Gainsborough Shopwatch Scheme.pdf - Lincolnshire Police

NOT PROTECTIVELY MARKED 

P.698 (07/13) 

INFORMATION SHARING AGREEMENT 

INFORMATION SHARING AGREEMENT (ISA) 

BETWEEN 

GAINSBOROUGH SHOPWATCH SCHEME 

AND 

LINCOLNSHIRE POLICE 

Version - 2.0 

(Revised- 14 May 14) 

NOT PROTECTIVELY MARKED


SUMMARY SHEET 

Information Sharing Agreement 

ISA Ref: 

LP001/LWL - Gainsborough Shopwatch Scheme 

PURPOSE 

To create a system for the formal exchange of photographs, information and 

intelligence between the police, and members of the Gainsborough Shopwatch 

Scheme, with the intention to prevent, detect, and/or reduce crime in 

Gainsborough Town Centre and South West Ward. 

Lincolnshire Police 

PARTNERS 

Gainsborough Shopwatch Scheme 

Date Agreement comes into force: 1 October 2012 

Date of Agreement Review: 

Six months after coming into force, then annually 

Agreement Owner: 

Lincolnshire Police 

Agreement drawn up by: 

PCSO 2260 Pearson 

Location of Signed Agreement in 

force: 

Information Management Unit, Force HQ 

Protective Marking: 

Not protectively marked 

VERSION RECORD 

Version 

No. 

Date Amendments Made Authorisation 

Draft 9 Sep 12 Initial Draft PCSO 2260 Pearson 

1.0 1 Oct 12 Initial Authorisation E D Tedder - IS Officer 



2.0 15 Apr 14 Section 1, 2,5, 7 & 8 Amended 

Security Section added, now section 9. 

Section 11 amended (previously section 

10) 

Section 14 added 

Appendix 1 – Principals of the Data 

Protection Act added. 

Appendix 3 Amended in order to reflect 

the changes made to legislation 

regarding Rehabilitation Periods. 

L Chapman – IS Officer 

1. INTRODUCTION 

1.1 Lincolnshire Police are committed to partnership working, and continually look for 

opportunities to work more closely with local identified partners to detect, prevent and reduce 

crime and anti-social behaviour. 

1.2 In adopting this partnership approach it is important that the policies/practices of the 

agencies involved compliment each other to ensure that any action taken is appropriate, 

necessary, proportionate and consistently applied. 

1.3 This agreement outlines the need for the police and Gainsborough Shopwatch Scheme to 

work together to alleviate crime and anti-social behaviour in Gainsborough Town Centre and 

provides a framework for action. 

2. PURPOSE 

2.1 The purpose of this agreement is to enable action to be taken against crime involving theft, 

burglary, robbery, anti-social behaviour and other related commercial premises offences. It 

will incorporate measures aimed at: 

• Facilitating a coordinated approach that targets crime 

• Facilitating the collection and exchange of relevant information 

• The pursuit of criminal proceedings - either by Lincolnshire Police or the 

members of the Gainsborough Shopwatch Scheme. 

• Ensuring that the sharing of information meets one or more of the policing 

purposes. 

2.2 Effective information exchange is the key to partnership working. The effectiveness of 

information exchange is a reflection of the effectiveness of the partnership as a whole. 

2.3 It also seeks to increase the confidence of Shop owners and management, while 

encouraging their support to enable Lincolnshire Police to combat crime, which occurs in 

the Gainsborough Town Centre and South West Ward. 



2.4 A key factor for developing Information Sharing Agreements is to ensure that personal 

information is being processed fairly and lawfully. Identifying the Data Controller for 

personal information disclosed within the remit of this ISA will help determine the roles and 

responsibilities of each organisation. This should ensure that information sharing is both fair 

and lawful. The recipient organisation will become the Data Controller for any personal 

information that is shared for the purpose/s described within this ISA. 

3. PARTNER(S) 

3.1 This agreement is between the following partners: 

Gainsborough Shopwatch Scheme, C/O Oldrids Department Store, Market Place, 

Gainsborough, Lincolnshire, DN21 2BT 

and Lincolnshire Police, PO Box 999, Lincoln, LN5 7PH 

4. POWER(S) 

4.1 This agreement fulfils the requirements of the following: 

• Common law powers of disclosure 

• The Crime and Disorder Act 1998 (Section 115) 

• The Data Protection Act 1998 (Sections 29(3) & 35 (2)) 

• The Human Rights Act 1988 (Article 8) 

• Fraud Act 2006 

• The existing Retail Crime Initiative 

5. PROCESS 

5.1 This agreement has been formulated to facilitate the exchange of information between 

partners. It is, however, incumbent on all partners to recognise that any information shared 

must be justified on the merits of each case. 

