Data Protection Officer & Data Subject Requests

Currently waiting for a response from Greater Manchester Police, they should respond promptly and normally no later than (details).

Dear Greater Manchester Police,

Please can you provide the answers and statistics for the following questions in relation to Data Subject Access Requests made to the organisation for each calendar year between the 1st January 2018 to 25th August 2020 inclusive

1. How many Data Subject Access Request have been made to the force broken down by;
a. Requests made by the Data Subject themselves
b. Request made by a third-party on behalf of the Data Subject

2. How many requests were rejected and the broad reasons for those rejections

3. How many requests were responded to in full or in part, and for each of these;
o Whether the response was within one, two, three or longer calendar months after the valid request was received;
and where responded to outside of one calendar month;
• Whether the requestor was notified within the first calendar month of the delay to the response
• The broad categories for the delay in responding within the first calendar month

4. How many requests excluded the provision of personal data held which was later used or otherwise disclosed to the Data Subject (or a representative) for another reason, for example in evidence.

In addition to the above, please could you provide details of;
• The Name, Job Title, and Rank and Badge Number (if applicable) of the individual holding the role of Data Protection Officer for the organisation;
• If that individual has any other duties, what (in general) those duties are.
• What “professional qualities and, in particular, expert knowledge of data protection law and practices” (if any) are held by that individual in accordance with Article 35(5) of the GDPR
• If DPO the role holder is a Shared Resource, which other organisations are served by that DPO.
• How many people you have working within your Data Protection Compliance team.

Yours faithfully,

Mike Kilby