Fields marked with * are mandatory


To understand how your data is collected and handled, read our privacy notice.

See our privacy policy

Your privacy is important to us. This Privacy Notice explains how Greater Manchester Police (GMP) processes personal data. It also outlines the steps we take to ensure that personal data is protected and describes the rights individuals have in relation to the data we process.

Personal data is any data that can be used to identify a living individual, on its own or in combination with other available information. References to names, identification numbers and location data would all be personal data. Processing means anything we do with the data and includes collecting, storing, and sharing.

The use and disclosure of personal data is governed in the United Kingdom by the Data Protection Act 2018 (the Act).

1. Controller

Under the Act the Chief Constable of Greater Manchester Police is registered as the controller for any personal data processed by GMP. In the rest of this privacy notice, the Chief Constable of Greater Manchester Police is referred to as we or us.

2. Data Protection Officer

The contact details for our Data Protection Officer are given at the end of this notice.

Information Compliance and Records Management Unit manages GMP’s data protection compliance and can be contacted by telephone on 0161 856 2529, or via email [email protected].

3. What information do we collect about you?

GMP collects personal data from a range of sources in the course of the exercise of its statutory Law Enforcement functions. We also process personal data that is collated in the course of our administrative functions, for example staff administration, procurement, property management, advertising and media.

The personal data we collect and use will include personal data and special category personal data.

Types of personal data we process may include information such as;

  • personal details such as name, address and emails
  • sound and visual images, including Body Worn Video and Facial Recognition
  • financial details
  • intelligence material
  • complaint, incident and accident details
  • employment details

Special category personal data may include:

  • racial or ethnic origin
  • political opinions
  • religious beliefs, or those of a similar nature
  • trade union membership
  • physical or mental health
  • sexual health or orientation
  • genetic or biometric data

GMP will only use the minimum amount of personal information necessary to carry out a particular activity.

See the Covid-19 privacy notice for more information about how we may seek to collect and hold additional information about you in relation to the challenges we are all facing during the Coronavirus pandemic.

4. Whose personal data do we handle?

In order to carry out our functions, we process information relating to a wide variety of individuals including:

  • victims
  • witnesses
  • people convicted of an offence
  • people suspected of committing an offence
  • complainants, correspondents and enquirers
  • consultants and other professional experts
  • suppliers
  • representatives of individuals in this list, such as parents, other relatives, guardians, and people with power of attorney

We also process data relating to existing and former members of staff.

Information is likely to be held in various forms, including electronically in emails and in GMP's electronic filing system and databases as well as in paper-based records. It may also be held in other electronic forms such as CCTV.

5. Where do we get the personal data we process?

We collect personal data from a variety of sources, including:

  • individuals who visit the website and interact with it (including by filling in and submitting forms), and their relatives, guardians and other persons associated with them
  • businesses (including security companies, and other supplies of goods and services) and other private sector organisations working with the police in anti-crime strategies
  • voluntary sector organisations
  • local authorities, national and local government departments and agencies (including the Home Office, HM Revenue and Customs, and private safeguarding agencies)
  • other law enforcement agencies and bodies (including international ones)
  • partner agencies involved in crime and disorder strategies
  • legal representatives, prosecuting authorities, courts, and prison
  • licensing authorities
  • approved organisations and people working with the police
  • ombudsmen and regulatory bodies (including the Independent Police Complaints Commission, and Her Majesty’s Inspectorate of Constabulary)
  • auditors
  • Police and Crime Commissioners
  • emergency services
  • current, past or prospective employers of individuals
  • healthcare, social and welfare advisers or practitioners
  • education, training establishments and examining bodies
  • business associates and other professional advisors
  • our employees, agents, and other temporary and casual works
  • persons making enquiries or complaints
  • financial organisations and advisors, and credit reference agencies
  • survey and research organisations
  • trade, employer associations; and professional bodies
  • the media
  • our own CCTV systems and body worn cameras

6. Why do we use personal data?

GMP processes personal data for law enforcement purposes as outlined in Part 3 of The Data Protection Act 2018 which are the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security. We also process data for the purposes of safeguarding National Security, including National Security Vetting for Met staff.