5.2 The sharing of personal data requires careful judgement in which the identified policing need 

must be considered against relevant issues dictated under Data Protection and Human 

Rights legislation. Any information the police or partner agency considers sharing must 

therefore be accurate, necessary and proportionate. 

Accurate: All information must be accurate and relevant to the purpose for which it is being 

shared with proper reference made to the nature of the source and the intelligence itself. 

Necessary: The necessity to share information between the Police, and Gainsborough 

Shopwatch is to effectively deal with issues concerning the prevention, detection, 

investigation and prosecution of those persons engaged in criminal activity and/or anti social 

behaviour, and an ongoing responsibility to protect public safety. 



Proportionate: In considering whether to share personal information all parties have a duty 

to ensure that a fair balance is achieved between the protection of an individuals rights and 

the general interests of society. In judging whether it is appropriate to share such information 

the Police, and Gainsborough Shopwatch will examine whether the identified purpose 

infringes upon the subject’s right to privacy, the appropriate measures to meet the purpose 

are both fair and rational and also that the means used are no more than is necessary to 

accomplish the purpose. 

5.3 Information Exchange 

Information Exchange relates to a physical exchange of data between one or more 

individuals or agencies. Advice from the Information Commissioner indicates that public 

authorities may exchange data, provided that: 

• They have notified their intention to do so 

• That the process of exchange is in accordance with the Data Protection Act, in 

particular the eight principles forming Part 1 of Schedule 1 (See Appendix 1 for 

further information). 

• There is a statutory or common law power to do so. 

5.4 Fair Processing. 

The Data Protection Act requires the fair processing of information unless an exemption 

applies. In particular, fairness involves being open with people about how their information is 

used. Lincolnshire Police have a fair processing notice available on the website which states 

how the information may be processed and shared. Additionally, information sharing 

agreements are published on the Lincolnshire Police website. 

The most likely exemption from the fairness requirement is sharing personal data for the 

prevention and detection of crime and disorder, where the disclosure of that fact would be 

likely to prejudice the investigation. 

5.5 Reasons for Information Exchange 

The processing and analysis of information and where appropriate, intelligence, is essential 

for identifying and limiting the activities of those committing crime and disorder along with the 

associated problems which adversely affect community safety and the quality of life. 

5.6 The exchange of appropriate information is fundamental to the success of any strategy 

implemented for the purposes of reducing crime and disorder. 

5.7 The opportunities for information exchange therefore: 

• Assist strategic and tactical planning to disrupt crime. 

• Assist Crime and Disorder partnerships to implement the provisions of the Crime and 

Disorder Act 1998 and other subsequent legislation. 

• Assist agencies to exchange information where a power exists to do so, in 

accordance with the Data Protection Act the Human Rights Act and any other 

relevant legislation. 

5.8 Benefits of information exchange 

The benefits of appropriate information exchange are: 

• Better informed decision making and partnership working 

• Enhanced inter-agency relationships 

• Improved profiling of crime and disorder activity thus allowing a more effective 

targeting of resources. 



• Reduction of Crime and Disorder throughout Lincolnshire. 

• Effective monitoring and evaluation of all community safety initiatives 

6. TYPES OF INFORMATION TO BE SHARED 

6.1 Lincolnshire Police may share: 

• Redacted and de-personalised (statistics) information relating to crimes of Theft, 

Burglary, Robbery and Fraud in the Lincolnshire Police area. 

• Evidence relating to a conviction for an arrestable offence associated with Theft, 

Burglary, Robbery and Fraud, providing that the conviction is not considered spent 

under the Rehabilitation of Offenders Act 1974, see Appendix 3; 

• Evidence relating to a conditional caution accepted by an accused for an arrestable 

offence associated with Theft, Burglary, Robbery and Fraud offences, where the date 

of the caution is less than three months from the disclosure date; providing that the 

conditional caution is relevant to the request and the disclosure of information can be 

justified on the grounds that it falls within a policing purpose. 

• Information between the two parties will be exchanged for the sole purpose of 

preventing and detecting crime relating to Theft, Burglary, Robbery and Fraud 

offences. 

