303C and 303Z21 of the Proceeds of Crime Act 2002 Document: Code of Practice on the Exercise by Constables in Scotland of Search Powers Conferred by Sections 289, 303C and 303Z21 of the Proceeds of Crime Act 2002 (PDF) Found: shared when in accordance with the Human Rights Act 1998, the Gender Recognition Act 2004, the Data Protection Act
Tuesday 17th March 2026 Children and Families Directorate Source Page: Costs of delivering funded ELC in private, third sector and childminding settings Document: Costs of delivering funded ELC in private, third sector and childminding settings (PDF) Found: All your data will be securely stored by Diffley Partnership in accordance with the Data Protection Act
Monday 16th March 2026 Local Government and Housing Directorate Source Page: Mansion tax documentation: FOI release Document: Mansion tax documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 10th March 2026 Population Health Directorate Source Page: Alcohol and drugs: partnership delivery framework - 2026 Document: Partnership Delivery Framework: Alcohol and Drugs (2026) (PDF) Found: PHS processes personal data under the lawful basis of GDPR and the Data Protection Act 2018, which is
Tuesday 10th March 2026 Propriety and Ethics Directorate Source Page: Scottish Ministerial Code correspondence: FOI release Document: Scottish Ministerial Code correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 10th March 2026 Chief Operating Officer, NHS Scotland Directorate Source Page: Correspondence regarding magnetic resonance imaging (MRI): FOI release Document: Correspondence regarding magnetic resonance imaging (MRI): FOI release (webpage) Found: data of individuals which would contravene data protection principles under the UK GDPR and Data Protection Act
Tuesday 10th March 2026 People Directorate Source Page: Engagement of agency workers information: FOI release Document: Engagement of agency workers information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 10th March 2026 Source Page: Strategic Transport Projects Review (STPR2) correspondence: FOI release Document: Strategic Transport Projects Review (STPR2) correspondence: FOI release (webpage) Found: applicant and disclosure would contravene the data protection principles in Schedule 1 to the Data Protection Act
Tuesday 10th March 2026 Safer Communities Directorate Source Page: Correspondence relating to protests against housing asylum seekers in hotels and which mention right wing ideologies: FOI release Document: Correspondence relating to protests against housing asylum seekers in hotels and which mention right wing ideologies: FOI release (webpage) Found: protection principles in the UK.General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Source Page: Scottish Forestry - Environmental Impact Assessment (EIA) screening opinion workflow and internal documents regarding Carlinden Burn: EIR release Document: Scottish Forestry - Environmental Impact Assessment (EIA) screening opinion workflow and internal documents regarding Carlinden Burn: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Source Page: Scottish Forestry - Environmental Impact Assessment (EIA) screening opinion workflow and internal documents regarding Carlinden Burn: EIR release Document: EIR 202500497166 - Information released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Source Page: Transport Scotland - Connel Bridge maintenance and spend information: EIR release Document: Transport Scotland - Connel Bridge maintenance and spend information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Energy and Climate Change Directorate Source Page: Energy Consents public portal decision materials: EIR release Document: Energy Consents public portal decision materials: EIR release (webpage) Found: remains current and compliant with relevant statutory requirements, including GDPR and the Data Protection Act
Monday 9th March 2026 Source Page: Scottish Forestry felling permission applications and mapping standards queries: EIR Review Document: Scottish Forestry felling permission applications and mapping standards queries: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Children and Families Directorate Source Page: Shetland Islands Council Early Adopter Communities Project funding reports: FOI release Document: Shetland Islands Council Early Adopter Communities Project funding reports: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 9th March 2026 Energy and Climate Change Directorate Source Page: Windfall tax and energy profits levy correspondence: EIR release Document: Windfall tax and energy profits levy correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Thursday 5th March 2026 Digital Directorate Source Page: ScotAccount Equality Impact Assessment Document: ScotAccount Equality Impact Assessment (PDF) Found: The programme also reflects commitments under UK GDPR, the Data Protection Act 2018 and accessibility
Wednesday 4th March 2026 Source Page: Correspondence between Transport Scotland and East Dunbartonshire Council (EDC) regarding 20mph zones: FOI release Document: Correspondence between Transport Scotland and East Dunbartonshire Council (EDC) regarding 20mph zones: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 4th March 2026 Marine Directorate Source Page: Norwegian Mountain Salmon (NMS) correspondence: EIR release Document: Norwegian Mountain Salmon (NMS) correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 4th March 2026 Source Page: Correspondence between Transport Scotland and East Dunbartonshire Council (EDC) regarding 20mph zones: FOI release Document: FOI 202500499806 - Information Released - Attachment 1 - 3 (PDF) Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act
Wednesday 4th March 2026 Source Page: Transport Scotland correspondence regarding CalMac Ferries Ltd offshore workforce: FOI release Document: Transport Scotland correspondence regarding CalMac Ferries Ltd offshore workforce: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 4th March 2026 Marine Directorate Source Page: Consultation on fisheries management for inshore Marine Protected Area (MPA) and Priority Marine Feature (PMF): EIR release Document: Consultation on fisheries management for inshore Marine Protected Area (MPA) and Priority Marine Feature (PMF): EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Marine Directorate Source Page: Correspondence between Fish Health Inspectorate and Loch Duart PLC relating to sea lice levels: EIR release Document: Correspondence between Fish Health Inspectorate and Loch Duart PLC relating to sea lice levels: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Communications and Ministerial Support Directorate Source Page: Correspondence regarding GB News: FOI release Document: Correspondence regarding GB News: FOI release (webpage) Found: out in Article 5(1)(a) of the UK General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Communications and Ministerial Support Directorate Source Page: Emails between Scottish Government and GB News: FOI release Document: Emails between Scottish Government and GB News: FOI release (webpage) Found: out in Article 5(1)(a) of the UK General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Source Page: Transport Scotland - Dundee Airport communications: EIR release Document: Transport Scotland - Dundee Airport communications: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Population Health Directorate Source Page: Correspondence regarding extension of the Sugar Tax (Soft Drinks Industry Levy) and National Treatment Centre programme: FOI release Document: Correspondence regarding extension of the Sugar Tax (Soft Drinks Industry Levy) and National Treatment Centre programme: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Source Page: Scottish Government’s Boycott, Divestment and Sanctions (BDS) Against the State of Israel correspondence: FOI release Document: Scottish Government’s Boycott, Divestment and Sanctions (BDS) Against the State of Israel correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Source Page: Scottish Government’s Boycott, Divestment and Sanctions (BDS) Against the State of Israel correspondence: FOI release Document: FOI 202500491728 - Information Released - Annex (PDF) Found: with the requirements of the General Data Protection Regulation (EU) 2016/679 (the GDPR), the Data Protection Act
Tuesday 3rd March 2026 Marine Directorate Source Page: Scottish Enterprise funding and Moray FLOW-Park project documentation: EIR release Document: Scottish Enterprise funding and Moray FLOW-Park project documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Population Health Directorate Source Page: Right to Recovery Addiction (Scotland) Bill correspondence: FOI release Document: Right to Recovery Addiction (Scotland) Bill correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Marine Directorate Source Page: Correspondence relating to Offshore Solutions Group Ltd, Flow Park Investment Ltd and the Moray FLOW-Park Project: EIR release Document: Correspondence relating to Offshore Solutions Group Ltd, Flow Park Investment Ltd and the Moray FLOW-Park Project: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 3rd March 2026 Justice Directorate Source Page: Aberdeen City Council (Drinking in Public Places) Byelaws 2009 correspondence: FOI release Document: Aberdeen City Council (Drinking in Public Places) Byelaws 2009 correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Marine Directorate Source Page: West of Orkney wind farm application conflict of interest information: EIR Review Document: West of Orkney wind farm application conflict of interest information: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Source Page: Documentation mentioning Irvine Welsh and Scottish Fiscal Commission: FOI release Document: Documentation mentioning Irvine Welsh and Scottish Fiscal Commission: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Constitution Directorate Source Page: Correspondence to the First Minister regarding A Fresh Start with Independence: FOI release Document: Correspondence to the First Minister regarding A Fresh Start with Independence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Source Page: Information relating to works on the Carlinden Burn site: EIR release Document: Information relating to works on the Carlinden Burn site: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Source Page: Ecological, wildlife and habitat information for Carlinden Burn: EIR release Document: Ecological, wildlife and habitat information for Carlinden Burn: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Constitution Directorate Source Page: Correspondence to the Deputy First Minister and Cabinet Secretary for Economy and Gaelic regarding A Fresh Start with Independence: FOI release Document: FOI 202500498553 - Information Released - Annex A and Annex B (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Equality, Inclusion and Human Rights Directorate Source Page: Scottish Catholic Church communications regarding the COVID pandemic: FOI Review Document: Scottish Catholic Church communications regarding the COVID pandemic: FOI Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Source Page: Scottish Forestry - Bowden Moor tree felling application details: EIR release Document: Scottish Forestry - Bowden Moor tree felling application details: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Agriculture and Rural Economy Directorate Source Page: Future Farming Investment Scheme (FFIS) data: EIR release Document: FOI 202600500681 - Information Released - Annex A (PDF) Found: outlined in Article 5(1) of the General Data Protection Regulation (GDPR) and Section 34(1) of the Data Protection Act
Monday 2nd March 2026 Children and Families Directorate Source Page: Correspondence from clinicians regarding the proposed downgrade of Wishaw Neonatal Unit: FOI release Document: Correspondence from clinicians regarding the proposed downgrade of Wishaw Neonatal Unit: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 2nd March 2026 Chief Operating Officer, NHS Scotland Directorate Source Page: Correspondence regarding United Kingdom Internal Market Act 2020 (UKIMA) for the Non-surgical Procedures and Functions of Medical Reviewers (Scotland) Bill: FOI release Document: FOI 202500498378 - Information Released - Annex A and Annex B (PDF) Found: regulate the relationship between FOISA, the UK General Data Protection Regulation and the Data Protection Act
Monday 2nd March 2026 Source Page: Transport Scotland - Small Vessel Replacement Project Gateway Review information: EIR release Document: Transport Scotland - Small Vessel Replacement Project Gateway Review information: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Friday 27th February 2026 Children and Families Directorate Source Page: National Transitions to Adulthood Strategy for Young Disabled People – Supplementary Report Document: Supplementary report for Transitions Strategy for Disabled Young People (PDF) Found: Collaboration, including information sharing that is in keeping with the Data Protection Act (2018),
Thursday 26th February 2026 Source Page: Scottish Pubs Code: guidance for tied pub tenants and pub companies Document: Scottish Pubs Adjudicator: complaints form for tied pub tenants (webpage) Found: information given to us about you and your complaint for its intended purpose and in line with Data Protection Act
Wednesday 25th February 2026 Source Page: Adult Disability Payment caseload by Condition Type: FOI release Document: Adult Disability Payment caseload by Condition Type: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 25th February 2026 People Directorate Source Page: Scottish Government's Trans and Non-Binary Inclusion Policy: FOI release Document: FOI 202500497199 - Information Released - Annex (PDF) Found: including but not limited to medical treatment as special category personal data under the Data Protection Act
Wednesday 25th February 2026 Source Page: Social Security Scotland’s Retention and Disposal Policy and Guidance: FOI release Document: FOI 202500498570 - Information Released - Spreadsheet (Excel) Found: For Law Enforcement processing, Data Protection Act 2018, section 67.
