Personal data is any information that can be used to identify a living person. This includes names, address details, IP addresses, or HR data such as payroll details. Most organisations use personal data in their daily operations. We’ve also looked at some potential scams you need to be aware of.
I’ve been receiving emails apparently from the government, asking for my personal details. Is this a scam?
Scam emails asking for personal details often pretend to be from government departments, or official organisations such as Money and Pensions Service, MoneyHelper, HMRC and the Department for Work and Pensions (DWP), asking for personal details.
The government generally doesn't send emails in this way. If you get an email asking you to click a link or asking for personal details, just delete it or ignore it. It’s almost certainly a scam.
If it’s a government department, or an official organisation such as Money and Pensions Service, MoneyHelper, HMRC or the Department for Work and Pensions, search online for contact details or look on any official correspondence you have received.
Be careful when taking or receiving unexpected calls, emails and text messages.
Be aware that your bank will never ask you to reveal your full PIN or password, or ask you to move money to another account.
If you’re worried, check with your provider using a number you know is genuine. For example, use the number on the back of your card or from your annual statement or policy documents.
You can check if a financial services firm is authorised by the Financial Conduct Authority (FCA) by checking the Financial Services Register at the FCAOpens in a new window
Find out more in our guides:
A beginner’s guide to scams
Types of scams
What about protection of personal data after Brexit?
There have been no immediate changes to the UK’s data protection rules since the UK’s exit from the European Union (EU).
UK data protection law will continue to be aligned with the EU General Data Protection Regulations (GDPR).
You can read how personal data is shared from the EEA to the UK on the governement’s siteOpens in a new window
The UK remains committed to high data protection standards.
Find out more on the Information Commissioner’s Office site
Is the ICO’s GDPR guidance still relevant?
UK data protection law will continue to be aligned with the EU General Data Protection Regulations (GDPR). This means there will be no significant changes to the UK’s data protection regime due to the UK government bringing EU GDPR and Law Enforcement Directives directly into UK domestic law.
There might, however, be changes to the way data is shared from the EU to the UK. Our GDPR is kept in UK law, but the UK can keep the framework under review. As stated by the ICO, the ‘UK GDPR’ sits alongside an amended Data Protection Act (DPA 2018Opens in a new window) version.
Businesses and organisations can review whether they might be affected and the latest updates from government by checking the latest guidance available at ICOOpens in a new window