Who We Are

The Scottish Police Authority is independent of both the Scottish Government and policing. It is the primary governance body for policing in Scotland, and was established as a public body on 1 April 2013 by the Police and Fire Reform (Scotland) Act 2012. It was set up to hold the Chief Constable to account; promote, support and oversee improvement in policing. It is also responsible for the management and delivery of Forensic Services in Scotland and Independent Custody Visiting Scotland.

In this section, find out more about the Authority’s priorities, the Board and the Leadership team.

Who We Are

What We Do

The Scottish Police Authority is responsible for maintaining policing. It has four specific areas of responsibility:

promoting the policing principles

supporting continuous improvement

keeping policing under review

holding the Chief Constable to account.

This section tells you in outline what the Authority does.

What We Do

Complaints

Are you dissatisfied with the service you have received from policing in Scotland?

The Scottish Police Authority, Police Scotland and the Police Investigations and Reviews Commissioner (PIRC) all have a role to play in considering complaints about policing in Scotland.

In this section, find out who to direct your complaint to. We also welcome written communication in Gaelic (see our Gaelic Language Plan).

Complaints

Published: 06 August 2025

FOI 2025/26-040 - Police Scotland compliance with GDPR legislation

LET 20250724 FOI Response 2025 26 040 (pdf, .13MB )

Report Summary

Issued 24 July 2025, this FOI response advises that the Scottish Police Authority has no jurisdiction in terms of governance of Police Scotland's compliance with GDPR. Advice is provided that GDPR legislation is regulated by the Information Commissioners Office (ICO).

To access the full document please open the PDF document above.

To view as accessible content please use the sections below. (Note that some tables and appendixes are not available as accessible content).

Response

The Scottish Police Authority has considered your request under the Freedom of Information (Scotland) Act (FOISA).

The Scottish Police Authority has no jurisdiction in respect of governance or oversight for compliance with GDPR.

The Chief Constable of Police Scotland is a Data Controller in terms of the UK Data Protection legislation. The legislation is regulated by the Information Commissioners Office (ICO). The Commissioner has the statutory powers to compel disclosure, issue fines or take court action if they believe that a Controller has failed to comply with the legislation.

Further information can be found at UK GDPR guidance and resources

Previous Section |

Related Publications

The documents below are related by Topic and are the most recently published

Annual Procurement Report 2024/25 - 13 August 2025

Published: 08 August 2025

View Publication

Q1 Transformation Report - 13 August 2025

Published: 08 August 2025

View Publication

Green icon with 2 arrows moving in different horizontal directions.

FOI 2025/26-046 - Information asset ownership and data governance roles

Published: 07 August 2025

View Publication

FOI 2025/26-032 - Information and communications related to non-UK data processing over the past 12 months

Published: 25 July 2025

View Publication

Back to all documents

Tell us whether you accept cookies

FOI 2025/26-040 - Police Scotland compliance with GDPR legislation

Report Summary

Response

Related Publications

Annual Procurement Report 2024/25 - 13 August 2025

Q1 Transformation Report - 13 August 2025

FOI 2025/26-046 - Information asset ownership and data governance roles

FOI 2025/26-032 - Information and communications related to non-UK data processing over the past 12 months