Wednesday 25th February 2026 Source Page: Social Security Scotland’s Retention and Disposal Policy and Guidance: FOI release Document: FOI 202500498570 - Information Released - Documents (PDF) Found: Under UK General Data Protection Regulation (UK GDPR) and the Data Protection Act (DPA) 2018, personal
Wednesday 25th February 2026 Marine Directorate Source Page: Fish health inspectorate’s (FHI) inspections data: EIR release Document: Fish health inspectorate’s (FHI) inspections data: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 25th February 2026 Source Page: Transport Scotland 20mph speed limit roll out Dumfries and Galloway: FOI release Document: Transport Scotland 20mph speed limit roll out Dumfries and Galloway: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 25th February 2026 Marine Directorate Source Page: Analysis of aquaculture administrative burdens and mandatory mortality reporting: EIR release Document: Analysis of aquaculture administrative burdens and mandatory mortality reporting: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 25th February 2026 Source Page: Woodland restoration grant to Invergeldie Estate, Oxygen Conservation: EIR release Document: Woodland restoration grant to Invergeldie Estate, Oxygen Conservation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Safer Communities Directorate Source Page: Police Division risk register information: FOI release Document: Police Division risk register information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Source Page: First Minister and Leader of Sinn Fein meeting documentation: FOI release Document: First Minister and Leader of Sinn Fein meeting documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Communications and Ministerial Support Directorate Source Page: Cabinet Secretary for Climate Action and Energy's expenses for COP30: FOI release Document: Cabinet Secretary for Climate Action and Energy's expenses for COP30: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Local Government and Housing Directorate Source Page: LAR Housing Trust loan information: FOI release Document: LAR Housing Trust loan information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Communications and Ministerial Support Directorate Source Page: Documentation for meetings attended by Former first Minister and Aamer Anwar and Co: FOI release Document: Documentation for meetings attended by Former first Minister and Aamer Anwar and Co: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Energy and Climate Change Directorate Source Page: Carbon budget targets advice correspondence: EIR release Document: EIR 202500496970 - Information released - Annex A, Annex B and Annex C (PDF) Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Source Page: Historic Environment Scotland meeting note information: FOI release Document: Historic Environment Scotland meeting note information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Financial Management Directorate Source Page: Scottish Government budget and Barnett consequential meetings: FOI release Document: Scottish Government budget and Barnett consequential meetings: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Propriety and Ethics Directorate Source Page: Communications and information relating to the James Hamilton report and associated published legal advice (case reference number 281/2025): FOI Appeal Document: Communications and information relating to the James Hamilton report and associated published legal advice (case reference number 281/2025): FOI Appeal (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 24th February 2026 Propriety and Ethics Directorate Source Page: Communications and information relating to the James Hamilton report and associated published legal advice (case reference number 281/2025): FOI Appeal Document: FOI 202400438168 - DN281 - Information Released - Batch 18 (PDF) Found: Team (CRIT) at the ICO to discontinue an investigation into potential offences under s.170 Data Protection Act
Tuesday 24th February 2026 Propriety and Ethics Directorate Source Page: Communications and information relating to the James Hamilton report and associated published legal advice (case reference number 281/2025): FOI Appeal Document: FOI 202400438168 - DN281 - Information Released - Batch 15 (PDF) Found: The Data Protection Act gives you the right to see information about yourself.
