How we use information about you

We have a legal requirement to make sure you know what we intend to do with your information and who it will be shared with.

Further information

In order to provide you with the service you require, there may be occasions when your information is shared with those who carry out work on our behalf.

Sometimes we may need to ask other agencies or organisations for relevant information about you to fulfil our legal responsibilities or to provide services.

We may pass your information to other agencies or organisations as allowed or required by law, for example to enable them to carry out their statutory duties or where it is necessary to prevent harm to yourself or other individuals.

We have a duty to:

  • keep sufficient information to provide services and fulfil our legal responsibilities
  • keep your records secure and accurate
  • only keep your information as long as is required
  • collect, store and use the information you provide in a manner that is compatible with the General Data Protection Regulation

We will always try and keep your personal data secure, whether it is held on paper or electronically. Our privacy statement sets out our commitment to you when you access our services via the internet.

Things you can do to help us:

  • make sure we have identified you correctly by letting us know when you change address or name
  • tell us if any of your information we hold is wrong
  • permit us to share as much information about you as we need to.

You have a right to see information about you and can request access to your own information.

What is personal data?

Personal data is basic details such as name, address, telephone number, and date of birth, or notes and comments made about a person, and information held about that person in files. This can include but is not limited to written correspondence, emails, photographs, audio recordings and video recordings.

Information classed as sensitive personal data include details of racial or ethnic origin, religious beliefs and criminal record. 

You usually need to give us consent for us to hold sensitive data. We will always try and tell you why and how the information will be used.

Why we collect and store personal data

For some of our services, we need to collect personal data so we can get in touch, or provide the service. We always try to make sure the information we collect is correct and isn't an invasion of your privacy.

Where we do not directly provide the service, we may need to pass your personal data onto the people who do. These providers are obliged to keep your details safe and secure, and use them only to fulfil your request. If we wish to pass your sensitive personal data onto a third party, we will usually only do so once we have obtained your consent, unless we are legally required to do so.

Using your personal data

We will use the information you provide for the following purposes:

  • Provision of council services.
  • Regulatory, licensing and enforcement functions, which we are obliged to undertake.
  • All financial transactions to and from us, including payments, grants and benefits. (Where monies are due or outstanding we reserve the right to use all the available information at its disposal to protect public funds. This may include, but not be limited to, matching council tax data with electoral registration records)
  • Where you have agreed for the purpose of consulting, informing and gauging your opinion about our products and services.
  • To ensure we meet our statutory obligations, including those related to diversity and equal opportunity.
  • To carry out research (using anonymised or pseudonymised data where possible) to evaluate new approaches, monitor effectiveness of existing services and deliver improved services to you. It will also be used to help us understand which services you use and how often you use them.

Joined-up services: sharing personal data

We want to be able to provide appropriate, timely and effective services - it is important to us that we co-ordinate what we do for you properly. To do this, we share basic information such as name and address between services within the council. This is so that we can keep our information on you as up-to-date as possible and so that we can improve our services to you. For example, if you tell the housing team you have moved, they will pass this information on to other parts of the council – such as council tax.

Even though our systems are joined-up, we ensure that staff within the council can only access the information they need to do their job. In addition, we have a duty to protect the public funds we administer and so may use the information we hold to prevent and detect fraud and any other legally required purposes.

We do have specific data sharing agreements in place with local agencies and sometimes the law requires that we may have to pass your details on to a third party – to prevent crime for example.

National Fraud Initiative (NFI)

We take part in the Cabinet Office's National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office for matching for each exercise, as details on the link below:

The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under the Data Protection Act 1998. You can view further information on the link below:

The NFI is the Cabinet Office's data matching exercise that tackles a broad range of fraud risks faced by the public sector. Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified, such as claims for council tax single occupier discount. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out. We have a statutory duty to provide this data.

Sharing health data and NHS numbers

We are working more closely in partnership with health (doctors, hospitals etc.) as health and social care services become more joined up. The Government says that we must share your NHS number with each other and we must follow the Caldicott Principles. Our Caldicott Guardian is Tracie Rees, Director of Care Services and Commissioning. Find out more about how we use your NHS number.

When we work closely with our health partners on things such as the Better Care Together Programme, we will try, wherever possible, to do so with your consent. Social Workers will share data with health professionals as part of your care team. Sometimes we may need to share without telling you for legal reasons, or when it is in your vital interest.

All local authorities have a duty to improve the health of the population they serve. To help with this, we use data and information from a range of sources including hospitals to understand more about the nature and causes of disease and ill-health in the area. We also process the Office for National Statistics (ONS) births and deaths data for public health reasons.

We may introduce new technologies that capture and store personal data e.g. biometric scanners, body worn video cameras etc. A Privacy Impact Assessment will be carried out when such technologies, or new systems that capture personal data, are introduced by us.

We have also signed up to the national information sharing protocol for the use of Child Protection Information Sharing (CP-IS) with the NHS.

We will use the internet to communicate with the public and promote public participation. Through our social media accounts and website, we will post photos, videos, and sound recordings of our work and events, which may sometimes include personal data. If you are ever unhappy about being included in any of these publications, please contact us.

Please remember though, we won't sell or give your information to any third party for marketing purposes unless we have asked your permission.

Registration and authentication

We may, in the future, require you to register and be authenticated with us in order for you to access extra services. the information will not be used for sending you newsletters or other promotions unless stated.

How we accept your data

Sometimes someone may call us on your behalf e.g. your neighbour may call to report a leak, or your son or daughter may ring in for you if you're not well. We will accept calls in good faith and record information we are told about on your record. If we need to send a staff member out to investigate or fix anything, we will.

Sometimes however we find the calls were a hoax or misleading. We are very sorry if this happens, but do not wish to put bureaucracy in the way of services by refusing to act in good faith, especially in an emergency (such as a leak).

Although we may take calls about you or your account, we will not talk about you or your account with anyone but yourself, unless you have given us permission to do so.

If you suspect someone who was unauthorised has called us and put information on your record that is not correct, please contact us immediately and we will investigate.

Organisations we share data with

We have a list of the information sharing agreements we currently have in place with our partner organisations which is attached below:

Monitoring communications

We reserve the right to monitor and record all communications, including email, instant messaging, telecoms usage and Internet use. 

This means that that communications you have with us (including any phone calls you make to us, emails you send or online transactions you do to pay for things) may be subject to monitoring and recording. 

We will only do this for purposes permitted by the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 or the Regulation of Investigatory Powers Act 2000 in order to prevent or detect a crime, or investigate or detect the unauthorised use of a service.