Current timestamp: 23/06/2026 22:14:52
AgeAlertAnonymousAppealsApplicationsApply Or RegisterArea OutlineArrow DownArrow LeftArrow RightArrow UpAutomatic DoorsBack ArrowBusinessCalendarCashArrow DownArrow LeftArrow RightArrow Down[Missing text '/SvgIcons/Symbols/Titles/icon-chrome' for 'English (United Kingdom)']ClockCloseContactDirectionsDocumentDownloadDrawDrugExpandExternal LinkFacebookFb CommentFb LikeFiletype DefaultFiletype DocFiletype PdfFiletype PptFiletype XlsFinance[Missing text '/SvgIcons/Symbols/Titles/icon-firefox' for 'English (United Kingdom)']First AidFlickrFraudGive FeedbackGlobeGuide DogHealthHearing ImpairedInduction LoopInfoInstagramIntercom[Missing text '/SvgIcons/Symbols/Titles/icon-internet-explorer' for 'English (United Kingdom)']LaptopLiftLinkedinLocal Activity[Missing text '/SvgIcons/Symbols/Titles/icon-location' for 'English (United Kingdom)']LoudspeakerLow CounterMailMapMap PinMembershipMenuMenu 2[Missing text '/SvgIcons/Symbols/Titles/icon-microsoft-edge' for 'English (United Kingdom)']Missing PeopleMobility ImpairmentNationalityNorth PointerOne Mile RadiusOverviewPagesPaper PlaneParkingPdfPhonePinterestPlayPushchairRefreshReportRequestRestart[Missing text '/SvgIcons/Symbols/Titles/icon-rotate-clockwise' for 'English (United Kingdom)']Rss[Missing text '/SvgIcons/Symbols/Titles/icon-safari' for 'English (United Kingdom)']SearchShareSign LanguageSnapchatStart AgainStatsStats And Prevention AdviceStopSubscribeTargetTattosTell Us AboutTickTumblrTwenty Four HoursTwitter LikeTwitter ReplyTwitter RetweetUploadVisually ImpairedWhatsappWheelchairWheelchair AssistedWheelchair ParkingWheelchair RampWheelchair WcYoutubeZoom InZoom Out

Leave this site

Skip to main content

Skip to main navigation

Welcome

This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.

Privacy Notice: Baroness Casey of Blackstock’s Independent Review into the standards of behaviour and internal culture of the Metropolitan Police

Introduction

1. In February 2022, Baroness Casey of Blackstock was commissioned by the former Commissioner of the Metropolitan Police Service, Dame Cressida Dick, to undertake an independent review into the standards of behaviour and internal culture of the Metropolitan Police Service and make recommendations on the actions required.

2. The Working Terms of Reference are available and are intended to support the Metropolitan Police Service’s (MPS) wider plan to rebuild trust.

General

3. In relation to the Review, Baroness Casey as the Review Chair, is the Controller for your Personal Data. For ease, references to the Review throughout this privacy notice include the Chair. This does not apply where personal data has been obtained from MPS systems or otherwise provided by MPS personnel in an official capacity. In such instances the MPS are the Controller of that data.

This privacy notice explains what Personal Data is Processed by the Review and why and how it is Processed. This privacy notice uses some terms and definitions which you may not be familiar with. To help you, these terms are shown in bold the first time they appear and are explained at the end of this privacy notice.

Approach to misconduct or criminality 

5. The Review does not have powers to resolve live misconduct and criminality cases relating to the MPS. The route to report misconduct or criminal offences is set out on the MPS website https://www.met.police.uk/fo/feedback

6. If the Review Team is made aware of new evidence of misconduct or criminality, the Review Team has an obligation to pass this onto the relevant authority.

What personal data will be collected

Personal data

7. The Review will Process Personal Data provided by:

  • government departments and public bodies, including but not limited to: Home Office, Independent Office for Police Conduct, Her Majesty’s Inspectorate of Constabulary and Fire & Rescue Services; College of Policing, The Mayor’s Office for Policing and Crime and the Angiolini Inquiry
  • elected officials;
  • save for those individuals providing information to the Review in an official capacity on behalf of the MPS, any other individuals or organisations that the Review considers may have relevant information that may assist the Chair in fulfilling the Terms of Reference, or who contact the Review, including members of the public;
  • Persons referred to in information received by the Review from any of the above; and
  • Persons who work as a member of the Review Team, as an advisor to the Review or in another support role.