Tuesday 24th February 2026 Source Page: Social Security Scotland - Adult Disability Payment (ADP) data on specific recorded Primary Disability Conditions: FOI release Document: Social Security Scotland - Adult Disability Payment (ADP) data on specific recorded Primary Disability Conditions: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Non-Domestic Rates (Liability for Unoccupied Properties) (Scotland) Bill correspondence: FOI release Document: Non-Domestic Rates (Liability for Unoccupied Properties) (Scotland) Bill correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Agriculture and Rural Economy Directorate Source Page: Agricultural payments computerised system information: FOI release Document: Agricultural payments computerised system information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Energy and Climate Change Directorate Source Page: Correspondence from Oil and Gas organisations regarding engagement with Scottish Government: EIR release Document: EIR 202500496792 - Information Released - Annex (PDF) Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Recorded communications containing certain phrases: FOI release Document: FOI 202500496330 - Information released - Annex A and Annex B (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Transport Scotland - Swallow Roundabout in Dundee correspondence: EIR release Document: Transport Scotland - Swallow Roundabout in Dundee correspondence: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Business Gateway funding communications: FOI release Document: Business Gateway funding communications: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Cabinet Secretary for Finance and Local Government correspondence regarding the Non-Domestic Rates (Scotland) Act 2020: FOI release Document: Cabinet Secretary for Finance and Local Government correspondence regarding the Non-Domestic Rates (Scotland) Act 2020: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: City of Edinburgh Council correspondence regarding the proposed new West Edinburgh secondary school: EIR Review Document: City of Edinburgh Council correspondence regarding the proposed new West Edinburgh secondary school: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Agriculture and Rural Economy Directorate Source Page: Sustainable farming incentive documentation: EIR release Document: Sustainable farming incentive documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Scottish Forestry - East Netershield Woodland Creation Scheme correspondence: EIR relaese Document: Scottish Forestry - East Netershield Woodland Creation Scheme correspondence: EIR relaese (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Safer Communities Directorate Source Page: Minutes from Serious Organised Crime Taskforce meetings: FOI release Document: Minutes from Serious Organised Crime Taskforce meetings: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Safer Communities Directorate Source Page: Minutes from Serious Organised Crime Taskforce meetings: FOI release Document: FOI 202600501737 - Information Released - Attachment (PDF) Found: said that the Information Commissioner’s Office (ICO) was aware of issues since GDPR and the Data Protection Act
Monday 23rd February 2026 Mental Health Directorate Source Page: NHS Highland neurodevelopmental and mental health information: FOI release Document: NHS Highland neurodevelopmental and mental health information: FOI release (webpage) Found: contravene the data protection principles in Article 5(1) of the UK GDPR and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Children and Families Directorate Source Page: Correspondence sent to former First Minister regarding child sexual exploitation and abuse: FOI release Document: FOI 202600499932 - Information Released - Annex (PDF) Found: handled under the requirements of the EU General Data Protection Regulation (GDRP) and the Data Protection Act
Monday 23rd February 2026 Energy and Climate Change Directorate Source Page: Community Wind Power correspondence: FOI release Document: Community Wind Power correspondence: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in Section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Reduction of public sector workforce risks registers and progress: FOI release Document: Reduction of public sector workforce risks registers and progress: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Correspondence regarding Non- Domestic Rates (Scotland) Act 2020: FOI release Document: Correspondence regarding Non- Domestic Rates (Scotland) Act 2020: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Communications and Ministerial Support Directorate Source Page: Plans for proactive publication of relevant data and ongoing communications plans information: FOI release Document: Plans for proactive publication of relevant data and ongoing communications plans information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Energy and Climate Change Directorate Source Page: Correspondence regarding the Mosmorran Just Transition plan: EIR release Document: Correspondence regarding the Mosmorran Just Transition plan: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Energy and Climate Change Directorate Source Page: Warmworks contract information: EIR release Document: Warmworks contract information: EIR release (webpage) Found: applicant and disclosure would contravene the data protection principles in Schedule 1 to the Data Protection Act
Monday 23rd February 2026 Source Page: Institute for Fiscal Studies and Barnett Formula documentation: FOI release Document: Institute for Fiscal Studies and Barnett Formula documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Scottish Forestry gender and specific demographic groups queries: FOI release Document: FOI 202600501731 - Information Released - Annex C (PDF) Found: respective obligations under the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act
Monday 23rd February 2026 Source Page: Social Security Scotland Benefit payment statistics: FOI release Document: Social Security Scotland Benefit payment statistics: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Source Page: Cabinet Secretary for Constitution, External Affairs and Culture’s visit to Switzerland and Germany: FOI release Document: FOI 202500496305 - Information Released - Annex (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Monday 23rd February 2026 Local Government and Housing Directorate Source Page: Copies of concern regarding Non-Domestic Rates (Scotland) Act 2020: FOI release Document: Copies of concern regarding Non-Domestic Rates (Scotland) Act 2020: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Agriculture and Rural Economy Directorate Source Page: Future Farming Investment Scheme correspondence regarding the assessment of common grazing land: EIR release Document: EIR 202500494702 - Information Released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Source Page: Summerhall documentation: FOI release Document: Summerhall documentation: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Environment and Forestry Directorate Source Page: Meeting details between the Stove Industry Association and the Scottish Government: EIR request Document: EIR 202500494885 - Information released - Annex A - Annec C (PDF) Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Justice Directorate Source Page: Correspondence sent to Cabinet Secretary for Justice and Minister for Victims and Community Safety regarding prisons: FOI release Document: Correspondence sent to Cabinet Secretary for Justice and Minister for Victims and Community Safety regarding prisons: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Energy and Climate Change Directorate Source Page: Correspondence regarding the closure of Mossmorran: EIR release Document: Correspondence regarding the closure of Mossmorran: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Internal