Data controllers must inform the Information Commissioner of any processing of personal data.

"Notification" is how a data controller provides the Commissioner with the details that form the "register entry" for that data controller. The Commissioner maintains a public register of the register entries.

Most, but not all, data controllers are required to have a register entry. This is only a small part of your obligations under the Data Protection Act - simply having a register entry does not mean that you have fulfilled your obligations under the Act.

All data controllers, whether they are, or are not, required to have a register entry must ensure that all the processing of personal data complies with the remaining provisions of the Act, in particular the  Eight Data Protection Principles

NOTE: the new data protection legislation comes into force on 1 August 2018.

This brings changes to the process for new registrations and renewals of existing register entries.

No new register entries can be made under the 2002 Act from 1 August 2018.  More information about the new register of controllers and processors can be found HERE

There are transitional arrangements for register entries made under the 2002 Act which expire between 1 August 2018 and 31 January 2019.  More information about the transitional arrangements can be found HERE and will also be included in the registration renewal reminder letter sent approximately 6 weeks before the entry expires