Special Category Personal Data

8. Due to the nature of the Review, evidence collected is sometimes expected to include Personal Data about individuals relating to more private or sensitive details comprising:

  • information about their physical or mental health, injuries and/or medical treatment;
  • their genetic data, or biometric data used for their unique identification;
  • their racial or ethnic origin;
  • their political opinions, religious or philosophical beliefs, or trade union membership; and/or
  • their sex life or sexual orientation.

9. These types of Personal Data comprise Special Category Personal Data.

Criminal Records Data

10. In addition, the evidence collected will sometimes include Personal Data about an individual relating to their:

  • criminal prosecution(s), conviction(s) and sentence(s);
  • charges that did not lead to a prosecution;
  • actual or alleged criminal offences; and/or
  • incident reports that did not lead to charge.

11. These types of Personal Data comprise Criminal Records Data.

The Purposes for Processing Personal Data

12. During the course of the Review’s work the Review will Process Personal Data for the Purposes set out below:

13. Contact information: Contact information and details collected to facilitate the collection of evidence to, or involvement with, the Review.

14. Legal advice: The Review may request and receive legal advice in respect of the Review (and this will involve sharing Personal Data, Special Category Personal Data and Criminal Record Data, to the extent relevant and necessary to such legal advice).

15. Public reporting: The ultimate objective of the independent engagement and analysis undertaken by the Review is for the Chair to prepare and publish a written report/s, setting out her findings and making recommendations. To evidence her findings in a way that feels powerful and authentic, the Chair will wish to make use of anonymised quotes and common scenarios to play back what she has heard.  The Chair will minimise inclusion of Personal Data in the reports, including details only where necessary. Inclusion of Personal Data in the report is subject to sign off from the Commissioner of the Metropolitan Police Service. The report/s will be published on the Metropolitan Police Service website.

Post Review Report: Processing after the Review

16.  Once the Review has concluded and the Review’s report has been published, data that is to be retained as part of the historic record will be transferred to the National Archives, for the purposes of indefinite retention of Review records in accordance with the Public Records Act 1958, although any Personal Data included will continue to be protected in accordance with this policy. Personal Data that is not required for archiving purposes will be destroyed.

International transfers

All Personal Data held is stored within the United Kingdom and will not be transferred outside of the United Kingdom.

Security of Personal Data

Confidential

17. Personal Data provided to the Review will be kept confidential, and will not be used for purposes other than set out in this Privacy Notice (or any related supplemental privacy information, or subsequent privacy notice provided to affected individuals) bar the following exceptions:

Requirements by law or in the public interest

For the purpose of meeting requirements set out in paragraphs 5 and 6 above.

18.  When Processed by or for the Review, only the Chair, the Review Team and experts instructed to assist the Chair, if any, will, or may, be given access to Personal Data, where necessary to perform their tasks, and will all:

  • have received training on their Data Protection Law obligations and on keeping Personal Data secure;
  • be given access to Personal Data only where necessary;
  • have obtained appropriate security clearance and will follow the relevant Government security rules and procedures for the transmission, handling, storage and removal of documents; and
  • have the ability to be monitored and audited in respect of what Personal Data they have accessed in the course of their work in respect of the Review.

Security measures

19. The Review has implemented extensive measures intended to ensure that any information, including Personal Data processed for and/or by the Review, is kept secure and separate from other information. These measures include:

  • the use of encryption on systems used; and
  • the use of systems to restrict access to the information to specified individuals only.

20. Hard copy documents relating to the Review are stored in locked, secure locations that can only be accessed by the Chair and Review Team.

21. The Review has undertaken, and/or will undertake, appropriate checks to ensure that any third-party Processors who Process Personal Data provide sufficient guarantees to comply with the Data Protection Laws before their appointment; and if appointed are contractually obliged to comply with mandatory requirements required to comply with Data Protection Laws, in particular to take all appropriate technical and organisational measures (including to ensure the confidentiality, controlled access to and Processing of, and security of Personal Data).

