Quickly exit this site by pressing the Escape key
Leave this site
Skip to main content
Skip to main navigation
Skip to form
This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.
Back to Report
Back to Tell us about
Back to Apply or register
Back to Request
Back to Thanks and complaints
Fields marked with * are mandatory
To understand how your data is collected and handled, read our privacy notice.
New Data Protection Legislation – Data Protection Act 2018 (DPA) and General Data Protection Regulation (GDPR) – was implemented on 25 May 2018. This privacy notice has been updated to make it easier for you to understand what personal data we will process, how and why.
This Privacy Notice is divided into three parts:
The Chief Constable of Kent Police is registered with the Information Commissioner as a ‘Controller’ and is obliged to ensure that Kent Police handles all personal data in accordance with Data Protection Legislation. On occasions the Chief Constable may operate as a Joint Controller with one or more other Controllers.
Kent Police is a ‘Competent Authority’ as defined in Section 30 of the DPA.
In accordance with the requirements of the new legislation a Data Protection Officer has been employed by Kent Police. The Data Protection Officer is an independent role that is responsible for ensuring that the personal information held is processed in accordance with the prescribed obligations of the legislation. The new law, for the first time, gives them duties that they must undertake by law.
The Data Protection Officer is available to provide you with advice and assistance if you have any queries or concerns about how Kent Police process your personal data. The contact details of the Data Protection Officer can be found near the end of this Notice.
Kent Police also have a Public Disclosure Team, as part of the Information Security and Governance Department, who handle rights applications under the new law. The contact details of the Public Disclosure Team (PDT) Information Rights Team are also included in this Privacy Notice.
Kent Police takes its responsibilities and obligations under the Data Protection Legislation very seriously and ensures that personal data is handled appropriately in order to secure and maintain individuals’ trust and confidence in the Police Service.
Kent Police processes personal data for two broad purposes: a) ‘Law Enforcement Purposes’ and b) ‘General Purposes’ which are activities to support the Law Enforcement Purposes.
Law Enforcement Purposes include:
When Kent Police process your personal data for Law Enforcement Purposes it could be because you are involved in an incident that has been reported to the police – perhaps as a witness, victim or suspect. It could be because you are involved in a crime that is being investigated or are associated with intelligence that the police have gathered. Other uses include roads policing, accident investigation, surveillance, and public order.
General Purposes include:
Where Kent Police process your personal data for Law Enforcement Purposes the Force must comply with the Data Protection Act 2018 (DPA), but not the General Data Protection Regulation (GDPR).
When Kent Police process your personal data for General Purposes the Force must comply with the General Data Protection Regulation (GDPR) and various parts of the Data Protection Act 2018 (DPA).
Although the rules for both purposes are similar, they are not identical – for example, you have fewer rights when Kent Police process your personal data for Law Enforcement Purposes than when processed under General Purposes.
Where Kent Police processes data for specific purposes, view our specific privacy notice.
If you require this privacy notice in another language, please contact [email protected].
For both law enforcement and general purposes, Kent Police may process personal data relating to a wide variety of individuals (known as ‘categories of data subjects’) including the following:
For both law enforcement and general purposes, Kent Police may process personal data relating to or consisting of the following (known as ‘categories of personal data’):
For General Processing ‘Special Category Data’ is personal data that is regarded as particularly sensitive and includes information relating to:
For General Processing Kent Police will only process Special Category Data where a condition in Article 9 of the GDPR is met. In addition, for General Processing, Kent Police will only process ‘Criminal Offence Data’ – personal data relating to criminal convictions and offences or related security measures – where a condition in Schedule 1 of the DPA is met.
Similarly, for Law Enforcement Processing Kent Police will only process personal data pertaining to your: racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; genetic or biometric data; health (related); or sex life or sexual orientation, in certain circumstances. This type of processing is called ‘Sensitive Processing’. Kent Police carry out Sensitive Processing where one of the following apply:
For both law enforcement and general purposes, Kent Police may collect personal data from a wide variety of sources, other than directly from you, including the following:
Kent Police collects personal data either from you or from other sources, dependent on circumstances.
The following are examples of how Kent Police may obtain personal data directly from you:
The following are examples of how Kent Police may obtain personal data about you from other sources:
See the Covid-19 privacy notice for more information about how we may seek to collect and hold additional information about you in relation to the challenges we are all facing during the Coronavirus pandemic.
Kent Police must have a valid lawful basis in order to process your personal data.
When Kent Police process your personal data for Law Enforcement Purposes it is done so under Common Law Policing Powers, and either with your consent or because the processing is necessary for the performance of a task carried out for Law Enforcement Purposes.
When Kent Police process your personal data for General Purposes there are five lawful bases available, the lawful basis will depend on the purpose for processing the personal data:
For both law enforcement and general purposes, Kent Police will process personal data in accordance with the DPA and the GDPR – Data Projection Legislation.
Where Kent Police process personal data for Law Enforcement Purposes, it will be done so in accordance with the DPA data protection principles and where processed for personal data for General Purposes it will be done so in accordance with the GDPR data protection principles.
