Skip to main content

Privacy notice

The government identity system is a cohesive, cost-effective and consistent approach to branding government departments, their agencies and arm’s length bodies. This site provides guidance and resources for implementing new government identities. It is provided by Design 102 and the Government Communication Service (GCS) which is part of the Cabinet Office.

What information do we collect or hold about you?

We collect the following personal data from our registered users:

  • your name, email address and organisation

In addition to this we collect the following data from all site users:

  • your Internet Protocol (IP) address, and details of which version of web browser you used
  • information on how you use the site, using cookies and page tagging techniques

How do we use this information?

The data which we collect from all site users (IP address, browser version and information on how you use the site) will be used by authorised people in GCS, supplier organisations, other government departments, agencies and public bodies, in order to maintain security and improve the site by monitoring how you use it.

The data which our registered users provide allows us to manage your accounts and keep a record of who is using the site.

Your personal data will be shared only with the data processors who provide our web hosting.

We will also share your data if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.

How long do we keep it?

For subscribers we keep your data until you unsubscribe. We will also refresh the list every 5 years.

Where might it go?

As your personal data is stored on our IT infrastructure, and shared with our data processors, it may be transferred and stored securely outside the European Union. Where that is the case it will be subject to equivalent legal protection through the use of Model Contract Clauses.

What us is our legal basis for using your data?

Our legal basis is that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.

How we protect your information and keep it secure

We are committed to doing all that we can to keep your data secure. To prevent unauthorised access or disclosure we have put in place technical and organisational procedures to secure the data we collect about you – for example, we protect your data using varying levels of encryption. We also make sure that any third parties that we deal with have an obligation to keep all personal data they process on our behalf secure.

Your rights

  • You have the right to request information about how your personal data are processed, and to request a copy of that personal data
  • You have the right to request that any inaccuracies in your personal data are rectified without delay
  • You have the right to request that any incomplete personal data are completed, including by means of a supplementary statement
  • You have the right to request that your personal data are erased if there is no longer a justification for them to be processed
  • You have the right in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted
  • You have the right to object to the processing of your personal data where it is processed for direct marketing purposes
  • You have the right to object to the processing of your personal data

If you would like to exercise any of these, please email us at

Changes to this notice

We may modify or amend this privacy notice at our discretion at any time. When we make changes to this notice, we will amend the last modified date at the top of this page. Any modification or amendment to this privacy notice will be applied to you and your data as of that revision date. We encourage you to periodically review this privacy notice to be informed about how we are protecting your data.

How to contact us

The data controller for GCS is the Cabinet Office.

The contact details for the data controller are: Cabinet Office, 70 Whitehall, London, SW1A 2AS, or

The contact details for the data controller’s Data Protection Officer are: Stephen Jones, Data Protection Officer, Cabinet Office, 70 Whitehall, London, SW1A 2AS, or

The Data Protection Officer provides independent advice and monitoring of Cabinet Office’s use of personal information.


If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, or 0303 123 1113, or

Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.

Privacy notice | Accessibility statement