Q&As

How do obligations under data protection law sit with the obligations to provide documents/information to insolvency officeholders further to a court order under section 236 or 366 of the Insolvency Act 1986 where the organisation ordered to disclose documents in such order is the police? Are police entitled to redact information from documents supplied?

read titleRead full title
Published on LexisPSL on 09/08/2021

The following Restructuring & Insolvency Q&A provides comprehensive and up to date legal information covering:

  • How do obligations under data protection law sit with the obligations to provide documents/information to insolvency officeholders further to a court order under section 236 or 366 of the Insolvency Act 1986 where the organisation ordered to disclose documents in such order is the police? Are police entitled to redact information from documents supplied?
  • Which data protection regime applies?
  • Key general principles under the UK GDPR
  • A lawful basis under Article 6 of the UK GDPR
  • Additional conditions to be met for processing to be lawful in certain circumstances
  • Further exemptions under the UK GDPR regime

How do obligations under data protection law sit with the obligations to provide documents/information to insolvency officeholders further to a court order under section 236 or 366 of the Insolvency Act 1986 where the organisation ordered to disclose documents in such order is the police? Are police entitled to redact information from documents supplied?

For the purposes of this reply, we assume the court has made an order for the police to disclose relevant information pursuant to section 236 or 366 of the Insolvency Act 1986 (IA 1986), the information the police propose to redact is personal data, and the police are the ‘controller’ of the personal data and the processing is at all times subject to the UK GDPR regime.

Unfortunately, we do not have existing content that directly relates to your specific query. However, the following may be useful.

Data protection law in the UK is governed by a number of regimes. In summary, such regimes govern the ‘processing’ of ‘personal data’ where those regimes apply. ‘Processing’ is broadly defined under both the UK General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR) regime and the Data Protection Act 2018 (DPA 2018) to include an operation or set of operations which is performed on personal data, or on sets of personal data. Examples include collection, recording, organisation, structuring or storage, adaptation or alteration, retrieval,

Related documents:

Popular documents