Your information rights

This page sets out how we manage your rights to information, transparency and privacy.

Your right to transparency

Public access to the information we hold

As a Public Authority, National Highways is subject to the provisions of the Freedom of Information Act 2000 (FOIA) and the Environmental Information Regulations 2004 (EIR).

This legislation obliges us to provide public access to the recorded information we hold, unless that information falls within the scope of an EIR exception, or FOIA exemption.

The Information Commissioner’s Office (ICO) regulates our transparency obligations. View the ICO guide to exemptions / exceptions to the public right of access

Disclosure log

View our disclosure log of recently released responses to FOIA/EIR requests.

Submitting an information request to us

You can request particular information from us by using this form.

If you're not satisfied with our response to your request for information you have the right to request an Internal Review of the way your request was handled and the information provided to you. Please see our FOIA / EIR complaints process guidance.

If you have any questions or concerns about your request, or would like any further advice about your rights to access our information, you can email the National Highways team responsible for handling information requests at: FOIAdvice@nationalhighways.co.uk 

Information we routinely publish on our website

National Highways Publication Scheme implements Section 19 of the FOIA. It sets out the categories of information we are committed to publishing and keeping up to date, and provides publicly accessible links to that information. This includes: 

  • Who we are and what we do
  • What we spend and how we spend it
  • What our priorities are and how we are doing
  • How we make decisions
  • Our policies and procedures
  • Lists and registers
  • The services we offer

Geo-spatial open data

Our open data site has been created to make our geographical data available to the public.

You can download up-to-date information in common formats or connect your geographical information system via an application programming interface (API).

This is all part of making our data more accessible, fit for purpose and helping us define the data our customers need.

If you’d like to find out more, please contact us at spatialportal@nationalhighways.co.uk.


Your right to privacy and protection of your personal data

National Highways is officially registered with the Information Commissioner’s Office (ICO) as a Data Controller. This means that we collect and use personal data about individuals, and that we make decisions about how we do this and why. Our ICO Data Controller registration reference is ZA107575.

Any information we may hold about you as an identified, or identifiable, individual is your personal data. If we hold your personal data you are classified as our Data Subject.

We collect information about our customers for a number of purposes which relate to our statutory function as a public authority managing the National Highways strategic roads network. This includes public safety and traffic management. We also provide information to the police to assist them in enforcing the law on our roads. 

The regulatory framework established by the General Data Protection Directive (GDPR) was subsequently enshrined in UK Law by the UK GDPR and the 2018 Data Protection Act. This legislation gives you a set of privacy rights which we must apply to any personal data we hold about you.

One of your privacy rights is the right to be informed. Our privacy notices provide our data subjects with information which they have a right to. This includes:

  • a description of the personal data being collected and stored
  • how and why we use it
  • who we share it with
  • our legal basis for doing so

Privacy notices also explain your other rights as our data subject.  This includes: the right to request access to the data we hold about you, and the rights to challenge its accuracy or our right to be holding it.

Please email our Data Protection Officer if you have any queries or concerns about the personal data we may hold about you or your rights in this regard.

Complaints and concerns about our handling of your rights to privacy and transparency

If you have a specific concern or complaint about our handling of your information rights this should first be raised with the relevant team at National Highways: 

•    For issues relating to your right to access to information we hold please contact: FOIAdvice@nationalhighways.co.uk. See also our FOIA / EIR complaints process guidance

•    For issues relating to our processing of your personal data please contact: dataprotectionadvice@nationalhighways.co.uk  

Appealing to the independent regulator for your information rights

Your information rights, and our obligations to respect them, are regulated by the Information Commissioner’s Office (ICO). The ICO website provides extensive advice and guidance about your rights and how to exercise them.

If you're not satisfied with the way we've responded to a concern or complaint you've raised with us, you have the right to make an appeal to the ICO by email to: casework@ico.org.uk 


Our information rights strategy

Our mission

National Highways is trusted by our customers and stakeholders to manage the safe and efficient operation of our road network and to develop safer, more intelligent, roads for the connected vehicles of the future.

We embrace information rights as an opportunity to build public trust in what we do and where we are going, and we demonstrate our respect for these rights across the business by default and by design.

We go beyond legal requirements to demonstrate a positive and ethical approach to our customers’ rights to privacy and transparency.

Our goal

Public Trust and Confidence in our Connected Roads Future.

We understand that our customers may be anxious about the safety of new technology applied to our roads and traffic management.

We therefore proactively inform, consult and educate our customers about our future plans, and we are ready and willing to provide data used as evidence for our decision-making.

Building trust increases the resilience of our future roads journey to public challenge, controversy and scrutiny.

We aim to stay “ahead of the game” by embracing a pro-active approach to our transparency and privacy obligations.

We improve our reputational resilience and build public and regulatory trust by going beyond the minimum required for regulatory compliance and adopting an ethical approach to privacy and transparency.

We aim to pre-empt and contribute to the adaptation of existing regulations to new technology by consulting with the regulator, and other industry stakeholders, and providing leadership with best practice models.

Our vision

Robust information rights guardrails 

We manage the information we hold and process to uphold our commitment to: 

  • The transparency rights of our customers and the public
  • The privacy rights of our data subjects 

We establish robust and recognised guardrails for the protection of these information rights as we embark on our third Roads Investment Strategy 2025 to 2030 (RIS 3).

Better informed customers

New technology will enable provision of targeted, timely and customer specific journey information, and this will improve both safety and journey times.

As customer service is increasingly personalised, we shall ensure this is matched by transparent protection of customers’ personal data and privacy rights.

Transparency by default

We proactively publish information about our forward-looking strategies to build intelligent infrastructure for increasingly connected and autonomous vehicles. This includes being open about the challenges and questions raised by such developments, and the data we rely on to inform our decision-making.

As we strive to meet our targets for improving customer safety, journey reliability and Net Zero, and advance the complexity and intelligence of our roads management systems, we also recognise the increased importance of keeping our customers informed about both technological developments and innovative uses of personal data.

Privacy by design

We consider and minimise privacy risks from design stage of any new technology being developed which will be used to process personal data.

Irrespective of the state and form of technology we use, we remain committed to upholding, and applying, the GDPR data protection principles.

Therefore, we ensure our processing of personal data is minimal, proportionate, accountable, secure, legal, and fair to data subjects.

Feedback