The use and disclosure of personal data is governed in the United Kingdom by the Data Protection Act 1998 (‘the Act’). The Chief Constable of the Police Service of Northern Ireland is registered with the Information Commissioner as a ‘data controller’ for the purposes of the Act. As such he is obliged to ensure that the Police Service of Northern Ireland handles all personal data in accordance with the Act. The Police Service of Northern Ireland takes that responsibility very seriously and takes great care to ensure that personal data is handled appropriately in order to secure and maintain individuals’ trust and confidence in the service.

To view the PSNI's entry details on the Data Protection Register click here. Our registration number is Z4890989.

Please click here to view the PSNI's Fair Processing Notice this helps to satisfy the Fair Processing Requirements as required by Schedule 1 Part 2 Paragraphs 1 to 4 of the Data Protection Act 1998.

The Data Protection Principles

There are 8 Data Protection Principles

1. Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless - (a) at least one of the conditions in Schedule 2 is met, and (b) in the case of sensitive personal data, at least one of the conditions in Schedule 2 is met, and (b) in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.

2. Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.

3. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

4. Personal data shall be accurate and, where necessary, kept up to date.

5. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

6. Personal data shall be processed in accordance with the rights of the data subjects under this Act.

7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

8. Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

These principles must be complied with by the PSNI when processing personal data, unless an exemption from them applies.

What is ‘personal data’?

This is defined as information relating to a ‘living’ individual who can be identified either from the information itself or indirectly by combining the information with other data available to the data controller. Personal data includes expressions of opinion about the individual and any indication of intentions anyone may have in respect of the individual.

Obtaining information under Data Protection Act to prevent or detect crime.

It is often the case that to prevent or detect crime, or to locate an offender the PSNI must obtain information from an other organisation. Section 29(3) of the Act enables a ‘data controller’ to disclose this type of information, if they wish to do so lawfully. In such cases the PSNI must complete a form and send it to the organisation, which may hold the information.

Section 7 of the Data Protection Act 1998 gives you the right to find out what personal information is held about you. This is known as the Right of Subject Access. If you would like to exercise this right please click here for your information.

If you do not live or have never lived in Northern Ireland, please apply to the police service that covers the relevant region or area where you live.

The Information Commissioner's office also provides guidance on how to request your personal information, please click here.