• Photographs of individuals convicted of Theft, Burglary, Robbery and Fraud offences, 

where current information/intelligence suggests that they may still be active within the 

Gainsborough Town area, providing that the information is relevant to the request 

and the disclosure of information can be justified on the grounds that it falls within a 

policing purpose; 

6.2 Gainsborough Shop Watch Scheme may share: 

• Information / evidence received involving the offences of Theft, Burglary, Robbery 

and Fraud occurring in or effecting the Lincolnshire Police area. 

• Evidence from internal shop CCTV schemes (where they exists) in relation to 

offences committed therein. 

7. CONSTRAINTS ON THE USE OF THE INFORMATION 

7.1 If an agency wishes to disclose shared information to a third party, as best practice the 

agency should seek written consent from the agency that provided the information. If a 

statutory requirement for disclosure exists then consent for further disclosure is not required. 

Any agency must ensure that all principles of the Data Protection Act are adhered to. 

Therefore, if an agency makes a further disclosure to a third party they must ensure that the 

sharing of personal data is not processed in any manner incompatible with the purpose/s it 


was obtained for. 


7.2 As best practise all information shared is only valid at the time of provision, and should only 

be used for the purpose as requested. However, the recipient organisation becomes the 

Data Controller for the shared information therefore the information may be used for 

subsequent investigations, if it is being used for a purpose that is compatible with the 

purpose for which it was obtained, i.e. prevention and detection of crime and disorder. 

7.3 Disclosures 

Disclosures of information and in particular, personal data are bound to both common and 

statute law in particular, but not restricted to the following: 

• The Common Law Duty of Confidentiality 

• The Data Protection Act 1998 

• The Human Rights Act 1998 

7.7 Any disclosure of personal data must have regard to both common and statute law. For 

example, defamation, the common law duty of confidence and the data protection principles. 

Consideration should always be given to alternative powers that exist for the purposes of 

data disclosure: 

7.4 Consent 

Many of the Data Protection issues in relation to disclosure can be avoided if the consent of 

the individual has been sought and obtained. Consent must be freely given after the 

alternatives and consequences are made clear to the person from whom permission is being 

sought. This will be considered to be ‘informed consent’. For the purposes of this 

agreement, the term ‘sensitive’, where applied to data refers to the categories of data termed 

‘sensitive’ within the Data Protection Act 1998. 

7.5 Witnesses, Victims and Complainants 

Extreme care and careful consideration should be taken where the disclosure of information 

includes details of witnesses, victims or complainants. The general rule is that information 

such as described by witnesses, victims or complainants should not be disclosed without first 

obtaining fully informed, specific and explicit consent from the individual concerned. In all 

such cases, advice should be sought from the legal department, Information Sharing Officer 

and/or Data Protection Officer. 

7.6 Ongoing Investigations 

If there is an ongoing investigation which is sensitive or of which the offender is not yet 

aware of the police investigation the officer in the case will be consulted prior to any 

dissemination to ensure there is no prejudice to the ongoing investigation or subsequent 

court proceedings. A case involving safeguarding issues, which require an urgent disclosure 

to protect any individual, should receive priority attention. In the event of a dispute, the views 

of the officer in the case will prevail. 

8. ROLES AND RESPONSIBILITIES UNDER THIS AGREEMENT 

8.1 Each member of the Gainsborough Shop Watch Scheme must appoint a single point of 

Contact (SPOC) who must work together with the police SPoC, to jointly solve problems, 

which occur in the Town Centre. The sharing of information must only take place where it is 

valid and legally justified. 



Police SPoC 

Title: West Lindsey Community Policing Inspector 

Contact Details: Tel 07939 996594 

Gainsborough Shopwatch 

SPoC 

Title: Shop Manager 

Contact Details: Oldrids Department Store 

Tel 01427 612346 

8.2 The Gainsborough Shop Watch Scheme will maintain a register of all members who are part 

of the agreement, and identify the Single Point of Contact within the register. 

8.3 Both contacts have a responsibility to create a file or folder that can record each individual 

request for information and the decision made. It must include copies of the request for 

information, details of the data accessed and notes of any meeting, correspondence or 

phone calls relating to the request. 

8.3 In order for Lincolnshire Police to share information, the designated police officer or staff 

making the disclosure must ensure that one or more of the policing purposes are met. 

Policing Purposes are defined as: 

 

 

 

 

 

Protecting life and property; 

Preserving order; 

Preventing the commission of offences; 

Bringing offender to justice, and 

Any duty or responsibility arising from common or statute law. 