The legal basis for processing law enforcement data is that it is necessary for the performance of functions. GMP's functions are established in the main under the Police and Criminal Evidence Act 1984 and the Police Act 1996, The Police Reform Act 2002 and include any powers or duties conferred by an enactment, and include:

  • protecting life and property
  • preserving order
  • prevention and the detection of crime
  • bringing offenders to justice
  • any duty or responsibility arising from common or statute law
  • assisting the public
  • safeguarding national security
  • defending civil proceedings

We will only use personal information when the law allows us to and where it is necessary and proportionate to do so.

We may also process data for non-law enforcement purposes as outlined in Part 2 of The Data Protection Act 2018, such as when we recruit and vet potential employees, for staff administration, managing media relations and when we provide educational programmes and support. Where we process data for non-law enforcement purposes, the processing is likely to be based on the following grounds:

  • it is necessary for performing the contract
  • to comply with a legal obligation
  • it is in the public interest to do so; or for official purposes
  • we have a legitimate interest to do so, and it is necessary and balanced against your own interests, rights and freedoms
  • there may be rare occasions where it becomes necessary to use your personal information to protect your vital interests (or someone else's vital interests).

Where we process special categories of personal data, we will do so in accordance with the specific conditions of processing set out in the Data Protection Act 2018. It is likely that we will use special category data in the following circumstances:

  • where we have your explicit consent
  • where we are required to do so under Employment Laws
  • where it concerns a medical diagnosis, or the medical assessment of your working capacity
  • where it is for the purposes of the exercise of GMP's functions and it is in the substantial public interest

7. Asking for your consent to process personal data

Occasionally GMP may ask for your explicit consent in order to lawfully process your data. This will only happen in specific and limited circumstances and won’t usually be relevant to law enforcement data. When we do require consent, we will explain clearly what we are asking for and how we will use it. Consent must be freely given, specific and informed and there must be a genuine choice about offering your data. Where we are processing data based on your consent, you have the right to withdraw that consent at any time.

When we ask for your consent, we will specify why we want your data, and what we are going to do with it, how long we will keep it for and the steps we will take to delete it. We will also explain how you can withdraw consent.

8. How long do we keep personal data?

GMP keeps personal data for as long as is necessary for the particular purpose or purposes for which it is held. Personal data which is placed on the Police National Computer is retained, reviewed and deleted in accordance with the agreed national retention periods which are subject to periodic change.

Other records containing personal data relating to intelligence, digital media, custody, crime, firearms, child abuse investigations, domestic violence and other non-policing activities (such as Human Resources information) will be retained in accordance with the NPCC endorsed guidance on the Management of Police Information (MoPI) 2006, (this can be found on the College of Policing’s website GMP follows the National Retention and Disposal Schedule, (this can be found on the National Police Chief’s Council website

9. Who will we share data with?

The sharing of data is a primary business function. For example, it may be necessary to share data with:

  • other law enforcement agencies, both nationally and internationally
  • partner agencies working on crime reduction and prevention initiatives
  • the press and media, service providers
  • current, past and prospective employers, voluntary sector organisations, financial institutions and regulatory bodies.
  • businesses (including security companies, and other supplies of goods and services) and other private sector organisations working with the police in anti-crime strategies
  • agencies and other third parties concerned with the safeguarding of and investigation relating to international and domestic national security
  • local authorities, national and local government departments and agencies (including the Home Office, HM Revenue and Customs, the Serious Fraud Office, the Child Maintenance Service, the National Fraud Initiative, and private safeguarding agencies)
  • Police and Crime Commissioners
  • legal representatives, prosecuting authorities, courts, prisons, and other partners in the criminal justice arena;
  • victim support service providers
  • authorities involved in offender management
  • other bodies or individuals where necessary to prevent harm to individuals

GMP takes steps to ensure that any disclosures of personal data, however obtained, comply with the provisions of the Data Protection Act 2018 and General Data Protection Regulations. This includes ensuring that any disclosures are necessary and proportionate. Disclosures will be made on a case-by-case basis, using the personal data appropriate to a specific purpose, and with necessary safeguards in place.

