Policy paper

Records Management Policy - Independent Review of the Loan Charge 2025

Updated 28 March 2025

1. Overview

This document sets out why the Independent Review of the Loan Charge 2025 (henceforth “The Review”) keeps records, what those records are, and our responsibilities.

This document should be read in conjunction with the Privacy Notice for The Review, available on GOV.UK.

The purpose and scope of the Review is set out in the Terms of Reference on GOV.UK. We keep records only for the purpose of delivering that review and all our activities – and thus records created – are solely for that purpose.

Whilst the review has been commissioned by HM Treasury, all our records will be stored on our own domain, access to which is restricted only to members of The Review team and the IT administrators necessary for its maintenance, unless information sharing is necessary to ensure HM Treasury’s legal obligations with regards to information and data management are met. However, our expectation is that all evidence submitted to the review is treated as confidential, submitted only for the purpose of supporting the review.

All records – save for those which there is a legal obligation to hold for longer – will be deleted upon the conclusion of the review.

The final report of the review will form the public record arising from this review.

2. Status

This policy is live for the duration of the Review (the end date for which being the date of publication of the Review’s final report).

3. Legislative Obligations

Our records are subject to a relevant information legislation, including UK GDPR and the Data Protection Act (2018), Freedom of Information Act (2000) and Public Records Act (1958).

4. Responsibilities

All members of The Review are responsible for reliable record keeping on behalf of the Review; personnel will understand and use the provided information management domain; file regularly, selectively, securely and refrain from using excessive personal storage. If personnel are unclear about any of this, they will seek advice from their line manager.

5. Types of record and how long we hold them

The types of information we hold fall into three categories: evidence, review, and ancillary.

Evidentiary

Evidentiary documents are those submitted to the review by individuals or organisations to form part of the evidence base for the review, and/or summaries/analysis containing or based on this information. These documents are likely to form the largest proportion of our records. These are likely to contain sensitive information provided by respondents and so must be treated with accordant sensitivity and confidentiality – especially where this information is (as the overwhelming majority is expected to be) personal data. Rights and responsibilities for personal data is covered by the Privacy Notice for the Review.

These records should be held only for as long as is necessary, save where there is a legal obligation to preserve these. Any records remaining at the conclusion of the review will be destroyed save for where preservation is required to fulfil a legal obligation.

Review

Review documents are those created by the review as part of our work in delivering the final report. This will include drafting and documentation to support the final report.

As these documents are based on evidence provided, these records should be held only for as long as is necessary, and deleted forthwith at the conclusion of the review, save where there is a legal obligation to preserve these.

These documents will be superseded by the final report on publication, which will form the public record of this review.

Ancillary

Ancillary documents are all those that are not core to our function, such as team administration and reference information.

There is no requirement to store these documents and they should be deleted when they are no longer required.