8.4 Within Lincolnshire Police the file will be held and managed by the West Lindsey 

Neighbourhood Policing Area Inspector, within the Gainsborough Shopwatch Scheme the 

file will be held and managed by the scheme SPoC. 

8.5 Information Breaches 

Complaints and breaches to this agreement should be dealt with by utilising any established 

agency policies and procedures for breaches and complaints made in relation to appropriate 

legislation in connection with the agreed information exchange and data processing. 

Any disclosure of information by an employee, which is done in bad faith or for motives for 

personal gain, will be the subject of an investigation and be treated as a serious matter. 

Each party will be accountable for any misuse of the information supplied to it and the 

consequences of such misuse by its employees, servants or agents. 

All agencies are reminded of the Data Protection Act Principles and Section 55 and Section 

61 Offences. 

It is the responsibility of all parties to notify the other party of any known breach or 

infringement immediately and remedial action must be agreed and actioned by all relevant 

agencies concerned. 

Major breaches may result in this agreement being temporarily suspended or withdrawn 

completely. 

8.6 Subject Access 

Subject Access is an individuals right to have a copy of information relating to them which is 

processed by an organisation. 

Once information is disclosed from one agency to another, the recipient organisation 



becomes the Data Controller for that information. With regards to subject access requests, 

the Data Controller has a statutory duty to comply with section 7 of the DPA, unless an 

exemption applies. It is good practise for the recipient organisation to contact the originating 

organisation. This enables the originating organisation to advise the use of any statutory 

exemptions that may need to be applied prior to disclosure to the requesting individual. 

Communication should take place speedily thus allowing the servicing of the request to take 

place within the Statutory 40 calendar day, time period. 

8.7 Freedom of Information 

If a party receives a request for information under the Freedom of Information (FOI) Act 

[2000] that relates to data that has been disclosed for the purposes of this ISA, it is best 

practice to seek advice from the originating organisation prior to release. This allows the 

originating organisation to rely on any statutory exemption under the provisions of the FOI 

Act and to identify any perceived harms. However, the decision to release data under the 

FOI Act is the responsibility of the agency that received the request. 

Lincolnshire Police Information Sharing Agreements are made publicly available on the force 

website. 

9. SECURITY 

9.1 Partner agencies should establish common rules for shared data security, in order to ensure 

compliance with the Data Protection Act. As best practice the disclosing organisation should 

make sure that any personal information they disclose will continue to be protected by 

ensuring that the recipient organisation has adequate security measures in place. 

9.2 As part of Lincolnshire Police’s responsibility regarding the data they process/control, the 

security guidance within this document should be agreed to and signed up to by all the 

parties involved within this agreement. However, it must be noted that the recipient 

agency/ies has legal responsibility for any information that has been shared as a result of 

this information sharing agreement, this includes its security. 

9.3 Agencies that have adequate security measures in place to ensure compliance with the Data 

Protection Act should apply their own security procedures to any shared information. 

9.4 Lincolnshire police may, by arrangement undertake a physical review of a partner agency’s 

premises and security procedures. 

9.5 Security Guidance 

It is essential that the participating agencies provide personal or other sensitive information 

only to specific individuals authorised to receive it. The transfer, use, storage and retention 

of the information by each participating agency must comply with the Data Protection Act, 

and should comply with the security requirements stipulated within this agreement. Any 

additional security requirements that an agency wishes to specify must be done so in 

agreement with all parties involved within this document. 

9.6 General Principles 

Ensuring that personal information is protected against accidental or unlawful destruction, 

loss, alteration, unauthorised disclosure or access is the seventh principle of the Data 

Protection Act 1998. Partners should ensure they have appropriate security in place and 

arrangements to monitor these. 

A key issue, especially for electronic documentation, is the consistent use of encryption and 



secure information exchange. Unguarded exchange of personal information may not only 

infringe the rights of the individual subject or others that may be identifiable from the 

information, but also compromise the organisations sharing information or jeopardise any 

proceedings or legal measure based upon that information. 

With remote working there is an issue about storing personalised information on flash 

drives/memory sticks and of encryption. Partners sharing personal information are 

responsible for ensuring laptops, drive or removable electronic media containing personal 

information used for remote working are encrypted, and have Home Office approved levels 

of security. To comply with national guidance encryption should be at least 256 bit. 

