The ICO exists to empower you through information.

How to use this report

Please see below for suggested actions and further reading based on your answers to the six questions. You can download this report as a Word document using the button on the top right corner of the page. If you have a problem downloading the report into a Word document please let us know.

Is someone in your business responsible for creating the privacy information for your activities and keeping it up to date? - Yes


It’s good you already have someone responsible for keeping your privacy information up to date.

You should support them in their role by, for example, giving them enough notice to update your privacy information before any new processing starts.

If they move on, you need to choose someone to replace them. You should train the new person and let everyone know who they are and how to contact them if anyone needs to make a change to your privacy information.

Does the responsible person know what your privacy information needs to include? - Yes


More and more, people understand the importance of their personal data and want to know what will happen to it.

By giving full details in your privacy information, you’re being open and honest with the people who have given you their personal data, or are deciding whether to give it to you. This helps to build their trust and confidence in your business

The responsible person should review your privacy information regularly, particularly if you’re processing changes.

Sometimes, you’ll need to give more information, for example, if personal data will be transferred outside the UK or if you use automated decision-making.

There’s more information in what information should we give?

Does your responsible person know how to provide privacy information? - Yes


By choosing the most effective way to tell people your privacy information, it increases the chance of your customers receiving and understanding it.

The responsible person should review and, where necessary, change how you provide it.

If you choose to provide the information in more than one way, make sure it’s consistent.

You may find our guidance on methods to use when providing your privacy information and our privacy notice template helpful when reviewing your privacy information.

Is your business’ privacy information easy to understand? - Yes


It’s good you’re keeping your privacy information clear, concise and easy to understand and that it’s appropriate for your target audience.

The responsible person should review it regularly, especially if your audience changes. For instance, if you start to process children's personal data regularly, you must write your privacy information so a child can understand it.

Does the responsible person know when to give privacy information? - Yes


It’s great that your responsible person knows when to provide privacy information.

Providing it at the right time helps show that you care about the personal data you collect and take your data protection obligations seriously.

The responsible person should check the limited exceptions, which explain when you don’t need to give privacy information.

If they need any support, they can contact us.

Are all people in your business aware of your privacy information and where to find it? - Yes


It's great that all people in your business are aware of your privacy information, as well as where to find it. It shows you not only take your customers, contractors and business partners’ privacy seriously, but that you also value the importance of the personal data of everyone in your business.

If you make amendments to your privacy information, or change where you save it, make sure you let people know.