Data Protection Act 2018 and General Data Protection Regulation (GDPR)

Leeds City Council has to process information in order to deliver and improve services to our citizens.

The Data Protection Act 2018 says that any personal data we collect and hold about you has to be:

  • processed lawfully, fairly and in a transparent manner
  • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
  • accurate and, where necessary, kept up to date
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
  • the controller shall be responsible for, and be able to demonstrate compliance with the above principles relating to the processing of personal data

Leeds City Council’s Data Protection Policy Statement and Appropriate Policy Document are available to download:

Contact us




Use this form to give us your comments. Do not use it to give us personal information - please contact us if you need to get in touch.