Recent Home Office guidance with respect to third party suppliers suggests that: 

a) No unencrypted laptops or drives or removable electronic media containing personal 

information should be taken outside office premises. 

b) No transferring of any protected personal information from Home Office approved 

systems to third party suppliers owned laptops, PCs, USB keys, external drives and any 

other electronic media is permitted. 

9.7 Secure Information Exchange 

Electronic exchange can be the most secure and auditable means of exchanging information 

provided this is done using suitable secure technology. Standard e-mail, even with 

encryption, is not generally sufficiently secure to protect personal information. 

Personal information should only be exchanged electronically using a secure messaging 

system. 

Attendees at meetings where personal data is discussed must also ensure that controls 

applied to agenda and minute documents as are as secure as those used for requesting and 

securing personal information, since these will often name the individuals being considered 

and contain elements of the information contributory to the decision making process. 

Records of meetings and personal information must be subject to the principles set out in the 

ISA, particularly in relation to purpose and retention. 

If a recipient organisation wishes to remove shared information from their premises, they 

must ensure that the information is kept secure at all times, must not be made available to 

individuals who are not authorised to see it, and must only be used for the purposes 

specified within the ‘Information Sharing Agreement’ 

9.8 Sharing information securely 

It is important that information is shared securely. Those who receive personal data should 

take appropriate measures to protect the data against accidental or unlawful destruction or 

accidental loss, alteration, unauthorised disclosure or access, and against all other unlawful 

forms of processing. This includes when data is being shared and stored both electronically 

and manually (e.g. paper). 

All designated Officers who have access to personal data should have been assessed for 

reliability in line with the employer’s requirements for the role, for example Disclosure and 

Barring Scheme (DBS) checks. A greater degree of staff vetting and/or training is needed 

where there is a greater importance that relevant data be secure. 

The information Commissioner has issued the following guidelines concerning obligations for 

agencies: 

a) Does the data controller have a security policy setting out management commitment 

to information security within the organisation 



b) Is the responsibility for the organisations security policy clearly placed on a particular 

person or department 

c) Are sufficient resources and facilities made availability to enable that responsibility to 

be fulfilled 

Shared information should be stored securely, and if no statutory guidance dictates 

otherwise the recipient organisation should destroy the information when it is no longer 

needed for the purpose for which it was provided. If an organisation does not have the 

means to securely destroy shared information, they should consider returning the data to the 

originating organisation for destruction. 

9.9 The Government Protective Marking Scheme (GPMS) 

The Government Protective Marking Scheme is applied to data held by Lincolnshire Police. 

In order to ensure that the same protection is afforded to Lincolnshire Police data once it has 

been disclosed to a partner agency, the partner organisation should handle, store and delete 

police data according to the Government Protective Marking Scheme. Appendix 2 provides 

further guidance on the GPMS. 

Organisations that already have security procedures in place that afford data the same 

protection as the GPMS should apply the same regulations to data disclosed by Lincolnshire 

Police or any other partner organisation. 

9.10 Transmitting information securely 

When sharing information both the sender and the receiver should deal with the information 

according to its protective marking. See Appendix 2 for handling requirements in line with 

protective marking. 

Secure e-mail 

Lincolnshire Police documents must display the Protective marking at the top and bottom of 

the relevant text or attachments. Insecure e-mail should not be used for any personalised 

information. The below secure e-mail addresses may be used for information protectively 

marked up to and including RESTRICTED: 

a) CJSM 

b) PNN 

c) GSI 

d) GSX 

e) NHS.net 

f) GCSX 

g) MOD 

Criminal Justice Secure email 

When using CJSM.net it is important to remember to correctly align the email suffix for 

secure information exchange as outlined below. 

Organisation 

Normal email Suffix 

Email suffix for secure sharing 

with CJSM 

Police @pnn.police.uk @pnn.police.uk.cjsm.net 

Government Connect 



Government Connect is a pan-government programme providing an accredited and secure 

network between central government and every local authority in England and Wales. The 

network is known as GCSX (Government Connect Secure Extranet). GCSX is part of the 

wider Government Secure Intranet (Gsi) and provides connectivity to nearly all central 

departments. 

GCSX provides secure access form connected Local Authorities to many other secure 

networks such as: 

• Government Secure Extranet (GSX) 

• Government Secure Intranet (Gsi) 

• National Health Service (NHS) 

• Criminal Justice Extranet (CJX) 

• Police National Network (pnn) 

10. SPECIFIC PROCEDURES 

10.1 Relevant photographs will be supplied by Lincolnshire Police to the Gainsborough 

Shopwatch Scheme on a regular basis, providing that they are supported with a Form B 

(P698B) Response to Request for Information, which must be retained by the Police SPoC 

within the file created for such purpose. 

