Frequently asked questions
Processing data in the Sandbox
-
Will the ICO provide us with a hosted environment to conduct our work in?
-
Does the processing carried out by our product or service have to be processed solely within the UK?
-
How does the ICO’s data protection impact assessment process link in with the Sandbox?
Costs and Resources
-
Will the ICO be providing financial support as part of the Sandbox?
-
Will we be expected to cover any costs incurred by the ICO during the Sandbox?
-
Does our Data Protection Officer have to be involved in the application to the Sandbox?
-
What if we are not ready to participate in the Sandbox when we are accepted?
Who can enter the Sandbox?
-
Can I enter the Sandbox with a product/service that is already processing personal data?
-
Does my organisation have to be a data controller in order to apply to the Sandbox?
-
My organisation has already participated in the Sandbox in a previous year, can we apply again?
-
Do we need sign-off by my organisation’s director to participate in the Sandbox?
Assessing applications to the Sandbox
During the Sandbox
-
What happens if we encounter a breach of personal data whilst our product is in the Sandbox?
-
How much does the ICO intend to publicise about our participation in the Sandbox?
-
In what circumstances could our participation in the Sandbox be terminated?
After the Sandbox