Audit and Assurance Directorate Source Page: Gate Review Child Health report: FOI release Document: Gate Review Child Health report: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Chief Operating Officer, NHS Scotland Directorate Source Page: National Elective Care Programme Gateway Review information: FOI release Document: National Elective Care Programme Gateway Review information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Source Page: Communications by Scottish Ministers relating to the future ownership and management of Dundee Airport: EIR release Document: Communications by Scottish Ministers relating to the future ownership and management of Dundee Airport: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Source Page: First Minister Questions briefing notes on Scottish taxpayers paying less income tax than elsewhere in the UK: FOI release Document: FOI 202500496273 - Information Released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Source Page: Museums Galleries Scotland documentation regarding the Equality and Human Rights Commission (EHRC): FOI release Document: Museums Galleries Scotland documentation regarding the Equality and Human Rights Commission (EHRC): FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Social Security Directorate Source Page: Social Security Programme Gateway Review information: FOI release Document: Social Security Programme Gateway Review information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Communications and Ministerial Support Directorate Source Page: Correspondence which mentions former Chief Executive of the Scottish National Party: FOI release Document: Correspondence which mentions former Chief Executive of the Scottish National Party: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Population Health Directorate Source Page: Public health information regarding LED lighting: EIR Review Document: Public health information regarding LED lighting: EIR Review (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Education Reform Directorate Source Page: Proposed relocation of Glasgow Gaelic Primary School documentation: FOI release Document: FOI 202500496130 - Information Released - Annex A (PDF) Found: collect, store and use) the information you provide in a manner compatible with UK GDPR and the Data Protection Act
Wednesday 18th February 2026 Agriculture and Rural Economy Directorate Source Page: Derogation from Agri-Environment Climate Scheme (AECS) contracts: EIR release Document: Derogation from Agri-Environment Climate Scheme (AECS) contracts: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Wednesday 18th February 2026 Agriculture and Rural Economy Directorate Source Page: Assessment of Future Farming Investment Scheme applications correspondence: EIR release Document: EIR 202500494687 - Information released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Social Security Directorate Source Page: Details of the Cabinet Secretary for Social Justice's trip to London: FOI release Document: Details of the Cabinet Secretary for Social Justice's trip to London: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Internal Audit and Assurance Directorate Source Page: Gate Review HMP Glasgow report: FOI release Document: Gate Review HMP Glasgow report: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Marine Directorate Source Page: Review of the Scottish Adjacent Waters Boundary Order 2009 communications: FOI release Document: Review of the Scottish Adjacent Waters Boundary Order 2009 communications: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Source Page: Transport Scotland 'Mallaig Lochboisdale New Vessel Project' Gateway Review: FOI release Document: Transport Scotland 'Mallaig Lochboisdale New Vessel Project' Gateway Review: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Internal Audit and Assurance Directorate Source Page: Gate Review Mangata Project report: FOI release Document: Gate Review Mangata Project report: FOI release (webpage) Found: parties and disclosing it would contravene the data protection principles in Schedule 1 to the Data Protection Act
Tuesday 17th February 2026 Source Page: Transport Scotland - Dualling of the A96 documentation: EIR release Document: Transport Scotland - Dualling of the A96 documentation: EIR release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Source Page: Transport Scotland 'Lochboisdale Gasay' completed Gateway Review information: FOI release Document: Transport Scotland 'Lochboisdale Gasay' completed Gateway Review information: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Justice Directorate Source Page: Justice Division risk registers: FOI release Document: Justice Division risk registers: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Children and Families Directorate Source Page: Correspondence between Ministers regarding grooming gangs: FOI release Document: Correspondence between Ministers regarding grooming gangs: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Source Page: Transport impact assessment relating to temporary worker accommodation village in Thurso: FOI release Document: Transport impact assessment relating to temporary worker accommodation village in Thurso: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Chief Operating Officer, NHS Scotland Directorate Source Page: Correspondence and documentation regarding waiting list statistic: FOI release Document: Correspondence and documentation regarding waiting list statistic: FOI release (webpage) Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act
Tuesday 17th February 2026 Communications and Ministerial Support Directorate Source Page: Justice Secretary attendance, itinerary, and correspondence on 19 November 2025: FOI release Document: FOI 202500494722 - Information Released - Annex A (PDF) Found: principles in Article 5(1) of the General Data Protection Regulation and in Section 34(1) of the Data Protection Act

Scottish Parliamentary Debates
Criminal Justice System (Challenges for Session 7) 240 speeches (160,353 words) Wednesday 11th March 2026 - Committee Mentions: 1: None of practice to update it in the light of UK legislative changes relating to changes from the Data Protection Act - Link to Speech

Data Protection Act 2018 mentioned in Welsh results

Welsh Committee Publications
Tuesday 3rd February 2026 PDF - Marshalled List of Amendments - 3 February 2026 (PDF 238KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
Tuesday 3rd February 2026 PDF - Marshalled List of Amendments - 3 February 2026 (PDF 243KB) v2 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
Thursday 29th January 2026 PDF - Marshalled List of Amendments - 29 January 2026 Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Marshalled List of Amendments – 29 January 2026 Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Marshalled List of Amendments - 3 February 2026 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
PDF - Revised Explanatory Memorandum and Regulatory Impact Assessment - 3 February 2026 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Information Commissioner's Office (ICO) is the independent regulatory office dealing with the Data Protection Act
PDF - Building Safety (Wales) Bill as amended at stage 2 Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Building Safety (Wales) Bill Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Marshalled List of Amendments - 3 February 2026 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act
PDF - Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Stage 2 amended Bill (Unchecked) Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - 10. Manon Antoniazzi, Chief Executive of the Senedd Inquiry: Introducing more independence and support into the complaints process in the Senedd. Found: There is no need for information to be recorded – in doing so it could breach Data Protection Act.