10.2 If additional information is required members of the Gainsborough Shopwatch must make 

their request in writing using Form A - Request for Personal Information. 

10.3 The decision to provide information will be documented on Form B - Response to Request for 

information. Copies of both Form A and Form B will be retained by the Police SPoC within 

the file created for such purpose. 

10.4 Requests and responses to requests should be done via secure e-mail. A secure e-mail 

address may contain one of the following; cjsm; cjx; gcsx; gsi; gsx; mod; nhs.net; pnn. If you 

are unsure as to whether an e-mail address you have been provided with is secure, you 

should contact the Force Security Officer for assistance. Royal Mail Recorded Delivery and 

hand delivery is also acceptable. 

10.5 In exceptional circumstances information may be shared via fax but care must be taken 

where personal information is shared. It is suggested that the following guidelines are used 

when exchanging personal information by fax: 

ii) 

iii) 

iv) 

Telephone the recipient of the fax to let them know you are about to 

send it 

Check the fax number. Ask the recipient to wait by the fax. 

Ask the recipient to confirm receipt of the fax; or call them to ensure 

the fax has arrived. 

v) Use pre-programmed fax numbers (double check the accuracy of preprogrammed 

numbers) where possible to reduce the chance of the fax 

being sent to the wrong machine. 

vi) 

vii) 

Ensure that you use an appropriate fax cover sheet. 

Keep a record that you have sent the fax. 

Any loss of data must be advised to the Force Security Officer or the Information Sharing 


Officer as soon as this is identified. 


10.6 Requests for information may be made by telephone in cases of emergency, for example, 

where there is a risk of immediate violence by using the ‘999’ system. If the need for the 

request falls outside normal office hours, or the identified Police SPoC is not available, and 

the need is still ‘urgent’, but not an emergency, the request should be made to the Force 

Control Room (FCR) Tel: 101. If both circumstances, the request will be directed to the duty 

Inspector (If available) or the duty supervisor, who will make the decision to release 

information. Form MoPI 1 Request for Information, will be completed on behalf of the 

requestor by the Duty Inspector/Supervisor, and information released will be documented 

thereon. Upon completion and release of information, Form MoPI 1 will be forwarded to the 

identified Police SPoC, who will, upon receipt of the form, file it in alphabetical order within 

the file set up specifically for use with the named partner. 

10.7 Replies to requests must be made within ten working days. 

10.8 The Police SPoC will submit any information received from the , as a result of a request for 

information, if relevant, via the 5x5x5 system into the Lincolnshire Police intelligence 

systems in a timely, accurate and proportionate manner. 

11. REVIEW, RETENTION AND DELETION 

11.1 The recipient of the information is required to keep it securely stored and when it is no longer 

required for the purpose for which it was requested, will safely dispose of it. In order to 

ensure compliance with the Data Protection Act, data should be kept no longer than is 

necessary, retention periods may vary between organisations. In accordance, with the 

Management of Police Information (MoPI) and the Limitations Act [1980] Lincolnshire Police 

will retain copies of the requests and responses for 6 years. 

The original police data source will be deleted when it is no longer useful for a policing 

purpose, this will be done in line with Lincolnshire Polices Review, Retention and Disposal 

policies which are governed by MoPI guidelines. 

Partner agencies should retain the shared information in accordance with statutory 

guidelines and internal policies. If no statutory guidance exists for the retention and deletion 

of data, information should be held in accordance with the fourth and fifth principle of the 

DPA. 

11.2 Files containing information from partner sources will be reviewed in line with force policy. 

12. REVIEW OF THE INFORMATION SHARING AGREEMENT 

12.1 This Information Sharing Agreement will be reviewed six months after its implementation 

and annually thereafter. The nominated holder of this agreement is Lincolnshire Police. It is 

based on the national template for Information Sharing which forms part of the guidance 

issued on the Management of Police Information by the Association of Chief Police Officers 

(ACPO) and the Home Office. 

13. INDEMNITY 



13.1 Members of the Gainsborough Shopwatch Scheme, as receivers of police information will 

accept total liability for a breach of this Information Sharing Agreement should legal 

proceedings be served in relation to the breach. 

13.2 The data recipient shall indemnify the Information Provider in full in respect of any loss or 

damage caused to the Information Provider as a consequence of the unauthorised 

disclosure of data supplied under this agreement. 

