Skip to main content

Genomics England privacy notice

Our privacy notice gives general information about who we are, what we do and who to contact if you want more information (such as to exercise your information rights), as well as more detail about how we use your personal data.

Dots connected by lines on rich pink background

General information

Genomics England’s priority is to ensure that the data of all participants and everyone it deals with is protected – and that we are fully compliant with the latest data protection legislation.

Who we are and what we do

Genomics England is a limited company wholly owned by the Department of Health and Social Care (company registration 08493132).

We were created to run the 100,000 Genomes Project, a project instigated by former Prime Minister David Cameron in order to research cancers and rare diseases. That project has now come to an end. The Project is transitioning to where the main source of recruitment, sample and data acquisition, and mechanism for return of results will be via the NHS Genomic Medicine Service (NHS GMS).

What we use your personal data for

Genomics England processes personal data for a number of reasons. These include:

  • research,
  • providing the NHS Genomic Medicine Service (NHS GMS),
  • recruitment,
  • using this website,
  • organising conferences and
  • providing access to our research environment to other research institutions and businesses.

Genomics England is a data controller, and we are registered with the Information Commissioner’s Office (ICO), registration number ZA021653.

Valid from 17 June 2022

To find out about how we use your personal data, click to expand the section that relates to you below.

Your rights over your data

You have a number of rights in respect to your data and we explain in more detail what these are below. We will ask for proof of identity when you make a request, we do this to make sure we are processing the correct data for the request.

  • Access to your personal information – you may ask us for a copy of the personal information we hold on you this is known as a subject access request.
  • Rectification of your personal information – if we hold inaccurate information about you, let us know and we can update it.
  • Erasing your personal information – you can ask to have the data we hold on you deleted. This isn’t an absolute right, and we have to balance your requests against other factors such as legal or regulatory requirements.
  • Restrict processing of your personal information – you can ask us to stop using your personal data in certain circumstances. For example, if you have objected to your data being processed where the lawful basis is legitimate interests.
  • Data portability – you can ask us to transfer your personal information to a third party of your choice.
  • Right to object – you can object to any processing where we rely on legitimate interests to process your data.
  • Automated decision making and profiling – you will be informed if we use any automated decision making or profiling and have the right to request human intervention, express your view and challenge the decision.

If you wish to make an individual rights request, and to help us identify what information you require, please download this form and send it to the email address below.

We aim to respond to all valid requests within one month. It may take us longer if the request is particularly complicated or you have made several requests. We’ll always let you know if we think a response will take longer than one month.

We may not always be able to do what you have asked. This is because your rights will not always apply, for example, if it would impact the duty of confidentiality we owe to others, or if the law allows us to deal with the request in a different way. We will always explain to you how we are dealing with your request.

More details on how your data is handled

Genomics England’s priority is to ensure that the data of all participants and everyone it deals with is protected – and that we are fully compliant with the latest data protection legislation.

Who do we share your data with?

We may share your personal data, this will only be with third parties we use to provide marketing or for the purposes of seeking legal or other professional advice; to respond to a legal request or comply with a legal obligation.

Any third party with whom we share your personal data will be required to protect it and put in place appropriate technical and security measures in accordance with our instructions. They are required to keep your personal data confidential.

Where will my data be held?

Genomics England holds all health and genomic data in our secure United Kingdom data centres.

Occasionally we may transfer your personal information outside the European Economic Area (EEA). For any supplier we use overseas we will always conduct due diligence and ensure the appropriate safeguards are in place to protect your data.

How long do we keep your data?

We will only keep your personal data for as long as necessary, you can ask us for more information.

Contacting us

Genomics England has appointed a Data Protection Officer who can be contacted at the address below:

The Data Protection Officer
Genomics England Limited
One Canada Square
E14 5AB

If you have any other questions about how we process your data please contact the Data Protection Team using the email below.

Complaints to the Information Commissioner

You also have the right to complain to the UK Information Commissioner if you don’t feel we are using your data in line with your rights, or if you feel we haven’t dealt with your request properly. Please come to Genomics England in the first instance to give us a chance to respond and resolve your query.

You can contact the ICO on their website using the link below or via their helpline at 0303 123 1113.

Updates to our privacy notices

Our privacy notices are regularly updated and each will have a ‘valid from’ date at the top.

Explore Genomics England