For the purposes of Data Protection Legislation, IPSA acts as Data Controller.
The information that we use (‘’process’’) includes both “personal data” and “special category personal data”.
Personal data is any information from which someone can be identified, whilst “special category personal data” refers to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health information, or data about a person’s sex life or sexual orientation.
Financial data is considered to be personal data, but not “special category personal data”.
MPs and their Staff
We process personal data relating to MPs and their staff.
We do so to fulfil our statutory functions, where this is necessary in the public interest, or in very limited circumstances where the processing is in our Legitimate Interests, and provided that those interests are not overridden by your rights.
Personal data will be collected throughout the relationship with IPSA, and may in certain circumstances, be shared with third parties with whom we have a relationship, but only where we have a lawful basis for doing so.
Third-party complaints and enquiries
We will gather relevant contact information, as well as any additional information that we may require from you, to enable us to handle complaints or enquiries.
Complaints or enquiries dealt with by us will be conducted in the exercise of our statutory functions, or where there is a clear public interest.
For website visitors, we will collect the computer information necessary to ensure effective website access and use, security as well as performance, ensuring that our systems work as intended. Information that may be collected includes metrics, routing and cookies.
We process employee personal data which is described in a separate Human Resources privacy notice.
We will seek consent before processing in all circumstances where this is required.