Your right to information

Further information on Data Protection and Subject Access

Legislation and ethos

The Data Protection Act 1998 gives you the right to find out what information is held about you on computer and some paper records. This right is known as the Right of Subject Access.

The Act also requires that those who record and use personal information (the data controller) be open about how this information is used and that anyone processing personal data comply with eight data protection principles of good practice.

The 8 principles are that data must be:

• Fairly and lawfully processed;
• Processed for limited purposes;
• Adequate, relevant and not excessive;
• Accurate;
• Not kept longer than necessary;
• Processed in accordance with the data subject’s rights;
• Secure;
• Not transferred to countries, which do not have adequate protection for personal data.

What is ‘personal data’?

This is defined as information relating to a ‘living’ individual who can be identified either from the information itself or indirectly by combining the information with other data available to the data controller. Personal data includes expressions of opinion about the individual and any indication of intentions anyone may have in respect of the individual.

What is ‘subject access’?

Section 7 of the Data Protection Act 1998 states that a ‘data subject’ (the person about whom the personal data refers) is entitled, upon written request, to be informed whether or not personal data is held or processed about them.

If personal data is being held or processed, the "data subject" is allowed access to:

• A copy of the personal data held;
• The reasons why the data is being held or processed;
• Information as to what other bodies the information may be passed on to.

However some exemptions exist to prevent disclosing this information to you in certain circumstances. For example, these can include:

• The prevention and detection of crime;
• The apprehension and prosecution of offenders;
• The interests of national security.

Making a Subject Access Request to the MPS

• Accessing information about yourself held by the MPS
• Request Forms – accessing information about yourself held by the MPS

Fee
Your Subject Access application will cost £10 (sterling). We accept cheques, British postal orders and international bankers drafts, made payable to The Metropolitan Police Authority. We do not recommend the sending of cash by post. Please write your name, date of birth and address on the back of your payment in BLOCK CAPITALS.

Proof of Identity
The MPS needs to satisfied that you are who you say you are. Consequently we ask you to provide evidence of your identity and address by supplying copies of two different official documents which between them provide sufficient information to prove your name, date of birth, current address and signature.

For example: a combination of driving licence, medical card, birth/adoption certificate, passport, utility bill or bank statement.

We reserve the right to request original documentation in some cases. All original documents will be returned by post.

Obtaining information under DPA to prevent or detect crime

It is often the case that to prevent or detect crime, or to locate an offender the MPS must obtain information from an organisation, which may not be required under the DPA 1998 to release this information to the police.

Section 29(3) of the Act enables a ‘data controller’ to disclose this type of information, if they wish to do so lawfully. In such cases the MPS must complete a form and send it to the organisation, which may hold the information.

If you would like further details of this process, please contact the MPS Public Access Office, PO Box 57192, London, SW6 1SF or email us at PublicAccessOffice@met.police.uk