PDF - report Inquiry: The future of general practice in Wales Found: Under the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, GP practices
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 3 (UNCHECKED) (PDF 463KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 3 (UNCHECKED) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Stage 2 amended Bill (Checked) Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 3 (CHECKED) (PDF 467KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as amended at Stage 3 Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Revised Explanatory Memorandum and Regulatory Impact Assessment – 24 February 2026 Inquiry: Building Safety (Wales) Bill Found: restriction on the disclosure of information or a document; but by virtue of section 183A of the Data Protection Act
PDF - report Inquiry: Inquiry into dignity and respect: Introducing more independence and support into the complaints process in the Senedd Found: ▪ There is no need for information to be recorded – in doing so it could breach Data Protection Act
PDF - Building Safety (Wales) Bill as amended at stage 3 Inquiry: Building Safety (Wales) Bill Found: the disclosure of information (however imposed). 15 (6) But see also section 183A of the Data Protection Act
PDF - Building Safety (Wales) Bill Inquiry: Building Safety (Wales) Bill Found: the disclosure of information (however imposed). 15 (6) But see also section 183A of the Data Protection Act
PDF - Supplementary LCM Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Crime and Policing Bill Found: section 106(2) of the Data (Use and Access) Act 2025, which inserted section 183A into the Data Protection Act
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as passed (PDF 461KB) Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill, as passed Inquiry: Report on the Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: (2) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Building Safety (Wales) Bill Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Building Safety (Wales) Bill, as passed Inquiry: Building Safety (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Stage 3 amended Bill (Unchecked) Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: (5) But see also section 183A of the Data Protection Act 2018 (c. 12) (protection of requirements
PDF - Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: the disclosure of information (however imposed). 20 (5) But see also section 183A of the Data Protection Act
PDF - Stage 3 amended Bill (Checked) Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: the disclosure of information (however imposed). 20 (5) But see also section 183A of the Data Protection Act
PDF - Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: the disclosure of information (however imposed). 20 (5) But see also section 183A of the Data Protection Act
PDF - Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: the disclosure of information (however imposed). 20 (5) But see also section 183A of the Data Protection Act
PDF - Bill as passed EN Inquiry: Report on the Development of Tourism and Regulation of Visitor Accommodation (Wales) Bill Found: the disclosure of information (however imposed). 20 (5) But see also section 183A of the Data Protection Act

Welsh Government Publications
Thursday 11th June 2026 Source Page: FOI release 26921: Deposit Return Scheme Document: Deposit Return Scheme (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 10th June 2026 Source Page: Childcare: statutory guidance for local authorities Document: Childcare: statutory guidance for local authorities (PDF) Found: Data Protection 5.60 Local authorities must ensure that they comply with the Data Protection Act
Tuesday 9th June 2026 Source Page: FOI release 26948: Requester identities Document: Requester identities (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 9th June 2026 Source Page: FOI release 26979: Solar Farm Document: Solar Farm (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 9th June 2026 Source Page: FOI release 26951: Big cat sightings Document: Big cat sightings (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 28th May 2026 Source Page: FOI release 26866: Ysgol Gyfun Cwm Rhondda Document: doc5a (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Thursday 21st May 2026 Source Page: FOI release 26908: Communication guidance Document: Communication guidance (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Wednesday 13th May 2026 Source Page: FOI release 26880: Health Impact Assessment Regs Document: Health Impact Assessment Regs (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Thursday 7th May 2026 Source Page: Rights, respect, equality: guidance for schools Document: Challenging bullying and harassment (webpage) Found: protection legislation such as the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act
Wednesday 6th May 2026 Source Page: FOI release 26868: Oxo-biodegradable plastic Document: Oxo-biodegradable plastic (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 5th May 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 24 April 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 24 April 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Thursday 30th April 2026 Source Page: FOI release 26843: Upper Pant Farmhouse Document: Upper Pant Farmhouse (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 30th April 2026 Source Page: Levels of highest qualification held by working age adults: 2025 Document: Levels of highest qualification held by working age adults: 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Wednesday 29th April 2026 Source Page: FOI release 26824: Creative Wales Document: Creative Wales (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 29th April 2026 Source Page: FOI release 26836: Anglesey solar development Document: Anglesey solar development (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 29th April 2026 Source Page: FOI release 26835: Planning application call-in Document: Planning application call-in (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 29th April 2026 Source Page: Young people not in education, employment or training (NEET): 2025 Document: Young people not in education, employment or training (NEET): 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 28th April 2026 Source Page: FOI release 26814: Ffos Y Fran Document: Ffos Y Fran (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 28th April 2026 Source Page: FOI release 26818: Natural Resources Wales Document: Natural Resources Wales (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 22nd April 2026 Source Page: FOI release 26811: Wales Media Awards Document: Wales Media Awards (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Wednesday 22nd April 2026 Source Page: Labour market statistics (Annual Population Survey): 2025 Document: Labour market statistics (Annual Population Survey): 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 21st April 2026 Source Page: FOI release 26808: Homelessness Funding Document: Homelessness Funding (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Tuesday 21st April 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 10 April 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 10 April 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 21st April 2026 Source Page: Youth Engagement and Progression Framework (YEPF): overview Document: Youth Engagement and Progression Framework: overview (webpage) Found: The UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018 came into force in