Where you have provided your personal data to us for the purposes of the police constable recruitment process, your data, including biographical monitoring information, will be shared with the College of Policing.

It will be stored on their secure network or within their Assessment Information Management System (AIMS). From this information, your name, email address and candidate reference number will be uploaded to the new online assessment platform for constable recruitment and shared with the third party provider hosting the system in order to progress your application virtually.

Some of the bodies or individuals to which we may disclose personal information are situated outside of the European Union (EU). If we do transfer personal data to outside of the EU, we undertake to ensure that there are appropriate safeguards in place to certify that it is adequately protected as required by the legislation.

We will also disclose personal information to other bodies or individuals when required to do so by, or under, any act of legislation, by any rule of law, and by court order.

10. How do we keep your data secure?

The security, confidentiality and integrity of your data is important to us.

We comply with our legal obligations regarding security, relevant parts of the ISO27001 Information Security Standard, and where appropriate the College of Policing Authorised Professional Practice guidance on Information Assurance.

In addition, we limit access to your personal information to those employees, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions. 

We ensure that appropriate policy, training, technical and procedural measures are in place, including audit and inspection, to protect our manual and electronic information systems from data loss and misuse.

11. Is my data subject to automated decision making or profiling?

No, you will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you. If you have any questions about automated decision-making or automated profiling you can raise them using the contact details in this privacy notice.

12. Your rights as a data subject

Under the Data Protection Act 2018 you have a number of rights that you can exercise in relation to the data we process about you. Under certain circumstances, by law you have the right to:

  • request access to your personal information (commonly known as a right of access request). This enables you to receive a copy of the personal information we hold about you and check that we are lawfully processing it and that it is accurate
  • request rectification of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected
  • request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no lawful reason for us to continue to process it

    The right of erasure does not apply if we are processing your personal data:

      • to comply with a legal obligation
      • for the performance of a task carried out in the public interest or in the exercise of official authority
      • for the establishment, exercise or defence of legal claims
      • to exercise the right of freedom of expression and information
      • for archiving purposes in the public interest, scientific research, historical research or statistical purposes where erasure is likely to make it impossible to carry out or seriously impair that processing.
      • If you want to ask us to delete your personal data you can do so using the contact details in this privacy notice. We will respond to you within one month unless the request is complex.
  • request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it
  • be Informed. You are entitled to be told how we obtain your personal information and how we use, retain, and store it, and who we share it with. This privacy notice gives you that information, as well as telling you what your rights are under the relevant laws.
  • Data Portability. You have the right to obtain and reuse your personal information for your own purposes, transferring it from one environment to another. This right only applies to personal data provided by an individual, where the processing is based on their consent or for the performance of a contract and when that processing is carried out by automated means. If you wish to discuss this right, you can do so using the contact details in this privacy notice.
  • Object to
    • processing based on legitimate interests or performance of a task in the public interest and or exercise of official authority
    • processing of your information for scientific and historical research and statistics
    • direct marketing.

Any objection must be on grounds relating to your particular situation. If you want to exercise your right to object you can do so using the contact details in this privacy notice.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we are allowed under the law to charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we can refuse to comply with the request in such circumstances.

We sometimes need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Further information about these rights can be found within the Data Protection Act 2018 and on the Information Commissioner’s Office website:

To exercise any of these rights please contact the Information Compliance and Records Management Unit at: [email protected], telephone: 0161 856 2529, or via post:

Information Compliance and Records Management Unit 
Greater Manchester Police 
Information Services Branch
Openshaw Complex 
Lawton Street 
M11 2NS


13. Online privacy

This section explains:

  • how we collect, store, use, disclose, retain and destroy personal data through the website at (those activities are also referred to as processing personal data)

We will treat information you provide to us in using this website treated in confidence and we will not disclose it to third parties unless we are required to do so by law, or as explained in this privacy notice.