Individual rights, complaints and contact

Individual rights

22.  Individuals have the right to:

  • request information about how their Personal Data is processed;
  • request access to their Personal Data, including a copy of their Personal Data;
  • request that any errors in their Personal Data are corrected without any undue delay;
  • request that any incomplete Personal Data is completed, including by means of a supplementary statement;
  • request that their Personal Data is erased if there is no longer a justification for it to be processed;
  • request that the processing of their Personal Data is restricted;
    object to the processing of their Personal Data; and/or
  • request a copy of any Personal Data they have provided to the Review in an electronic format, and for this to be provided in a structured, commonly used and machine-readable format.

23. Where the Review is relying on an individual’s consent as the basis to process their Personal Data, the individual has the right to withdraw their consent to the processing of their Personal Data at any time.

24. These rights may be dependent on the reasons for which the Review uses an individual’s Personal Data. If this is the case and the rights the individual tries to exercise do not apply, the Review will respond and explain the reasons why it is unable to fully comply with the request(s).

25. If the individual wishes to make a request, they must try to provide as much detail as possible about the information concerned, to help the Review to deal with the request and if the individual wants to be contacted by a specific channel or using specific contact information, this should be explained.

26. Due to the sensitivity of the information being processed by the Review, any requestor may be contacted to provide satisfactory evidence to confirm their identity before the Review starts to comply with their request.

Complaints

27. If an individual considers that the Review has misused or mishandled their Personal Data, or if the individual believes that their Personal Data has been Processed outside the scope of the privacy information provided to the individual, please contact the Review on the details below at paragraph 30.  

28. The individual is also entitled to refer any complaints to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:

Information Commissioner’s Office,
Wycliffe House, Water Lane, Wilmslow, Cheshire,
SK9 5AF
Tel: 0303 123 1113
Email: [email protected]

29.  Further information as to the functions and powers of the Information Commissioner’s Office, and how to complain can be found on their website:  www.ico.org.uk. Any complaint to the Information Commissioner is without prejudice to the individual’s right to seek redress through the Courts.

Contact details

30.  If an individual has any queries or complaints in respect of the Review’s Processing of their Personal Data or wishes to exercise their individual legal rights in respect of any related Personal Data Processed by the Review as set out in this document, please contact:

E-mail: [email protected]

Freedom of information

31. The Review operates independently from its sponsoring organisation, the Metropolitan Police Service, the former Commissioner who commissioned the Review and her successors. The Metropolitan Police Service have no right of access to communications between the Chair and the Review Team, evidence collected by the Review, its assessment of such evidence, and/or legal advice provided to the Review and the Chair.

32. The Chair and Review are not public authorities subject to the Freedom of Information Act 2000 or the Environmental Information Regulations 2004.

Review of and changes to this notice

33. This notice will be regularly reviewed and may be subject to revision. Any revision to the privacy notice will be highlighted on the website. If we make fundamental changes to this privacy notice, we will seek to inform you in subsequent communications sent by the Review.

Terms explained

Chair

Baroness Louise Casey

Controller

The organisation or person who decides what Personal Data to collect, why and how and who is as a result legally responsible for ensuring that any such Personal Data is Processed in accordance with the Data Protection Laws.

European Economic Area

The European Union member states from time to time, together with Iceland, Liechtenstein and Norway.

ICO or Information Commissioner’s Office

The regulatory authority in the UK whose function is to ensure compliance with the Data Protection Laws and/or public access to information laws, like the Freedom of Information Act 2000

International transfer(s)

The transfer of Personal Data from within the United Kingdom outside the United Kingdom and/or its return.

Process, processing, processes, processed

This covers any use of any Personal Data of any type by the Review, whether active, for example emailing it, or passive, for example storing it in archive boxes. It covers every use of Personal Data from its collection; recording and storing it; reading, copying or printing it; amending or copying it; sharing, disclosing or publishing it; to deleting or destroying it.

Processor

The organisation or person appointed by a Controller, on whose behalf and on whose instructions the Personal Data concerned is Processed, such as a service provider hosting a website for a client, or storing Personal Data for a client.