Monday 20th April 2026 Source Page: Registered social landlords (RSL) sector risks: guidance Document: Sector Risk Overview for the Registered Social Landlord (RSL) sector in Wales (webpage) Found: protection are contained within the General Data Protection Regulation (GDPR), alongside the Data Protection Act
Friday 17th April 2026 Source Page: Ynni Cymru capital grant funding scheme 2026 to 2027: guidance Document: Ynni Cymru capital grant funding programme 2026 to 2027: guidance (PDF) Found: protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Thursday 9th April 2026 Source Page: FOI release 26783: Godre’r Graig School Document: Godre’r Graig School (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 9th April 2026 Source Page: FOI release 26779: Allergic conditions Document: Allergic conditions (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Thursday 9th April 2026 Source Page: FOI release 26778: Digital Health Advisor Document: Digital Health Advisor (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Tuesday 7th April 2026 Source Page: Challenging bullying and harassment Document: Rights, respect, equality: statutory guidance for schools and settings (PDF) Found: protection legislation such as the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act
Tuesday 7th April 2026 Source Page: Armed forces (National Survey for Wales): April 2024 and March 2025 Document: Armed forces (National Survey for Wales): April 2024 and March 2025 (webpage) Found: personal data underlying these statistics is processed in accordance with the requirements of the Data Protection Act
Tuesday 7th April 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 27 March 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 27 March 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Tuesday 7th April 2026 Source Page: Taxi and private hire vehicles: licensing guidance Document: Taxi and private hire vehicles: licensing guidance (webpage) Found: Welsh local authorities should also ensure that information is processed in accordance with the Data Protection Act
Thursday 2nd April 2026 Source Page: Welsh Revenue Authority equality report 2026 Document: Welsh Revenue Authority equality report 2026 (webpage) Found: great importance on protecting people’s privacy and their data in full compliance with the Data Protection Act
Tuesday 31st March 2026 Source Page: 'Making wood work for Wales' capital grant scheme: guidance Document: Guidance (PDF) Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act
Tuesday 31st March 2026 Source Page: Welsh Revenue Authority retention and disposal schedule Document: Retention and disposal schedule (PDF) Found: information, including that covered by the UK General Data Protection Regulation (UK GDPR), and the Data Protection Act
Friday 27th March 2026 Source Page: National framework for Continuing NHS Healthcare Document: Continuing NHS Healthcare, the national framework for implementation in Wales (PDF) Found: practitioners 38 Sharing of Information Individuals without capacity 3.16 Under the Data Protection Act
Friday 27th March 2026 Source Page: Wales air quality awareness survey Document: Wales air quality awareness survey (PDF) Found: The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 (DPA) Ipsos
Thursday 26th March 2026 Source Page: FOI release 26771: Wildlife Incident Investigation Scheme Document: Wildlife Incident Investigation Scheme (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 26th March 2026 Source Page: FOI release 26615: Wadham College of Science Document: Wadham College of Science (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Thursday 26th March 2026 Source Page: FOI release 26749: Natural Resources Wales Document: Natural Resources Wales (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 26th March 2026 Source Page: FOI release 26748: Cadw Historic Building Grants Document: Cadw Historic Building Grants (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 26th March 2026 Source Page: Refreshed Intellectual Property guidance for NHS Wales organisations (WHC/2026/004) Document: Appendix 1: Intellectual property (IP) guidance for National Health Service (NHS) Wales organisations (PDF) Found: protection and privacy legislation in force from time to time in the UK including the UK GDPR; the Data Protection Act
Thursday 26th March 2026 Source Page: Relative income poverty: April 2024 to March 2025 Document: Relative income poverty: April 2023 to March 2025 (Official Statistics in Development) (webpage) Found: are presented impartially and objectively and are in accordance with the requirements of the Data Protection Act
Thursday 26th March 2026 Source Page: Exploring the devolution of social security administration Document: Report (PDF) Found: far the Welsh Government or local authorities can use or share data without breaching the Data Protection Act
Wednesday 25th March 2026 Source Page: Direct payments for Continuing NHS healthcare Document: Guidance on direct payments for Continuing NHS healthcare (PDF) Found: should ensure all actions undertaken in the delivery of direct payments are in line with the Data Protection Act
Tuesday 24th March 2026 Source Page: FOI release 26744: Solar developments Document: Solar developments (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Tuesday 24th March 2026 Source Page: Model social public works clauses Document: Model social public works clauses (PDF) Found: protection and privacy legislation in force from time to time in the UK including the UK GDPR; the Data Protection Act
Tuesday 24th March 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 13 March 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 13 March 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Friday 20th March 2026 Source Page: Ynni Cymru capital grant funding programme 2026 to 2027: guidance Document: Ynni Cymru capital grant funding programme 2026 to 2027: guidance (PDF) Found: protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act
Wednesday 18th March 2026 Source Page: FOI release 26712: Deleted files Document: Doc 2 (PDF) Found: 7 Complaints The handling of some of this information is subject to the provisions of the Data Protection Act
Monday 16th March 2026 Source Page: FOI release 26725: Wales Japan Club Document: Wales Japan Club (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 16th March 2026 Source Page: FOI release 26725: Wales Japan Club Document: Doc C (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Monday 16th March 2026 Source Page: FOI release 26725: Wales Japan Club Document: Doc B (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Monday 16th March 2026 Source Page: FOI release 26725: Wales Japan Club Document: Doc A (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Thursday 12th March 2026 Source Page: FOI release 26677: Pollution incident Document: Pollution incident (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 12th March 2026 Source Page: Visitor levy: guidance for local authorities Document: Visitor levy: guidance for local authorities (webpage) Found: and relevant data protection legislation, including their existing statutory duties under the Data Protection Act
Thursday 12th March 2026 Source Page: Visitor levy: guidance for local authorities Document: Visitor levy: guidance for local authorities (PDF) Found: relevant data protection legislation, including their existing statutory duties under the Data Protection Act
Wednesday 11th March 2026 Source Page: National strategy for preventing and responding to child sexual abuse in Wales 2026 to 2036: children's rights impact assessment Document: National strategy for preventing and responding to child sexual abuse in Wales 2026 to 2036: children's rights impact assessment (PDF) Found: Informed consent procedures and secure data protection practices, in line with the Data Protection Act
