Office for Nuclear Regulation

This website uses non-intrusive cookies to improve your user experience. You can visit our cookie privacy page for more information.

Privacy notice

We respect your right to privacy. This external privacy policy sets out details about the way we process personal data that we collect from you and how we may use your information, when you interact with ONR.

ONR's functions are set out in the Energy Act 2013. In carrying out these functions, we necessarily collect information on businesses and individuals.

You might also provide us with information by using this website, for example, by giving us feedback or sending a query or request to us. ONR is registered as a data controller under the Data Protection Act 2018 and a description of how we use personal information is included on ONR's entry on the register which is maintained by the Information Commissioners Office.

About us

The Office for Nuclear Regulation is the data controller.

The Data Protection Officer for ONR can be contact by:

Collection of your personal data for our mailing list

When you subscribe to an email alert or newsletter service we collect:

When we collect your data we will notify you about what information we are collecting and our intended uses.

Other data collection

ONR may collect other regarding as part of our legal obligation as a nuclear regulator the list of data types we may process is available the ICO website.

Use of your personal data

The lawful basis for collecting and using the personal data will depend on the specific context in which we collect it.

However, we will normally collect personal data from you only

Details about the lawful bases for processing personal data can be found on the Information Commissioner’s website.

Storage and retention of your personal data

We will retain your personal data for as long as is necessary for the purpose it was collected.

In most cases, if you have subscribed to an email alert or subscription service, we will keep your personal data for as long as you are subscribed to that service or are required to by law and delete that data once you have requested to be removed. At the end of the retention period, your personal data will be disposed of securely.

Disclosure and security of your personal data

We may disclose your personal data to third parties when permitted to do so including:

We will never share or sell your personal data to other organisations for their direct marketing purposes.

All personal data you provide to us will be stored securely, both physically and electronically, in accordance with our policies. We have an information security process in place to oversee the effective and secure processing of your personal dat

a. In addition, we (or processors acting on our behalf) may also store or process your personal data in countries outside the European Economic Area but only where we are assured of the security of the data. We have put in place technical and organisational security measures to minimise the possibility of the loss or unauthorised access of your personal data.

Data processors

Whilst some email lists are managed in house using only ONR IT systems, we do use some third-party companies as data processors to provide the technology for email alerts and subscription services. Where we use third party providers, information will be provided to you when you subscribe to that service. Details of the more widely used third-party email subscription services are below.


We use GovDelivery provided by Granicus to manage subscription lists, preferences and send emails.

Your rights

We will ensure you can exercise your rights in relation to the personal data you provide to us. These are as follows:

Further details about your rights and the complaints process can be found on the Information Commissioner’s website


Google analytics

The main ONR website and the following subdomains all use Google analytics to allow us to measure how the site is used and to improve the service:

Google analytics opt out

To stop Google collecting this information, use the following link to opt out of all Google analytics.