Quickly exit this site by pressing the Escape key Leave this site
We use some essential cookies to make our website work. We’d like to set additional cookies so we can remember your preferences and understand how you use our site.
You can manage your preferences and cookie settings at any time by clicking on “Customise Cookies” below. For more information on how we use cookies, please see our Cookies notice.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Sorry, there was a technical problem. Please try again.
This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.
Our Privacy Notice aims to tell you how Thames Valley Police use and disclose personal data. It also explains the rights available to you in respect of our processing.
The use and disclosure of your personal information is governed in the United Kingdom by the General Data Protection Regulation, and the UK Data Protection Act.
The Chief Constable is defined as the ‘Data Controller’ for the purposes of the legislation and is required to ensure Thames Valley Police handles all personal information in accordance with that legislation.
Thames Valley Police takes its responsibilities very seriously and great care is taken to ensure your personal data is processed appropriately to maintain trust and confidence.
Our 'Appropriate Processing Documents' (GDPR Processing and Law Enforcement Processing) also provide information about how Thames Valley Police safeguards and protects the sensitive personal information it uses. This 'sensitive' information includes personal data about an individual's: race, ethnic origin, politics, religion, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life, sexual orientation, and criminality.
A privacy notice specifically for personal data processed via the Digital Evidence Management System (DEMS) Community Portal is available using this link: Digital Evidence Management System (DEMS) Privacy Notice.
Thames Valley Police obtain, hold, use and disclose personal information for two broad reasons.
We have a statutory duty to uphold the law, prevent crime, bring offenders to justice and protect the public. This means we process your personal information for carrying out tasks that are collectively described as the ‘policing purpose’ which includes:
the prevention and detection of crime; apprehension and prosecution of offenders; protecting life and property; preserving order; maintenance of law and order; assisting the public in accordance with force policies and procedures; national security; defending civil proceedings and any duty or responsibility of the police arising from common or statute law.
It is appropriate to highlight we have a requirement to carry out user satisfaction surveys to evaluate our performance and effectiveness. We may contact you if you have been a victim of crime or reported an incident to us to ask for your opinion about the service you have received. Sometimes, like many police forces, we may use a private company to undertake these surveys. The information we obtain from the surveys are used to help us improve
In some geographical areas of the Thames Valley the police run the public space CCTV schemes for crime prevention and detection purposes. In other areas of the Thames Valley, they are run by local authorities in partnership with the police. Notices on the CCTV cameras will tell you who runs the CCTV scheme in that area.
To do this it is necessary for us to process your personal information under the lawful basis of ‘public task’.
It should also be noted that Thames Valley Police is involved in a number of collaborations with other Forces and the policing purpose may include processing personal information obtained from them or on their behalf.
We also process personal data to ensure the smooth running of the organisation, which includes:
staff administration; recruitment; occupational health and welfare, advertising and media; accounting, audit and inspection; training; property management; insurance management; vehicle and transport management; payroll, pensions and benefits management; management of complaints; vetting; legal services and defending ourselves in civil proceedings; licensing and registration; research, including customer surveys; performance management; sports and recreation; management of safety and health; procurement; collaboration with other organisations.
In these circumstances the processing is likely to be based on one or more of the following grounds:
Thames Valley Police will only use the minimum amount of personal information necessary to carry out a particular activity.
There may be occasions whereby we will process personal data without the data subject's knowledge. This inevitably relates to intelligence and other covert policing activities. Thames Valley Police acknowledge that our legal obligations sometimes require us to process personal data in this way but do so knowing that our governance arrangements and accountability responsibilities under the legislation ensures this is always undertaken in a lawful and appropriate way. If you have concerns you should contact the Information Commissioner whose details are below.
The type of personal information we hold will vary depending upon the reason you have had contact with us but it may include the following:
Victims - Name and contact details; date of birth; victim statement; employment details; racial or ethnic origin; physical or mental health.
Witnesses – Name and contact details; date of birth; racial or ethnic origin; witness statement.
People convicted of an offence - Name and contact details; date of birth; photograph; employment details; financial details; racial or ethnic origin; family, lifestyle and social circumstances; physical or mental health; offences and alleged offences; criminal proceedings; outcomes and sentences; cautions; physical identifiers including DNA, fingerprints and other genetic samples; sound and visual images; criminal intelligence.
People suspected of committing an offence – Name and contact details; date of birth; photograph; employment details; financial details; racial or ethnic origin; family, lifestyle and social circumstances; physical or mental health; offences and alleged offences; criminal proceedings, outcomes and sentences; cautions; physical identifiers including DNA, fingerprints and other genetic samples; sound and visual images; criminal intelligence.
Complainants, correspondents and enquirers - Name and contact details; racial or ethnic origin; correspondence with personal opinions.
Employee - Name and contact details; date of birth; photograph; family; education and training details; employment details; financial details; racial or ethnic origin; religion or other beliefs; trade union membership; physical or mental health; pension data.
Your personal information may be held on a computer system, in a manual record such as in a physical file but it can also include other types of electronically held information such as CCTV or body worn video.
Other than directly from you, we collect personal data from a wide range of sources in the exercise of our functions. For example, we collect data for our policing purpose, from other law enforcement agencies, partner agencies and via direct reporting from the public. Sometimes we obtain, share and combine datasets with other public authority partners so that we can gather better insights about how we can improve the effectiveness and efficiency of how we deliver our public functions. We sometimes collect data that is openly available on the internet, where there is a specific need to do so.
Thames Valley Police is part of the Thames Valley Together programme; a collaboration of public authority organisations in the Thames Valley sharing data as part of their obligations under the Serious Violence Duty and associated efforts to reduce serious violence and knife crime. As part of Thames Valley Together, the organisations share data together to carry out analysis to inform an enhanced public health approach to reducing serious violence and an enhanced provision of support services for those in greatest need of them. Thames Valley Police carries out the data analysis on behalf of all participating organisations sharing its findings back to them. Find out more about the Thames Valley Together platform.
