answer text |
<p>The Home Office is the data controller for all data processed within the EU Settlement
Scheme, this includes where organisations are contracted to act on behalf of the Home
Office as the Home Office. No other organisations have access to the personal information
of applicants to the EU Settlement Scheme. The Home Office may however share information
with other organisations, but only where the information needs to be shared and there
is an appropriate legal basis for doing so. Further detail on this is set out in the
Borders, Immigration and Citizenship System privacy information notice:</p><p><a href="https://www.gov.uk/government/publications/personal-information-use-in-borders-immigration-and-citizenship."
target="_blank">https://www.gov.uk/government/publications/personal-information-use-in-borders-immigration-and-citizenship.</a></p><p><br>The
Home Office takes its data security and data protection obligations ex-tremely seriously.
There are processes in place in the Home Office for the capturing and mitigation of
risks and vulnerabilities to ensure appropriate con-trol of our services. I can confirm
this is the case for the EU Settlement Scheme</p><p>All Home Office systems including
EU Exit applications undergo rigorous cyber assessments prior to launch. This includes
an independent security testing to ensure they are resilient to external attack.</p><p>Our
IT systems hosting platform include a number of mechanisms to detect and respond to
malicious intrusions.</p><p>All data is encrypted both in transit and at rest. Our
IT staff are security cleared and your data will only be accessed by those who have
a valid business reason to access it. The Home Office regularly monitors the systems
for abuse and misuse.</p><p>With this non-exhaustive list of measures, we protect
the data of non-UK EU citizens who register under the Settlement Scheme.</p>
|
|