Data Protection Act

The Data Protection Act (DPA) primarily deals with personal information we hold about you. It places a responsibility on us to manage the way we obtain, process, hold, use, disclose and dispose of personal data, and are outlined in the 8 principles of the Act. 

Make a request to access your own personal information

This is called a Subject Access Request (SAR). We can charge a fee not exceeding £10 for processing this request, which may be waived under certain circumstances. You must provide the appropriate proof of identity to ensure the security of your personal information.

Once we are satisfied that the information supplied by you is sufficient and we have verification of your identity, we will conduct a search of our systems for your personal information. We are required to provide you the information subject to any exemptions within 40 calendar days of verification. Response will be provided by email unless requested otherwise.

Useful links:

Contact: The Project & Information Coordinator. Tel: 01827 709709. Email:

Protecting public funds - National Fraud Initiative

By law, we have to to protect public funds we administer. To do this, we may share information with other bodies responsible for auditing or administering public funds, to prevent and detect fraud.

The Public Sector Audit Appointments Limited appoints the auditor who inspects our accounts. The Cabinet Office is responsible for carrying out data matching exercises, which compares computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency that requires further investigation.

No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out. We are required to provide particular sets of data to the Cabinet Office for matching for each exercise, and these are set out in their guidance.

It does not require the consent of the individuals concerned under the Data Protection Act 1998. Data matching by the Cabinet Office is subject to a Code of Practice. For further information on the Cabinet Office’s legal powers and the reasons why it matches particular information, see