Dear Home Office,
The Research, Information and Communications Unit (RICU) works with a number of private companies who contracted to undertake work that might involve personal data such as social scientific analysis and research on audiences, as well as comms, messaging and media production. Could I please see:
1) what procedures are in place, if any, to ensure all contractors are registered with the Information Commissioners' Office and compliant with data privacy law specifically GDPR - in particular I would like to see any relevant documents, statements and guidelines or specific text provided to companies seeking to contract with RICU in each of the above categories where they might handle personal data.
2) are such contractors required to declare to the Home Office that they are registered with the ICO and is this being checked? If so, how, at what point is this checked, by whom and what language is used, what processes are followed?
Thank you for your help
Dr Emma L Briant
Thank you for contacting the Home Office Freedom of Information Requests
This is to acknowledge receipt of your email.
Dear Dr Emma L Briant,
Thank you for contacting the Home Office with your requests. Please note
we have amalgamated your requests as they relate to the same subject
This has been assigned to a caseworker (case ref 62619). We will aim to
send you a full response by 15/03/2021 which is twenty working days from
the date we received your request.
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.Donate Now