Under the Act every organisation which uses or processes information relating to a living individual must formally register with the Information Commissioner’s Office at regular intervals. This is called "notification". The notification to the Commissioner must include details of the type of information held, the source of the information, the purposes for which the information is being held and to whom or what the information is disclosed or released.

Dundee City Council is data controller as it determines how your personal information will be processed. Dundee City Council’s registration number is Z7211936

The notification is currently kept up to date by the Information Governance Manager.

Personal data is information which relates to a living person who can be identified from the information itself, or by linking it with other information. For example, it could be your name and address, a school pupil's record or your own health information.

The Information Governance Manager provides advice on data protection, arranges for the provision of training to Elected Members and staff and arranges for Subject Access Requests to be replied to.

Department Heads are responsible for all aspects of compliance with the Act within their departments, ensuring that adequate procedures are in place for records management, back up and storage, management and destruction, where appropriate, of personal data. Each department appoints a data protection representative to co-ordinate compliance with the Act, including security, subject access requests and employee awareness.

An individual can make a Subject Access Request (SAR) to request their information held by the Council.

Download a Subject Access Request (SAR) application form

Individuals also have rights under the Freedom of Information Act (Scotland) 2002 and the Freedom of Information Act (UK) 2000 – more information on our FOISA page.