14. DISCLAIMER 

14.1 The Information Provider disclaims all liability to the data recipient in connection with the 

data recipient's use of data supplied under this agreement and shall not, under any 

circumstances, be responsible for any special, indirect or consequential loss or damages 

including but not limited to loss of profits arising from the use of the data by the data 

recipient. 

15. SIGNATURE 

15.1 By signing this agreement, all signatories accept responsibility for its execution and 

agree to ensure that staff are trained so that requests for information and the process 

of sharing itself is sufficient to meet the purposes of this agreement. 

15.2 Signatories must also ensure that they comply with all relevant legislation. 

15.3 It is the responsibility of all signatories to ensure that: 

• Realistic expectations prevail from the outset. 

• Professional, ethical standards are maintained. 

• The Data Protection Principles are upheld. 

• The information exchanged is kept secure and confidentiality is maintained as 

appropriate to the information’s level of protective marking as defined by the 

Data Controller. 

• A mechanism exists by which the flow of information can be controlled. 

• Appropriate staff training is provided on this agreement. 

15.4 Adequate arrangements exist to test adherence to the agreement. 

Signed on behalf of Lincolnshire Police 

Title: 

Rank / Position: 

Date: 

Signed on behalf of Gainsborough Shopwatch 

Scheme 



Title: 

Rank / Position: 

Date: 



Appendix 1 

Appendix 1– Principles of the Data Protection Act 

Principle 

1 

Personal data shall be processed fairly and lawfully and, in particular, shall not 

be processed unless: 

• At least one of the conditions in Schedule 2 is met and; 

• In the case of sensitive data at least one of the conditions in Schedule 3 is 

also met. 

Principle 

2 

Principle 

3 

Personal data shall be obtained only for one or more specified and lawful 

purposes and shall not be further processed in any manner incompatible with 

that purpose or those purposes. 

Personal data shall be adequate, relevant and not excessive in relation to the 

purpose or purposes for which they are processed. 

Principle 

4 

Principle 

5 

Personal data shall be accurate and, where necessary, kept up to date. 

Personal data processed for any purpose or purposes shall not be kept for 

longer than is necessary for that purpose or those purposes. 

Principle 

6 

Personal data shall be processed in accordance with the rights of data 

subjects under this Act. 

Principle 

7 

Principle 

8 

Appropriate technical and organisational measures shall be taken against 

unauthorised or unlawful processing of personal data and against accidental 

loss or destruction of, or damage to, personal data. 

Personal data shall not be transferred to a country or territory outside the 

European Economic Area, unless that country or territory ensures an adequate 

level of protection for the rights and freedom of data subjects in relation to the 

processing of personal data. 



Appendix 2 

SENSITIVE DOCUMENTS SUPPLIED BY LINCOLNSHIRE POLICE – SECURITY 

REQUIREMENTS 

Some of the electronic or hardcopy documents that you receive from Lincolnshire Police will contain 

sensitive or personal information. These documents will be provided to you on the understanding 

that you apply the protective measures described below. 

GENERAL REQUIREMENTS 

You must only use the information supplied by Lincolnshire Police for one or more of the following 

purposes: 

For the detection or prevention of crime; 

As specified in an Information Exchange Protocol that has been agreed between your 

organisation and Lincolnshire Police; 

For a specific purpose that has been agreed, in writing, by Lincolnshire Police. 

You may not disclose, copy, or onwardly transmit information provided by Lincolnshire Police without 

its express, written permission, unless this is permitted within the terms of an Information Exchange 

Protocol agreed between your organisation and Lincolnshire Police. 

You may only retain the information for a period of time that will enable you to fulfil the purpose for 

which it has been has been provided. The information must then either be securely destroyed or 

returned to Lincolnshire Police as detailed in these instructions. It is your responsibility to contact 

Lincolnshire Police to establish if any relevant change has occurred since the information was 

provided to you, and upon which you intend to base any decision or action. 

PROTECTIVE MARKING & ASSOCIATED HANDLING RULES 

Documents that contain sensitive information will usually display a protective marking on the top and 

bottom of each page. This indicates how sensitive the information is, and determines the protective 

measures that need to be applied to it. The appropriate measures for each marking are shown 

below. 



STORAGE OF 

PAPERS 

RESTRICTED 

Protected by one barrier, e.g. a locked 

container (restricted access) within a 

secure building. 

