Data protection fee and registration Pay your data protection fee and register your organisation. Make changes to your registration or find out why you received a letter from the ICO.

The Information Commissioner’s Office is the regulator of data protection and other information rights legislation, we are sponsored by the Department for Science, Innovation and Technology. …

Digital Service Provider incident reporting (NIS) For relevant Digital Service Providers who must notify the ICO of an incident under the NIS Regulations.

Further reading - responses to the ICO's consultation In February 2022, we launched a public consultation on the draft detailed guidance on the research provisions in the UK GDPR and the DPA …

Search the ICO’s register of more than 1 million data controllers to find organisations and people registered with the ICO under the Data Protection Act.

Does this section apply to us? This section applies if: you are a UK-based business or organisation; and the UK GDPR currently applies to your processing of personal data. What should we do? Now the …

Further reading – ICO guidance Read the section ‘ How do we ensure anonymisation is effective? ’ for further guidance on the factors you should consider when you assess identifiability.

The figures reported here are based on the number of reports of personal data breaches received by the ICO up to Q2 2025. Please note that the data is presented in calendar years and quarters, following …

Jun 19, 2025 · If a section makes changes that don’t directly affect you, we’ve noted this without explaining the detail (eg changes to the ICO’s responsibilities or the powers of the Secretary of State).

What are the ICO’s enforcement powers? We have various powers to take action for a breach of the UK GDPR or DPA 2018. Tools at our disposal include assessment notices, warnings, reprimands, …