Current timestamp: 23/06/2026 14:28:51
AgeAlertAnonymousAppealsApplicationsApply Or RegisterArea OutlineArrow DownArrow LeftArrow RightArrow UpAutomatic DoorsBack ArrowBusinessCalendarCashArrow DownArrow LeftArrow RightArrow Down[Missing text '/SvgIcons/Symbols/Titles/icon-chrome' for 'English (United Kingdom)']ClockCloseContactDirectionsDocumentDownloadDrawDrugExpandExternal LinkFacebookFb CommentFb LikeFiletype DefaultFiletype DocFiletype PdfFiletype PptFiletype XlsFinance[Missing text '/SvgIcons/Symbols/Titles/icon-firefox' for 'English (United Kingdom)']First AidFlickrFraudGive FeedbackGlobeGuide DogHealthHearing ImpairedInduction LoopInfoInstagramIntercom[Missing text '/SvgIcons/Symbols/Titles/icon-internet-explorer' for 'English (United Kingdom)']LaptopLiftLinkedinLocal Activity[Missing text '/SvgIcons/Symbols/Titles/icon-location' for 'English (United Kingdom)']LoudspeakerLow CounterMailMapMap PinMembershipMenuMenu 2[Missing text '/SvgIcons/Symbols/Titles/icon-microsoft-edge' for 'English (United Kingdom)']Missing PeopleMobility ImpairmentNationalityNorth PointerOne Mile RadiusOverviewPagesPaper PlaneParkingPdfPhonePinterestPlayPushchairRefreshReportRequestRestart[Missing text '/SvgIcons/Symbols/Titles/icon-rotate-clockwise' for 'English (United Kingdom)']Rss[Missing text '/SvgIcons/Symbols/Titles/icon-safari' for 'English (United Kingdom)']SearchShareSign LanguageSnapchatStart AgainStatsStats And Prevention AdviceStopSubscribeTargetTattosTell Us AboutTickTumblrTwenty Four HoursTwitter LikeTwitter ReplyTwitter RetweetUploadVisually ImpairedWhatsappWheelchairWheelchair AssistedWheelchair ParkingWheelchair RampWheelchair WcYoutubeZoom InZoom Out

Leave this site

Skip to main content

Skip to main navigation

Welcome

This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.

FOI 589/25

REQUEST

Under the Freedom of Information Act 2000, please provide the following information about your procurement of any:

 

(i) external Data Protection Officer (DPO),

(ii) Data protection GDPR compliance services for the period FY2022-23 to FY2024-25:  

 

1. Current DPO arrangements

 

1.1 Is the organisation’s DPO and other staff that work on data protection

compliance:

 

(a) An internal employee

(b) A DPO provided by an external service provider

(c) Hybrid (internal staff with external service provider support)

 

1.2 Where services are provided by external providers, please share the following information:

 

(a) The Company name(s)

(b) Annual spend by your organisation (FY2022/2023 through to

FY2024/2025)

(c) The highest day rate paid

(d) Contract dates (start/end/renewal terms)

(e) A brief description of the project or services provided (for instance, project title or internal reference)

(f) Services covered (e.g., audits, breach management, SAR management, delivery of DPIAs)

 

  • Please indicate what deliverables were produced
  • Procurement method (e.g., open competition, framework agreement, direct

award) and name of the procurement framework, if applicable.

 

2. Consultancy Spend

 

2.1 What is the organisation’s, total annual expenditure on data protection/GDPR consultancy services?

 

2.2 For SoW/projects which have a spend of more than £5k), please share the following information:

 

  • Supplier company name
  • The scope of the Project (e.g., "ICO investigation support", DPIA support, Internal Audit recommendation support)
  • Spend
  • Procurement method

3. Data Protection Compliance staffing

 

3.1 The Number of in-house data protection staff in the organisation?

(FTE)

 

3.2 Are there any vacant roles? (Yes/No)

 

3.3 Where there any ICO investigations, audits, or enforcement actions for the period from FY2022/2023 to FY 2024/2025?

 

4. Future Plans

 

4.1 Is your organisation planning to put out to tender for any DPO/GDPR services in the current financial year?

 

4.2 If yes please provide the following: Expected timeline Budget range Key service requirements Procurement method

 

RESPONSE

 

We consulted with our Information Management unit who have provided the below response to your request.

 

Question 1

 

All staff who work on data protection are internal employees of South Wales Police.

 

Question 1.2

 

N/A as above.

 

Question 2

 

There has been no spend on data protection/GDPR consultancy services

 

Question 3.1

 

1 FTE Team Leader

1 FTE Disclosure Officer Post (only 0.5 of post filled 0.5 vacant)

8 FTE Staff dealing with SARs (also deal with other Data protection enquiries)

Question 3.2

 

Yes, there is currently one 0.5 FTE vacant role.

 

Question 3.3

 

We had one ICO enforcement notice in the FY 2024/25 and this was for Freedom of Information.

 

Question 4

 

There are no plans currently in place.