• Skip Navigation

• About us
• Press
• Newsletter
• Jobs
• Cymraeg 
• Contact us
• Responsible gambling 

• Home Page
• Terms and conditions
• Personal information charter

Personal information charter

This charter sets out the standards you can expect when the Gambling Commission asks for, or holds your personal information.

Types of information we hold

We hold both personal and non-personal information on a variety of databases and systems.  This information is used to perform our statutory duties, carry out our regulatory activities and keep information up to date. We also hold information that allows us to perform support services such as finance and human resources.  

How our information is managed

We are accredited to the ISO:27001 standard in information security.  We have robust measures in place to protect the information we hold, and to ensure the confidentiality, integrity and availability of our systems and the information they hold.

Personal data

The Data Protection Act (1998) regulates the use of information relating to individuals. This  was extended by the Freedom of Information Act (2005) to include information stored on non-computerised systems.  The Data Protection Act is enforced by the Information Commissioner's Office (ICO), and like all organisations that process personal data we must comply with this.

A full copy of the Data Protection Act is available on the ICO's website, however best practice to comply with data protection regulations can be set out in eight principles to ensure information is:

• 1. fair and lawful processing,
• 2. processed for limited purposes,
• 3. adequate, relevant and not excessive,
• 4. kept accurate and up to date,
• 5. not kept longer than necessary,
• 6. processed in accordance with the individual's rights,
• 7. secure, and
• 8. not transferred to countries outside European Economic area unless the country has adequate protection for the individual.

We are committed to complying with the Data Protection Act, particularly with the rights of Data Subjects. We have published our  Data protection policy statement - May 2011.

To make a subject access request or to exercise any other rights under the Data Protection Act, email us or write to:

The Information Manager
Gambling Commission
Victoria Square House
Victoria Square
Birmingham
B2 4BP
Fax: 0121 230 6720

If you are unable to place your request in writing please call us on 0121 230 6666.

Page last reviewed: April 2013