FOI requests responded to between June 2023 - May 2024

Below are a selection of responses to requests made under the Freedom of Information Act between 1st June 2023 and 31st May 2024.

Accounts

Between 2019 and 2022/23 for

1. If the accounts were published in those years
2. Number of people who inspected the accounts in the time periods each year.
3. Number of requests/questions asked, and what they were/what areas they covered
4. Number of objections raised, and what they were.
5. Any FOI requests relating to the accounts or finances (with the phrase ‘accounts’ of ‘inspection or statement of accounts’)
6. Any changes made to the accounts as a result.

Response:-

1. If the accounts were published in those years. Yes
2. Number of people who inspected the accounts in the time periods each year. 0
3. Number of requests/questions asked, and what they were/what areas they covered. N/A
4. Number of objections raised, and what they were. N/A
5. Any FOI requests relating to the accounts or finances (with the phrase ‘accounts’ of ‘inspection or statement of accounts’) We often refer to the accounts when answering questions. We are not aware of FOI requests that have a specific reference to the inspection.
6. Any changes made to the accounts as a result.  N/A

Data Protection Act Compliance

1. A copy of your organisation's Records of Processing Activity (ROPA) as defined in Article 30 of the UK General Data Protection Regulation (UK GDPR).
2. A copy of all legitimate interest assessments conducted by your organisation where you rely on Article 6(1)(f) legitimate interests as your lawful basis for processing.
3. A copy of all privacy impact assessments conducted by your organisation.
4. A copy of all data protection impact assessments conducted by your organisation.
5. A copy of all international transfer risk assessments conducted by your organisation.
6. A recent copy of your organisation's data protection compliance assessment using the Information Commissioner's Office (ICO)'s accountability framework template. If you are using your own standards to monitor compliance with the Data Protection 2018, please provide me with copy of it.
7. A copy of your organization's data protection policy.
8. A copy of your organization's subject access request policy, procedures, and processes, including any guidance material such as folder structure, naming conventions, and redaction guides.
9. A copy of your organisation's privacy notices, including but not limited to employees, customers, ministers, special advisors (SPADs), complaints, NEDS, visitors, and CCTV.
10. A copy of your organisation's due diligence questions for vendor management such as independent data controllers or processors.

Response:-

A copy of your organisation's Records of Processing Activity (ROPA) as defined in Article 30 of the UK General Data Protection Regulation (UK GDPR).

A copy of all legitimate interest assessments conducted by your organisation where you rely on Article 6(1)(f) legitimate interests as your lawful basis for processing.

Information is published on our website here:- https://www.devonandcornwall-pcc.gov.uk/information-hub/freedom-of-information/data-protection/

A copy of all privacy impact assessments conducted by your organisation.

Information is published on our website here:- https://www.devonandcornwall-pcc.gov.uk/information-hub/privacy-impact-assessments/ 

A copy of all data protection impact assessments conducted by your organisation.

Information is published on our website here:- https://www.devonandcornwall-pcc.gov.uk/information-hub/privacy-impact-assessments/ 

A copy of all international transfer risk assessments conducted by your organisation.

No information relevant to this request is held.

A recent copy of your organisation's data protection compliance assessment using the Information Commissioner's Office (ICO)'s accountability framework template. If you are using your own standards to monitor compliance with the Data Protection 2018 please send a copy.

A copy of your organization's data protection policy.

Information is published on our website here:- https://www.devonandcornwall-pcc.gov.uk/information-hub/opcc-policies/

A copy of your organization's subject access request policy, procedures, and processes, including any guidance material such as folder structure, naming conventions, and redaction guides.

Information is published on our website here:- https://www.devonandcornwall-pcc.gov.uk/information-hub/freedom-of-information/data-protection/

A copy of your organisation's privacy notices, including but not limited to employees, customers, ministers, special advisors (SPADs), complaints, NEDS, visitors, and CCTV.

Information is published on our website here:- https://www.devonandcornwall-pcc.gov.uk/information-hub/freedom-of-information/data-protection/

A copy of your organisation's due diligence questions for vendor management such as independent data controllers or processors.

Documents1

Document 2

Printing

1. How many employees do you have?
2. How many printers (A4, A3 single function or multi-function) do you have?
3. How many print servers do you have?
4. Do you use any print management software (Equitrac, SafeQ, PaperCut, PrinterLogic etc)?
5. Who supplies your printers, software and servers?
6. If so, which do you use?
7. What is the job title of the person responsible for printers within your organization?

Response:-

The provision of ICT to the OPCC is outsourced.  

You can find information about the number of employees working at the Office of the Police and Crime Commissioner on our website here:- https://www.devonandcornwall-pcc.gov.uk/about-us/the-opcc-team/ . 

The OPCC has 1 multi-function print device within its office which is a Ricoh MP C4504ex.

Printers are supplied through a contract managed by Devon and Cornwall Police Procurement Department / South West Police Procurement.