The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

This guidance discusses criminal offence data in detail. Read it if you have detailed questions not answered in the Guide, or if you need a deeper understanding of the rules for processing criminal offence data to help you comply in practice. It is aimed at DPOs and those with specific data protection responsibilities in larger organisations.

If you haven’t yet read the ‘in brief’ page on criminal offence data in the Guide to Data Protection, you should read that first. It introduces the topic and sets out the key points you need to know, along with practical checklists to help you comply.

This guidance is not aimed at ‘competent authorities’ with law enforcement functions who are processing for law enforcement purposes. This falls under the separate law enforcement regime in Part 3 of the DPA 2018. See our Guide to Law Enforcement Processing.

Contents

What is criminal offence data?

What are the rules on criminal offence data?

What are the conditions for processing?