We use some essential cookies to make our website work. We’d like to set additional cookies so we can remember your preferences and understand how you use our site.
You can manage your preferences and cookie settings at any time by clicking on “Customise Cookies” below. For more information on how we use cookies, please see our Cookies notice.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Sorry, there was a technical problem. Please try again.
This Privacy Notice explains how the NABIS processes personal data relating to members of the public. It also outlines the steps we take to ensure that personal data is protected and describes the rights individuals have in relation to the data we process.
Personal data is any data that can be used to identify a living individual, on its own or in combination with other available information. References to names, identification numbers and location data would all be personal data. Processing means anything we do with the data and includes collecting, storing, and sharing.
The Commissioner of West Midlands Police Service (WMPS) is the controller for any personal data processed by NABIS.
West Midlands Police Information Security and Assurance department manages NABIS’s data protection compliance and can be contacted at:
Information Security and Assurance
West Midlands Police
PO Box 52
Birmingham
B4 6NQ
NABIS process personal data that is collated in the course of our administrative functions, for example staff administration, procurement, property management, advertising and media.
The personal data we collect and use will include personal data and special category personal data.
Types of personal data we process may include information such as;
NABIS will only use the minimum amount of personal information necessary to carry out a particular activity.
In order to carry out our functions, we process information relating to a wide variety of individuals including:
We also process data relating to existing and former members of staff.
Information is likely to be held in various forms, including electronically in emails and in the NABIS's electronic filing system and databases as well as in paper-based records. It may also be held in other electronic forms such as CCTV.
We will only use personal information when the law allows us to and where it is necessary and proportionate to do so.
We may also process data for non-law enforcement purposes such as when we recruit and vet potential employees, for staff administration, managing media relations and when we provide educational programmes and support. Where we process data for non-law enforcement purposes, the processing is likely to be based on the following grounds:
Occasionally, where there are no other appropriate grounds, NABIS may ask for your explicit consent in order to lawfully process your data. This will only happen in specific and limited circumstances and won’t usually be relevant to law enforcement data. When we do require consent, we will explain clearly what we are asking for and how we will use it. Consent must be freely given, specific and informed and there must be a genuine choice about offering your data. Where we are processing data based on your consent, you have the right to withdraw that consent at any time.
If we have asked you to provide your consent in order to process your personal data, you also have the right to withdraw your consent as any time. When we ask for your consent, we will tell you how we will process your data, how long we will keep it for and the steps we will take to delete it. We will also outline the steps we will take if you decide to withdraw consent.
NABIS retains data in line with the West Midland Police Force retention policy and in accordance with the Management of police information, taking into account the type, content and sensitivity of the data, related records, the purposes for which we process your personal data, and any legal or business requirements. Personal data will be retained for as long as necessary for the particular purpose or purposes for which it is held.
The sharing of data is a primary business function. For example, it may be necessary to share data with other law enforcement agencies, both nationally and internationally, and with partner agencies working on crime reduction and prevention initiatives. We may also share data with a range of other bodies such as the press and media, service providers, current, past and prospective employers, voluntary sector organisations, financial institutions and regulatory bodies.
NABIS takes steps to ensure that any disclosures of personal data, however obtained, comply with the provisions of the Data Protection Act 2018 and General Data Protection Regulations. This includes ensuring that any disclosures are necessary and proportionate. Disclosures will be made on a case-by-case basis, using the personal data appropriate to a specific purpose, and with necessary safeguards in place.
Where you have provided your personal data to us for recruitment process, your data, including biographical monitoring information, will be shared with West Midlands Police.
We will also disclose personal information to other bodies or individuals when required to do so by, or under, any act of legislation, by any rule of law, and by court order.
Your personal data will be processed securely. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions. the security, confidentiality and integrity of your data.
No, you will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.
Under the Data Protection Act 2018 you have a number of rights that you can exercise in relation to the data we process about you. Under certain circumstances, by law you have the right to:
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we are allowed under the law to charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we can refuse to comply with the request in such circumstances.
We sometimes need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Further information about these rights can be found within the Data Protection Act 2018 and on the Information Commissioner’s Office website: ico.org.uk.
To exercise any of these rights please contact the Information Security and Assurance at: [email protected].
Or via:
Information Security and Assurance
West Midlands Police
PO Box 52
Birmingham
B4 6NQ12. Complaints and further queries
NABIS tries to meet the highest standards when processing personal data. We take complaints very seriously. If you have any concerns about the way that we have handled your personal data please bring it to our attention via the following means:
You are also able to submit complaints to the Information Commissioner’s Office, advice on how to contact them based on the nature of your concern is available at ico.org.uk/concerns.