8.2.2 We will only keep the data as long as it is necessary for the purposes for which we have collected. 3.1.6 The exchange of information with personal data can be divided into two types: this type of agreement is often used, especially in police work, to document how a unit/service provides a support service for a BCU/Force. The armed forces should design an ISA using the corresponding ISA model. A local agreement is governed by local force processes. For Essex Police and the Major Crime Directorate, it should be established either on Form A597, which provides an ISA model; or, if shared with a whole Essex information sharing partner (WEISF), the WEISF model; or a model used by the partner agency, provided it contains all aspects of Form A597 (Force Form A597a) to determine whether another organization`s ISA complies with the requirements of the Essex Police – SCD). 3.7.2 The results of the DPIA process should indicate whether or how the sharing should take place. Once the ISA has been approved, the armed forces should make them public as required. In the case of national agreements, it should be included in the national register and published on the NPCC Data Protection Group Knowledge Hub. (Note: To access this link, you must be a member of the group and be connected to the Knowledge Hub). The national information exchange portfolio aims to promote, support and enable the legitimate exchange of information in support of a police objective. It reports directly to the IMORCC.
The General Data Protection Regulation (GDPR) came into force on 24 May 2016 and came into force on 25 May 2018. The processing of personal data for “law enforcement” purposes is not the responsibility of the RGPD, but of the Criminal Prosecutions Directive, which replaces the European Council`s 2008/977/JAI framework decision. The directive came into force on 5 May 2016 and EU countries had to transpose it into their national legislation by 6 May 2018. The exchange of police information must be linked to a police objective. APP for Information Management – Police Information Management defines the following objectives: the Chief of the National Police for information exchange leads the national information exchange portfolio and reports directly to the Coordinating Committee on Operational Information Management Requirements (IMORCC). If a processor uses a processor, there must be a legally binding written contract. The contract is important for both parties to understand their responsibilities and commitments. The RGPD defines what should be included in the contract. When a subcontractor uses another organization (i.e.
a subcontractor) to assist in the processing of a processing manager`s personal data, it must have a written contract with that subcontractor. If it is necessary to share personal data because of a Memorandum of Understanding, there should be a separate agreement on the exchange of information (ISA) that is supported by this protocol. The “Local Process” manual is a document describing how the agreement is managed virtually at the local level. Examples of local process manuals and referenced documents, kindly provided by Brighton and Hove BCRP, are also available to assist in the creation of local versions. The common law does not give the police unconditional authority to engage in activities that are otherwise not provided for by law.