This privacy notice explains why the Office of the Public Guardian (OPG) collects personal data when you use the Complete the deputy report service.
This notice also explains how we store this data, what we do with it, how you can get a copy of the data we have about you, and how you can complain if you think we’ve done something wrong.
You should read this privacy notice alongside OPG’s:
Who manages the Complete the deputy report service
This service is managed by OPG, which is an executive agency sponsored by the Ministry of Justice (MoJ).
MoJ is the data controller for the personal data we store. OPG’s personal information charter explains how we process personal data.
You can find more information about using the Complete the deputy report service in the terms of use and our cookies policy.
Why we collect personal data and how we use it
We collect personal data so that you can complete your deputy report online and submit it to OPG. You can find out more about what data we collect and how we use it in the deputy supervision privacy notice.
If you contact us to let us know you’re experiencing a technical problem with your deputy report service account, we may use the personal data you’ve entered to help us identify the cause of the problem.
What personal data we collect
We only collect the personal data that is relevant for the services we are providing to you.
The personal data we collect includes:
- your name, address, phone number and email address
- the client’s name, address and phone number
- your email address and password (if you create an account)
- information on the client’s health and any changes in their mental capacity
- details of any significant decisions you’ve made on the client’s behalf
- the name and address of people who have helped you make significant decisions for the client
- information on the client’s care and living arrangements
- information on the client’s bank accounts, including the bank name, last 4 digits of the account number, sort code, and opening and closing balances
- information on money paid into or out of the client’s accounts
- information on the client’s assets and debts
- information on the client’s leisure or social activities
In some cases we may also ask you to provide additional information, and copies of the client’s bank statements or other documents.
Legal basis for processing this data
We ask for and process this data so that we can carry out our lawful duties as set out in the Mental Capacity Act (MCA) 2005.
The MCA says that OPG must receive and review reports from deputies. We may also examine and take copies of any health records, records held by a local authority, and any records held by a person registered under Part 2 of the Care Standards Act 2000.
Your use of this online service is optional. For example, you can also provide the information using a paper report form.
Site usage data
OPG and the Government Digital Service collect site usage information from this service. This allows us to see how the service is being used so we can improve it. This information does not contain any personal data and is stored separately from the information you enter when using this service.
Find out more about cookies and site usage data.
How we store data
All data collected by this service is stored within the European Economic Area (EEA). However, due to the global nature of the internet, the data sent to and from the database may transit through countries outside of the EEA. Data is not stored in a non-EEA country.
It may sometimes be necessary to transfer personal information overseas. Any transfers made will fully comply with all aspects of data protection law. For example, data is encrypted during transfer.
Who has access to data in the service
Our hosting provider (Amazon Web Services) and MoJ staff are responsible for supporting the service and have access to the secure database.
Information you enter into the service is not sent to OPG, but is stored in a secure database. OPG will only see the information when you submit your report.
If you contact us to let us know you’re experiencing a technical problem with your account, we may give authorised members of OPG staff temporary access to your data so they can investigate the problem. Once the investigation is complete, these members of staff will no longer be able to access your data.
All staff who have access to the database have MoJ security clearance.
How long we keep data
We will keep your personal data inline with OPG’s retention policy.
Change or delete information you’ve provided
Before you submit your report to OPG, you can change or delete the information you’ve provided. Once you’ve submitted your report to OPG, you cannot make any further changes to it online.
If you want to change or delete information after you’ve submitted your report, please contact OPG.
Delete your account
If you would like to delete your account, and all information in it, please contact OPG.
If you delete your account, OPG will still hold the information in any reports you have previously submitted. You can find out more about how we store and use this data in OPG’s personal information charter.
Sharing personal data
We will only share the information you give when the law says we can. For example, we may share information with the police to help them prevent or investigate crime.
We will never:
- share your information with other organisations for marketing, market research or commercial purposes
- sell or rent your data to third parties
We may share your contact details with GOV.UK Notify. Notify is a secure government service that allows us to message you about your deputyship via text, email or post, quickly and cost effectively.
Neither Notify nor its SMS, email and post providers will use your personal information for direct marketing. Find out more about security and data protection on Notify.
Access your personal information
You can find out what personal data we we hold about you in the service by making a subject access request.
Find out more about subject access requests.
Getting more information
You can get more details on:
- agreements we have with other organisations for sharing information
- when we can pass on personal information without telling you, for example, to help with the prevention or detection of crime or to produce anonymised statistics
- instructions we give to staff on how to collect, use or delete your personal data
- how we check that the information we hold is accurate and up-to-date
- how to make a complaint
- anything in this privacy notice
- what to do if you think that your personal data has been misused or mishandled
For more information, please contact:
MoJ Data Protection Officer
Post point 10.38
102 Petty France
London
SW1H 9AJ
Changes to this policy
We may change this privacy policy from time to time. When we do, we’ll update the ‘last updated’ date at the bottom of this page.
If these changes affect how your personal data is processed, OPG will take reasonable steps to let you know.
Any changes to this privacy policy will apply to you and your data immediately.
Making a complaint
When we ask for personal data, we will keep to the law. If you think that your information has not been handled correctly, in addition to contacting the MoJ Data Protection Officer, you can contact the Information Commissioner for independent advice about data protection at the address below:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Phone: 0303 123 1113
Textphone: 01625 545860
Monday to Friday, 9am to 4:30pm
www.ico.org.uk