Information Commissioners Office logo

Data Protection Register - Entry Details

Registration Number: Z5936290

Date Registered: 26 November 2001    Registration Expires: 25 November 2018

Data Controller: Health and Safety Executive

Freedom of Information Unit
Knowledge Centre
1G Redgrave Court, Merton Road
L20 7HS

This data controller states that it is a public authority under the
Freedom of Information Act 2000 or a Scottish public authority under the
Freedom of Information (Scotland) Act 2002

This register entry describes, in very general terms, the personal data being processed by:

Health and Safety Executive

Nature of work - Regulatory body or Ombudsman

Description of Processing

The following is a very broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation directly to ask about your personal circumstances.

Reasons/purposes for processing information

We process personal information to enable us to carry out our regulatory duties which may include the consideration and investigation of complaints and policy issues, formal enforcement actions, providing advice and information, maintain our own accounts and records, support and manage our employees, send promotional communications about the services we provide, undertake research (including research relating to health), administration of licenses, maintenance of a public register, internal support functions, corporate administration and all activities we are required to carry out as a data controller and a public authority, the use of CCTV systems for crime prevention.

Type/Classes of information processed

We process information relevant to the above reasons/purposes which may include:

We also process sensitive classes of information that may include:

Who information is processed about

We process personal information about:

Who the information may be shared with

We sometimes need to share information with other organisations. Where this is necessary we are required to comply with all aspects of the data protection act. What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

Where necessary or required we share information with:

Consultancy and Advisory Services

Information is processed for consultancy and advisory services that are offered. For this reason the information processed may include name, contact details, family details, financial details, and the goods and services provided. This information may be about customers and clients. Where necessary this information is shared with the data subject themselves, business associates and other professional advisers, current, past or prospective employers and service providers.


It may sometimes be necessary to transfer personal information overseas. When this is needed information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of the data protection act.


© Copyright