Javascript is required
logo-dastralogo-dastra

GDPR Data processing modelTax Fraud Detection and Risk-Based Audit Targeting

GovernmentPublic
Processing of taxpayer data by HMRC (or equivalent public authority) to detect correlations between high-risk files and fraudulent behaviour using data analytics and machine learning tools, in order to prioritise audits and investigations.

Purposes (1)

A purpose is the objective pursued by the setting up of your file. It indicates what the processing of personal data will be used for, its purpose. This purpose must be clear and understandable

1
Improve targeting of taxpayers to be audited
Legal obligation
Art. 6(1)(c) (legal obligation) + Art. 6(1)(e) (public task). HMRC is legally required to collect and protect tax revenue; fraud detection is a statutory obligation. Legitimate interest is not sufficient for a public authority in this context.

Data categories (1)

Personal data is any information relating to an identified or identifiable natural person. A natural person can be identified either directly (eg surname and first name) or indirectly (eg phone number, social security number, email or postal address, but also voice or image)

Fraud detection dataset

Data details

Telephone numberrequired
Emailrequired
Bank detailsrequired
Tax data for individualsrequired
Professional tax datarequired

Data conservation rules

Active base:

Retained while investigation or audit is ongoing.

Retention aligns with storage limitation (Art. 5(1)(e) UK GDPR) and HMRC statutory guidance.

Intermediate archiving:

6 years after closure of case

Limitation Act 1980; HMRC compliance record retention

Destruction

Data subject (2)

A data subject is any person whose data is collected, retained or processed by the data processing. e.g. In a recruitement process, any candidate for a position proposed in recruitement management process

  • Citizens
  • Legal entities
Created at:07/08/2023
Updated on:08/01/2025
License: © Creative commons :
Attribution / Pas d'utilisation commerciale
CC-BY-NC AttributionPas d'utilisation commerciale
Nb using:5

Access the full processing template

Try Dastra now to access all of our data processing templates that you can customize for your organization.It's free and there's no obligation for the first 30 days (no credit card required)

Add to my data processings record
Subscribe to our newsletter

We'll send you occasional emails to keep you informed about our latest news and updates to our solution

* You can unsubscribe at any time using the link provided in each newsletter.