Sensitive processing and legal conditions
We will only carry out sensitive processing with the consent of the data subject or where it is strictly necessary for the law enforcement purposes and meets one of the conditions set out in Schedule 8 of the DPA 2018.
We carry out sensitive processing, for which an APD is required, under the following Schedule 8 conditions:
- statutory purposes: we have a legal obligation or a substantial public interest to investigate and prosecute criminal offences
- administration on justice: to ensure proper enforcement of the laws and regulations we are responsible for
- legal claims: for legal proceedings, obtaining legal advice, or exercising and defending legal rights
- preventing fraud: sharing personal data with anti-fraud organisations, for example the National Fraud Initiative