Who We Are

The Scottish Police Authority is independent of both the Scottish Government and policing. It is the primary governance body for policing in Scotland, and was established as a public body on 1 April 2013 by the Police and Fire Reform (Scotland) Act 2012. It was set up to hold the Chief Constable to account; promote, support and oversee improvement in policing. It is also responsible for the management and delivery of Forensic Services in Scotland and Independent Custody Visiting Scotland.

In this section, find out more about the Authority’s priorities, the Board and the Leadership team.

Who We Are

What We Do

The Scottish Police Authority is responsible for maintaining policing. It has four specific areas of responsibility:

promoting the policing principles

supporting continuous improvement

keeping policing under review

holding the Chief Constable to account.

This section tells you in outline what the Authority does.

What We Do

Complaints

Are you dissatisfied with the service you have received from policing in Scotland?

The Scottish Police Authority, Police Scotland and the Police Investigations and Reviews Commissioner (PIRC) all have a role to play in considering complaints about policing in Scotland.

In this section, find out who to direct your complaint to. We also welcome written communication in Gaelic (see our Gaelic Language Plan).

Complaints

Published: 06 August 2025

FOI 2025/26-040 - Police Scotland compliance with GDPR legislation

Category: FOI

LET 20250724 FOI Response 2025 26 040 (pdf, .13MB )

Report Summary

Issued 24 July 2025, this FOI response advises that the Scottish Police Authority has no jurisdiction in terms of governance of Police Scotland's compliance with GDPR. Advice is provided that GDPR legislation is regulated by the Information Commissioners Office (ICO).

To access the full document please open the PDF document above.

To view as accessible content please use the sections below. (Note that some tables and appendixes are not available as accessible content).

Request

Your request for information dated 28 June 2025 is copied below.

As set out in the Police and Fire Reform (2012) Act the role of the Scottish Police Authority is to provide governance and oversight of policing in Scotland, in this context can you answer the following questions,

Are the Scottish Police Authority responsible for holding Police Scotland to account regarding its compliance with GDPR legislation?

If not the responsibility of the SPA who is the responsible body?

| Next Section

Related Publications

The documents below are related by Topic and are the most recently published

Annual Procurement Report 2024/25 - 13 August 2025

Published: 08 August 2025

View Publication

Q1 Transformation Report - 13 August 2025

Published: 08 August 2025

View Publication

Green icon with 2 arrows moving in different horizontal directions.

FOI 2025/26-046 - Information asset ownership and data governance roles

Published: 07 August 2025

View Publication

FOI 2025/26-032 - Information and communications related to non-UK data processing over the past 12 months

Published: 25 July 2025

View Publication

Back to all documents

Tell us whether you accept cookies

FOI 2025/26-040 - Police Scotland compliance with GDPR legislation

Report Summary

Request

Related Publications

Annual Procurement Report 2024/25 - 13 August 2025

Q1 Transformation Report - 13 August 2025

FOI 2025/26-046 - Information asset ownership and data governance roles

FOI 2025/26-032 - Information and communications related to non-UK data processing over the past 12 months