Data Protection Act
General Data Protection Regulation (GDPR)
Principle (a) – lawfulness, fairness and transparency:
Processed lawfully and fairly
Processed lawfully, fairly, in a transparent manner in relation to individuals
Principle (b) – purpose limitation:
Collected for specified, explicit and legitimate purposes and not processed in a manner incompatible with the purpose for which it was originally collected
Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; though further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes will not be considered to be incompatible with the initial purposes
Principle (c) – data minimisation:
Adequate, relevant and not excessive in relation to the purpose for which it is processed
Adequate, relevant and limited to what is necessary in relation to the purpose for which it is processed
Principle (d) – accuracy:
Accurate and, where necessary, kept up to date, and every reasonable step is taken to ensure that personal data is accurate, having regard to the law enforcement purpose for which it is processed, is erased or rectified without delay
Accurate and, where necessary, kept up to date; every reasonable step will be taken to ensure that personal data that is inaccurate will be erased or rectified without delay where necessary
Principle (e) – storage limitation:
Kept for no longer than is necessary for the purpose for which it is processed.; and appropriate time limits are established for the periodic review of the need for the continued storage of personal data for any of the Law Enforcement Purposes
Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed; however, personal data may be stored for longer periods solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals
Principle (f) – integrity and confidentiality:
Processed in a manner that ensures appropriate security of the personal data, using appropriate technical or organisational measures, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage
Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
Kent Police will strive to ensure that all personal data processed, under their controllership, is not excessive, is reviewed appropriately, and is securely destroyed when no longer required. Kent Police respect individuals’ rights and will be able to demonstrate compliance with the DPA and GDPR data protection principles
Kent Police takes the security of all personal data very seriously. Ensuring compliance to the relevant parts of the DPA and the GDPR relating to security, as well as seeking to comply with the National Police Chiefs Council (NPCC) Security Systems Policy and relevant parts of the ISO 27001 Information Security Standard.
Kent Police ensure that appropriate policy, training, technical and procedural measures are in place, including audit and inspection. These measures will protect our manual and electronic information systems from data loss and misuse, and only permit access to them when there is a legitimate reason to do so, and then under strict guidelines as to what use may be made of any personal data contained within them. These measures are continuously managed and enhanced to ensure up-to-date security.
For both law enforcement and general purposes, Kent Police may disclose personal data to a wide variety of recipients in any part of the world, including those from whom personal data is obtained.
This may include disclosures to other law enforcement agencies, partner organisations/agencies working on crime reduction initiatives, partners in the Criminal Justice arena, Victim Support, and to bodies or individuals working on our behalf (such as, IT contractors or survey organisations).
Kent Police may also disclose to other bodies or individuals where necessary to prevent harm to individuals. Disclosures of personal data will be made on a case-by-case basis, using the personal data appropriate to a specific purpose and circumstances, and with necessary controls in place.
Where you have provided your personal data to us for the purposes of the police constable recruitment process, your data, including biographical monitoring information, will be shared with the College of Policing.
It will be stored on their secure network or within their Assessment Information Management System (AIMS). From this information, your name, email address and candidate reference number will be uploaded to the new online assessment platform for constable recruitment and shared with the third party provider hosting the system in order to progress your application virtually.
Some of the bodies or individuals to which Kent Police may disclose personal data to are situated outside of the European Union – some of which do not have laws that protect data protection rights as extensively as in the United Kingdom. If personal data is transferred to such territories, the proper steps will be taken to ensure that it is adequately protected, as required by the DPA and GDPR.
Kent Police will also disclose personal data to other bodies or individuals when required to do so by, or under, any act of legislation, by any rule of law, and by court order. This may include disclosures to the Child Maintenance Service, the National Fraud Initiative, and the Home Office and to the Courts.
Kent Police may also disclose personal data on a discretionary basis for the purpose of, and in connection with, any legal proceedings or for obtaining legal advice.
Kent Police keep personal data for as long as is necessary for the particular purpose, or purposes, for which it is held.
Personal data which is placed on the Police National Computer is retained, reviewed and deleted in accordance with the agreed national retention periods which are subject to periodic change.
Other records containing personal data relating to intelligence, digital media, custody, crime, firearms, child abuse investigations, and domestic violence will be retained in accordance with the College of Policing’s Authorised Professional Practice for Information Management. This can be found on the College of Policing’s website www.app.college.police.uk. These records are retained in accordance with the Kent Police’s procedure W1012 Records Review, Retention & Disposal.
Kent Police may monitor or record and retain telephone calls, texts (SMS), emails and other electronic communications to and from the Force in order to deter, prevent and detect inappropriate or criminal activity, to ensure security, and to assist law enforcement or general purposes.
Kent Police does not place a pre-recorded ‘fair processing notice’ on telephone lines that may receive emergency calls (including misdirected ones) because of the associated risk of harm that may be caused through the delay in response to the call.
 Defined by the statutory Code of Practice on the Management of Police Information 2005 as ‘protecting life and property, preserving order, preventing the commission of offences, bringing offenders to justice, and any duty or responsibility of the police arising from common or statute law.’
 Kent Police is required to conduct Customer Satisfaction Surveys to evaluate our performance and effectiveness. Kent Police may contact individuals, such as victims of crime or those reporting incidents, and ask them to give us their opinion of the services Kent Police are providing to the public. Kent Police use the information given to improve our service and wherever possible, Kent Police, like many police forces uses a private company to undertake such surveys on our behalf with strict controls to protect the personal data of those involved.
 GDPR Article 9(1)
 GDPR Articles 10 & 11
 DPA Part 3 Section 35(8)
 DPA Part 3 Section 35
 GDPR Article 6(1)
 DPA Part 3 Sections 34 to 40
 GDPR Article 6
Is there a problem with this page?