compliance with GDPR

Mae'r ymateb i'r cais hwn yn hwyr iawn. Yn ôl y gyfraith, ym mhob amgylchiad, dylai Home Office fod wedi ymateb erbyn hyn. (manylion). Gallwch gwyno drwy yn gofyn am adolygiad mewnol.

Dear Home Office,

The Research, Information and Communications Unit (RICU) works with a number of private companies who contracted to undertake work that might involve personal data such as social scientific analysis and research on audiences, as well as comms, messaging and media production. Could I please see:

1) what procedures are in place, if any, to ensure all contractors are registered with the Information Commissioners' Office and compliant with data privacy law specifically GDPR - in particular I would like to see any relevant documents, statements and guidelines or specific text provided to companies seeking to contract with RICU in each of the above categories where they might handle personal data.

2) are such contractors required to declare to the Home Office that they are registered with the ICO and is this being checked? If so, how, at what point is this checked, by whom and what language is used, what processes are followed?

Thank you for your help

Yours faithfully,

Dr Emma L Briant

FOI Requests, Home Office

Thank you for contacting the Home Office  Freedom of Information Requests

This is to acknowledge  receipt of your email.

dangos adrannau a ddyfynnir

FOI Requests, Home Office

Dear Dr Emma L Briant,



Thank you for contacting the Home Office with your requests. Please note
we have amalgamated your requests as they relate to the same subject


This has been assigned to a caseworker (case ref 62619). We will aim to
send you a full response by 15/03/2021 which is twenty working days from
the date we received your request.




N McKenzie

Home Office



dangos adrannau a ddyfynnir