CONFIDENTIAL 

Protected by two barriers, e.g. a 

locked container in a locked room 

(both with restricted access) within a 

secure building. 

DISPOSAL OF 

PAPERS 

DISPOSAL OF 

FLOPPY DISKS & 

CDs 

MOVEMENT 

WITHIN YOUR 

ORGANISATION 

RETURN TO 

LINCOLNSHIRE 

POLICE 

Shred in a strip or cross-shredder or 

return to Lincolnshire Police. 

Keep secure if storing prior to 

disposal. 

Dismantle floppy disks. Cut inner 

disks or CDs into quarters (at least). 

Dispose with non-restricted waste. 

By trusted hand OR in a sealed 

envelope or container with the 

protective marking & descriptor 

shown. Include a copy of these 

instructions inside. 

By trusted hand in a sealed envelope 

or container, OR by recorded delivery 

or courier service in a sealed 

envelope with no protective marking 

or descriptor shown (other than 

PERSONAL or PRIVATE), & 

addressed to an individual by name 

or appointment. 

Shred in a cross-shredder or return to 

Lincolnshire Police. 

Keep secure if storing prior to 

disposal. 

Dismantle floppy disks. Cut inner disks 

or CDs into quarters (at least). 

Dispose with non-restricted waste. 

By trusted hand OR in a sealed 

envelope or container with the 

protective marking & descriptor 

shown. Include a copy of these 

instructions inside. 

By trusted hand in a sealed envelope 

or container, OR by Special delivery 

or courier service in a sealed 

envelope using double envelopes, 

both fully addressed but with the 

protective marking shown on the 

inner envelope only. 

Provide a return address on the outer 

envelope. 



Appendix 3 

Rehabilitation Periods: 

1) Prison sentences of more than four years never become spent. 

2) The rehabilitation periods for the main sentences are set out in the table below: 

Sentence 

A custodial sentence of 

more than 30 months 

and up to, or consisting 

of, 48 months 

A custodial sentence of 

more than 6 months and 

up to, or consisting of, 30 

months 

A custodial sentence of 6 

months or less 

Removal from Her 

Majesty’s service 

A sentence of service 

detention 

A fine 

A compensation order 

End of rehabilitation period for 

adult offenders 

The end of the period of 7 years 

beginning with the day on which 

the sentence (including any licence 

period) is completed 

The end of the period of 48 months 









beginning with the date of the 

conviction in respect of which the 

sentence is imposed 



the sentence is completed 





The date on which the payment is 

made in full 


offenders under 18 at date of 

conviction 


beginning with the day on which the 

sentence (including any licence 
















sentence is completed 





The date on which the payment is 

made in full 



Sentence 

A community or youth 

rehabilitation order 

A relevant order 


adult offenders 


beginning with the day provided for 

by or under the order as the last 

day on which the order is to have 

effect 

The day provided for by or under 

the order as the last day on which 

the order is to have effect 


offenders under 18 at date of 

conviction 


beginning with the day provided for 

by or under the order as the last day 

on which the order is to have effect 

The day provided for by or under the 

order as the last day on which the 

order is to have effect 

3) Where no provision is made by or under a community or youth rehabilitation order or a relevant 

order for the last day on which the order is to have effect, the rehabilitation period for the order is to 

be the period of 24 months beginning with the date of conviction. 

4) There is no rehabilitation period for— 

a) An order discharging a person absolutely for an offence, or 

b) Any other sentence in respect of a conviction where the sentence is not dealt with in the Table 

above or where no provision is made by or under a community or youth rehabilitation order or a 

relevant order. 

In such cases mentioned above, any rehabilitation period is to be read as if the period of time is nil. 

For example, a caution becomes spent immediately, and a conditional caution becomes spent after 

three months from the date on which the caution is given, or, if earlier, when the caution ceases to 

have effect. 

5) Consecutive terms of imprisonment or other custodial sentences are to be treated as a single 

term, 

6) Terms of imprisonment or other custodial sentences which are wholly or partly concurrent (that is 

terms of imprisonment or other custodial sentences imposed in respect of offences of which a 

person was convicted in the same proceedings) are to be treated as a single term. 

For further information on the rehabilitation periods, see Chapter 8 of the Legal Aid, Sentencing and 

Punishment of Offenders Act 2012, which can be accessed using the following link: 

http://www.legislation.gov.uk/ukpga/2012/10/part/3/chapter/8/enacted

Gainsborough Shopwatch Scheme.pdf - Lincolnshire Police

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?