Under the Data Protection Act 1998 the Chief Constables of each police force are the Data Controllers of all information placed by that force on to local force systems. Only they can authorise the amendment or deletion of any record.
Through the Data Protection Act a person may apply to the police, for disclosure of and disposal of any personal information held. The police should then make a decision regarding disclosure and disposal, on a case by case basis, under the terms of the Act.
The management and use of information within the police service is done in accordance with Management of Police Information (MOPI) 2006 guidance. This sets standards for the review and retention of information and the disposal of information if it is no longer considered necessary for police purposes.
The Code of Practice on the Management of Police Information (MOPI) defines policing purposes as: protecting life and property, preserving order, preventing the commission of offences, bringing offenders to justice and any duty or responsibility of the police arising from common or statute law.