Data Protection Act 1998 – How we collect and use Information
The data controller obtains personal data about individuals to fulfil the statutory functions of The Insolvency Service and it’s official receivers in relation to bankruptcy, Debt Relief Orders (DROs), company insolvencies and other regulatory functions. The data controller may check information provided by individuals, or personal data provided by third parties, with other personal data held by the data controller. The data controller may also obtain personal data about individuals from various other regulatory or statutory bodies, public authorities, police, prosecution authorities and the courts, or provide personal data to them, to check the accuracy of information or to prevent or detect crime. They will not disclose personal data about individuals to anyone outside The Insolvency Service unless the law permits them to do so.
The official receiver is the data controller for the purposes of the Data Protection Act 1998 and is registered under the Act for the processing of personal data for insolvency cases allocated to him/her by the courts. The Department of Business, Innovation and Skills (BIS) is the Data Controller under the Act for personal data held and processed by other parts of The Insolvency Service.
Individuals are entitled to know what personal data is held about them by a data controller. However, a data controller is not required to provide information which would be likely to prejudice the proper discharge by the official receiver or The Insolvency Service of functions designed to protect members of the public against financial loss due to the conduct of discharged and undischarged bankrupts, company directors and others. Various further exemptions in the Data Protection Act may prevent The Insolvency Service from providing copies of personal data that is held about individuals. More information about your rights and the exemptions may be found on the Information Commissioner’s website at www.ico.gov.uk
Most of the personal data about you that is held by the data controller will already be known to you and will have come from information you have provided. You will already know this personal data but you can check its accuracy if you wish to do so.
Please note that computerised personal data held about you on the Individual Insolvency Register (eIIR) can be viewed by members of the public on our website and may also be accessed by search engines on the internet. Our leaflet entitled "Individual Insolvency Register" gives details of the type of information held on the public register and is available from our website link: Insolvency Service Publications.
If you want to know what personal data is held about you, the purposes for which it is being processed, and the recipients or classes of recipients to whom it may be disclosed you should write to - FOI/DPA Team, Technical Section, The Insolvency Service, 1 City Walk, Leeds LS11 9DA. Or by email to FOI@insolvency.gsi.gov.uk
You will be sent a standard data request form (subject access request) to complete and return with appropriate forms of identification. On receipt of a completed subject access request form, you will receive a full response within 40 days. Alternatively you may download the appropriate form here (DOC, 35 Kb) .
When you receive the personal data, if you discover that it is inaccurate you may write to the FOI/DPA Compliance Manager at the address above with details if you believe that the processing of the personal data is likely to cause substantial damage or distress that is or would be unwarranted.
You can get further information about the Data Protection Act 1998 from the Information Commissioner's Office at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF (Tel: 08456 306060) or from their website: http://www.ico.org.uk/
Reports by the Information Commissioner following the Insolvency Service's voluntary audit of personal data processing in September 2011
Data Protection Audit Report - Executive Summary
Follow-up Data Protection Audit Report - Executive Summary
