Moon Beever Logo


Often in the context of a TUPE transfer, the outgoing provider or contractor may be deliberately un-cooperative. One of the ways that this happens is that they may say that they are unable to provide employee information, because to do so is a breach of the Data Protection Act (DPA).

The Information Commissioner's Office (ICO) has now published useful guidance on the issue.

Since TUPE requires that employee liability information is provided, the DPA permits the disclosure because it is required by law.

However, both parties must still comply with general data protection principles when handling such information. This means that the information must be anonymous or obvious identifiers removed.

Alternatively appropriate safeguards should be put in place such as an undertaking to only use the information in connection with the transfer and that the information will be returned or destroyed if the transfer does not proceed.

A copy of the full guidance can be foundĀ here. It should also be remembered that not all transfers are TUPE transfers so there may still be DPA issues, where a business is acquired by (say) a share transfer.

Sarah Rushton (

This is intended for general information only and should not be considered as giving advice in relation to any individual case nor be taken as applying to any particular case. No liability is accepted for any such use of the information.


Standout firm known for its personal insolvency work for clients including private companies, individuals and governmental institutions. Frequently acts for insolvency practitioners, assisting with the realisation of assets, both in the UK and abroad.

Chambers and Partners

Contact Us

Our office locations can be found here and individual staff profiles here together with full address and contact details. 

For non-urgent enquiries by email, please complete the contact form below and we will respond as soon as possible.