We also process personal data that is collected in the course of our administrative functions. For example, staff administration, recruitment, procurement, property management, advertising and media.
To enable Thames Valley Police to meet our statutory duty, we may be required to share your personal information. This sharing will depend on your contact with us but may include the following:
Disclosures of personal information are made on a case-by-case basis, using the personal information appropriate to a specific purpose and circumstances, and with necessary controls in place.
Some of the bodies or individuals to which we may disclose personal information are situated outside of the European Union - some of which do not have laws that protect data protection rights as extensively as in the United Kingdom. If we do transfer personal data to such territories, we ensure that there are appropriate safeguards in place to certify that it is adequately protected as required by the legislation.
Thames Valley Police may also disclose personal information on a discretionary basis for the purpose of, and in connection with, any legal proceedings or for obtaining legal advice.
Thames Valley Police takes the security of all personal information under our control very seriously. We will comply with the relevant parts of the legislation relating to security, and seek to comply with the College of Policing Information Assurance authorised practice, and relevant parts of the ISO27001 Information Security Standard.
We will ensure that appropriate policy, training, technical and procedural measures are in place. These will include, but are not limited to, ensuring our buildings are secure and protected by adequate physical means. The areas restricted to our police officers and staff are only accessible by those holding the appropriate identification, and having legitimate reasons for entry. We carry out audits of our buildings security to ensure they are secure. Our standard operating procedures and policies make clear what use may be made of any personal information contained within them. Our systems meet appropriate industry and government security standards.
The Data Protection legislation allows you to request access to your personal information free of charge and requires us to provide you with access to it (normally within one month of receipt of your request unless an exemption from doing so can be lawfully applied). Should you wish to request access to the personal information we may be holding about you please use this link: Requesting my information.
This places an obligation upon Thames Valley Police to tell you how we obtain your personal information and describe how we will use, retain, store and who we may share it with.
We have written this Privacy Notice to explain how we will use your personal information and tell you what your rights are under the legislation.
If the personal information Thames Valley Police is holding about you is inaccurate or incomplete you have the right to request us to correct it.
If you need to tell us your information is not correct, you should raise your concern by contacting us on the details provided below. We will respond to you within one month unless the request for amendment is complex.
Under certain circumstances, you have the right to have your personal information deleted to prevent its continued processing where there is no justification for us to retain it.
Circumstances that are likely to require us to delete your information include:
The right of erasure does not apply if your personal information is being processed by us:
If you wish to request that your information is deleted you should raise a request via the following link Right to erasure or use the Contact Us details provided below. We will respond to you within one month unless the request is complex.
Thames Valley Police may complete a media appeal in order to help us to locate a missing person and establish their safety. Media appeals will be removed by Thames Valley Police when the individual is located, but it is recognised that other media outlets may continue to have the appeal on their own websites for some time afterwards.
Google has introduced 'Right to be forgotten' which allows an individual to request delist of such websites and articles.
Under certain circumstances you have the right to ask us to restrict the processing of your personal information. This may be in cases where:
If you wish to restrict the processing of your information you should raise your concerns via the Contact Us details provided below.
The right to data portability allows you to obtain and reuse your personal information for your own purposes from one environment to another.
This right only applies to personal information provided by an individual, where the processing is based on their consent or for the performance of a contract and when that processing is carried out by automated means.
If you wish to discuss this right, you should do so via the Contact Us details provided below.
You have the right to object to:
Any objection must be on grounds relating to your particular situation. Should you wish to object you can raise your concerns via the Contact Us details provided below.
Under the Data Protection legislation you have the right not to be subject to a decision when it is based on solely automated processing, including profiling and which produces a legal effect or similar significant effect on you.
This right does not apply if the decision is authorised by law, is necessary for entering into or performance of a contract or is based on your consent.
Thames Valley Police is unlikely to carry out automated decision making because our processes involve some type of human interaction and decision making.
In the legislation, profiling has been described as any form of automated processing of personal data intended to evaluate certain personal aspects about you to predict things about you such as your behaviour, interests, movements or performance at work. We do not currently carry out automated profiling.
If you have any concerns about automated decision making or automated profiling you should contact us via the Contact Us details provided below.
Thames Valley Police keeps your personal information as long as is necessary for the particular purpose or purposes for which it is held.
Personal data relating to criminal investigations; intelligence; public protection and custody are retained in accordance with the College of Policing guidance on the Management of Police Information.
Other records are retained in line with the National Retention and Disposal Schedule.
Personal information which is placed on the Police National Computer is retained, reviewed and deleted in accordance with the Retention Guidelines for Nominal Records on the Police National Computer.
Cookies are used on this website to improve user experience and for essential functionality; they are not used for identification purposes.
Learn more about how we manage cookies.
If you have any concerns about how Thames Valley Police has handled your personal information you should contact our Data Protection Officer by email or write to:
Data Protection Officer
Thames Valley Police
Public Access Office
Oxford Road
Kidlington
OX5 2NX
If you want to raise a concern with the Supervisory Authority
The Information Commissioner is the independent Authority responsible within the UK for ensuring we comply with data protection legislation. If you have a concern about how we have used your personal information or you believe you have been adversely affected by our handling of your data you may wish to contact them using the information below:
The Information Commissioner’s Office,
Wycliffe House,
Wilmslow,
Cheshire,
SK9 5AF
Telephone: 0303 123 1113
Email: [email protected]
Further information about the ICO.
We keep our privacy notice under regular review. This privacy notice was last updated on 24 January 2024.