Privacy Notices


Personal Data and GDPR

As a data controller, Merseyside Fire and Rescue Authority processes the personal data of Service employees (including ex- and potential employees), Fire and Rescue Authority members, volunteers, suppliers and service users based on the following conditions under GDPR:

  • When it is necessary to comply with a legal obligation.
  • When it is necessary for the performance of a contract.
  • When processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
  • Where we have the data subject's consent.

We work closely with other agencies and may offer assistance to our service users from other agencies such as councils, health services, adult and children's services or charities, and may, for the purpose of making vulnerable people safer, share personal information with other agencies. Those agencies may also share information with Merseyside Fire & Rescue Authority.

There are some circumstances in which we will not be able to - or are not required to - ask for consent to share information. This includes where the law permits or requires us to pass information to other agencies.

Privacy Notices

The links below provide details of our Privacy Notices which set out why and how we process your data and the legal reasons we use for doing so.

We may also tell you why we need your personal data by including a privacy statement on any forms or letters that we use.