Wednesday 11th March 2026 Source Page: FOI release 26675: Flooding and agriculture Document: Doc 1 (PDF) Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act
Tuesday 10th March 2026 Source Page: Active travel (National Survey for Wales): April 2024 to March 2025 Document: Active travel (National Survey for Wales): April 2024 to March 2025 (webpage) Found: personal data underlying these statistics is processed in accordance with the requirements of the Data Protection Act
Tuesday 10th March 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 27 February 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 27 February 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Friday 6th March 2026 Source Page: Ffermio Bro - Farming in Designated Landscapes (stage 1): rules booklet 2026-28 Document: Ffermio Bro - Farming in Designated Landscapes (stage 1): rules booklet 2026-28 (webpage) Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act
Wednesday 4th March 2026 Source Page: FOI release 26668: Wildlife Incident Investigation Scheme reports Document: Wildlife Incident Investigation Scheme reports (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Friday 27th February 2026 Source Page: Single Application Form (SAF) 2026: rules booklet for woodland and organic schemes when claiming Sustainable Farming Scheme Document: Single Application Form (SAF) 2026: rules booklet for woodland and organic schemes when claiming Sustainable Farming Scheme (PDF) Found: accordance with its obligations and duties under the: • Freedom of Information Act 2000 • The Data Protection Act
Friday 27th February 2026 Source Page: Small Grants – Woodland Creation (window 10): rules booklet Document: Small Grants – Woodland Creation (window 10): rules booklet (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act
Friday 27th February 2026 Source Page: Woodland Creation Grant (window 6): rules booklet Document: Woodland Creation Grant (window 6): rules booklet (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act
Thursday 26th February 2026 Source Page: Common legislative solutions: a guide to tackling recurring policy issues in legislation Document: Common legislative solutions: a guide to tackling recurring policy issues in legislation (PDF) Found: schedule/1) (failure to comply with a stop notice is an offence) • section 155(1)(b) of the Data Protection Act
Tuesday 24th February 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 13 February 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 13 February 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 23rd February 2026 Source Page: FOI release 26622: Rhos-farch Farm Document: Rhos-farch Farm (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 23rd February 2026 Source Page: Single Application Form (SAF) 2026: rules booklet for Basic Payment Scheme, woodland and organic schemes Document: Single Application Form (SAF) 2026: rules booklet for Basic Payment Scheme, woodland and organic schemes (PDF) Found: accordance with its obligations and duties under the: • Freedom of Information Act 2000 • The Data Protection Act
Thursday 19th February 2026 Source Page: Small Grant Scheme: Food and Drink Festivals and Events Scheme 2026 to 2027: application form Document: Small Grant Scheme: Food and Drink Festivals and Events Scheme 2026 to 2027: application form (webpage) Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act
Wednesday 18th February 2026 Source Page: FOI release 26596: Glyndŵr National Park Document: Doc 1 (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act
Wednesday 18th February 2026 Source Page: FOI release 26606: Nation of Sanctuary Document: Nation of Sanctuary (PDF) Found: data protection principles. 5 ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act
Monday 16th February 2026 Source Page: FOI release 26586: St Ann Street, Chepstow Document: St Ann Street, Chepstow (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 16th February 2026 Source Page: FOI release 26579: St Ann Street, Chepstow Document: St Ann Street, Chepstow (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Monday 16th February 2026 Source Page: FOI release 26571: Bridge House Farm Document: Bridge House Farm (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 12th February 2026 Source Page: FOI release 26442and26567: Marine Nitrates Development Taskforce Document: Marine Nitrates Development Taskforce (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 12th February 2026 Source Page: Performance and improvement framework for social services: additional guidance 2023 to 2024 Document: Performance and improvement framework for social services: additional guidance 2023 to 2024 (PDF) Found: collected under this framework is governed by the General Data Protection Regulation (GDPR) and Data Protection Act
Wednesday 11th February 2026 Source Page: Changes to two codes of practice: Part 6 and Special Guardianship Orders Document: Part 6 Code of Practice (Looked After and Accommodated Children): As amended with tracked changes (PDF) Found: Authorities will need to satisfy themselves that they are complying with the Data Protection Act 2018
Wednesday 11th February 2026 Source Page: Changes to two codes of practice: Part 6 and Special Guardianship Orders Document: Part 6 Code of Practice (Looked After and Accommodated Children): As amended (PDF) Found: Authorities will need to satisfy themselves that they are complying with the Data Protection Act 2018
Tuesday 10th February 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 30 January 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 30 January 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 9th February 2026 Source Page: FOI release 26553: Councillors standards Document: Councillors standards (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)
Monday 9th February 2026 Source Page: FOI release 26556: St David’s Day Pilot Document: St David’s Day Pilot (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 5th February 2026 Source Page: Fair work (National Survey for Wales): April 2024 to March 2025 Document: Fair work (National Survey for Wales): April 2024 to March 2025 (webpage) Found: personal data underlying these statistics is processed in accordance with the requirements of the Data Protection Act
Thursday 5th February 2026 Source Page: FOI release 26544: Buckland Hall Document: Buckland Hall (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)
Thursday 29th January 2026 Source Page: Young people not in education, employment or training (NEET): October 2024 to September 2025 Document: Young people not in education, employment or training (NEET): October 2024 to September 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Thursday 29th January 2026 Source Page: Evaluation of the elective home education statutory guidance Document: Evaluation of the elective home education statutory guidance (PDF) Found: with such services, in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act
Tuesday 27th January 2026 Source Page: Attendance of pupils in maintained schools: 2 September 2025 to 16 January 2026 Document: Attendance of pupils in maintained schools: 2 September 2025 to 16 January 2026 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act
Monday 26th January 2026 Source Page: FOI release 26526: Great British Railways Document: Great British Railways (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)