We gather information about site usage to help the development and improvement of services to the public, and to protect the integrity of our systems from malicious users. We also gather information through the various functions available on the site that allow you to provide us with information (such as online forms and the live-chat function) for the purposes described later in this privacy notice. At the moment this information consists of:

  • information obtained by our content management system to examine what people are searching for, what they find, and occasions where no results are returned, and which does not identify individual users; information provided by users through online forms (for purposes including crime reporting, crime reporting advice and information, anti-social behaviour reporting, 'Clare's Law' applications, road traffic incident reporting, and firearms licence applications) and live-chat functionality, which may identify individual users and other individuals depending on what information users enter (it is possible we will be able to access information you enter on an online form even if you do not submit it, because of the way the website is set up to automatically save part-complete forms periodically)
  • statistical information obtained using Google Analytics which does not identify individual users (more information about this is in the 'How do we use cookies?' section of this privacy notice)
  • your IP address and details of which browser you are using, which we record when you use our online forms
  • your IP address, used to identify your location if you use any geo-location features on this website, and which we only use to show you relevant content, and which we do not store or share with third parties

How do we use cookies?

A 'cookie' is a piece of information stored on your computer which allows web servers to collect information from your visit to this website. It saves a small amount of data to your computer, which the website then uses on repeat visits.

We use cookies on this website to improve user experience and for essential functionality. We do not use them for identification, monitoring, or profiling purposes. To find out how to reject, delete or update your cookie preferences in your browser you need to know what browser you use and what version of it you are using. Most browsers have guidelines on how to adjust cookie settings through their 'Help' menu.

We use the following cookies on the website for the reasons explained below.

Google Analytics sets the following cookies:

Universal Analytics

Cookie name Expiration time Purpose
_ga Two years This cookie is used to distinguish users, which helps us count how many people visit our website
_gat Ten minutes Used to manage the rate at which page view requests are made

Google Analytics

Cookie name Expiration time Purpose
_utma Two years Like _ga, this lets us know if you’ve visited before, so we can count how many of our visitors are new to the site or to a certain page
_utmb 30 minutes This works with _utmc to calculate the average length of time you spend on the site
_utmc When you close the browser This works with _utmb to calculate when you close your browser
_utmz Six months This tells us how you reached the site (eg from another website or a search engine)

If you don't want to send information to Google Analytics, you can use Google's opt-out browser add-on or you can configure your browser to enable you to choose which cookies you allow to be created.

‘Remarketing’ services

We use cookies from the Google Doubleclick and Facebook Pixel services to track activity of website visitors originating from media sources. We use anonymised data from this service to optimise our online advertising activity for recruitment. In certain cases we may use ‘remarketing’ services to target our ads to you based on your prior use of our site when you visit other sites included within an online advertising network. If you do not wish to be tracked in this way, you can opt out via the following:

Google Doubleclick 

Facebook Pixel

Session cookies

We use session cookies to enable us to identify requests from the same browser during a limited time window, and provide a way to remember page changes, or item or data selection, for the duration of that session.
Session cookies are essential for the website to operate and are set upon your arrival to the site. These cookies are deleted when you close your browser.

Site messages

You may see pop-up messages on our site. For example, a pop-up explaining our use of cookies. Once you have seen these messages we store cookies to ensure we do not show you the same message again.

14. Complaints and further queries

GMP tries to meet the highest standards when processing personal data. We take complaints very seriously. If you have any concerns about the way that we have handled your personal data please bring it to the attention of our Data Protection Officer via the following means:

Email: [email protected];

Telephone: 0161 856 2529;

Or via post:

The Data Protection Officer
Information Compliance and Records Management Unit
Greater Manchester Police
Information Services Branch
Openshaw Complex
Lawton Street
M11 2NS

You are also able to submit complaints to the Information Commissioner’s Office:

The Information Commissioner's Office
Wycliffe House
Water Lane

Telephone: 08456 30 60 60 or 01625 54 57 45


Date of last update and changes

We last updated this privacy notice on 29 November 2019. We keep this privacy policy under regular review and update it if any of the information in it changes.

Business or building address