For more information about security, see

We have a legal duty to protect your information. We maintain strict security standards and procedures to prevent unauthorised access to your data. We use leading technologies including digital certificates and encryption to further safeguard your data.

The approach we take to protecting the data you provide to us has been approved by the Data Protection Registrar.

You provide two kinds of information to the Government Gateway: 'Registration information' and 'Known facts'.

- Registration information

When you register with the Government Gateway, you enter your name and email address. Note that as part of registration you do not enter your address, or any other personal details.

The Government Gateway stores this information securely in a registration database. It does not send it to any government departments or third parties. Your email address may also be used by the Government Gateway to communicate with you and to forward messages to you from government departments.

If you register on behalf of your organisation, each User in the organisation can enter some optional additional details (for example, their job title, department or extension number). This information is not sent to any government departments. It is used to identify you to other Government Gateway Users within your organisational group.

- Known facts

When you enrol for a service, you are asked to enter a set of known facts for that service. This combination of information uniquely identifies you as an individual or an organisation. For example, if you are enrolling for Self Assessment, these facts will be made up of your Tax reference, postcode and National Insurance number.

The Government Gateway has access to an extract database from each government department that handles online services. This database contains the known facts of all individuals or organisations eligible for a service.

When you enrol for a service, the information you enter is compared with the information held on the extract database. If it matches information already held, the Government Gateway sends a request to the relevant department to supply the Government Gateway with the postal address for the individual or organisation identified by these known facts.

The Government Gateway uses the postal address to send you your Activation code. If you use a User ID and password to log in, we will also send you confirmation of your User ID through the post. After we have sent this information, your address is deleted from the Government Gateway.

No new information is shared with any government department or third party. The only information that is transferred between the Government Gateway and the government departments are the known facts that you have provided. Since this information does not include your name or address it cannot be used by anyone except the government departments. The data collected by Government Gateway from you will be held securely for a period of up to and not exceeding 72 hours as part of our privacy assurance for Customers. The way that data is held and transferred is consistent with HM Government Security Framework, policy and advice.

The Government Gateway does not send your email address to any government departments. If a department needs to communicate with you by email, they will email you via the Government Gateway. The government department and the Government Gateway will use your known facts to identify you.

The Government Gateway contains links to other websites, mainly those of other government departments and some third party software suppliers. The Government Gateway is not responsible for the privacy practices of any of these other sites. We encourage you to be aware of this when you leave the Government Gateway and to read the privacy statements on other websites you visit which collect personally identifiable information.

This privacy statement applies solely to information handled by the Government Gateway.

A cookie is a piece of data stored in the memory of your computer when you connect to the Government Gateway. Government Gateway cookies are not stored on your hard disk.

In simple terms, we generate and temporarily store a meaningless number which is used to keep track of your identity from page to page. This is destroyed when you log out from the Government Gateway or close your browser window. We do not use the cookie to track the way you use the website.

Most internet browsers (for example, Internet Explorer) are set up to automatically accept cookies, but you can change your settings to prevent this. However, if you choose not to accept cookies you will not be able to access the Government Gateway, as we need to use cookies to manage your session.

Log files are used to track transactions made using the Government Gateway and we are required by law to store these for auditing purposes. The log files are based on your User ID, do not contain any personally identifiable information, and are stored securely.

You can change your registration information at any time. To do this, log in to the Government Gateway and click on 'Your Details'. You will then be able to see the information we currently have stored on you, and make changes if you wish. If you registered with a certificate, you cannot change the name that the Government Gateway stores for you, as this is automatically copied from your certificate.

You can unenrol from services for which you have enrolled. Your registration details are then marked as 'inactive' and are stored securely for auditing purposes.

If this privacy policy changes in any way, an updated version will be placed on this page. Regularly reviewing this page ensures you are always aware of what information is collected, how it is used, and under what circumstances, if any, it is shared with other parties.