This privacy notice provides you with general information about how we collect and use your information in the delivery of council services.
Who we are
Wellingore Parish Council is a public authority and is known as the "Controller" of the information that we collect about you. You can view the registration on the Information Commissioner’s Office website.
Our postal address is:
189 Belton Lane
Telephone: 01476 516366
Data Protection Officer's contact details
You can contact our Data Protection Officer at email@example.com
You can also write using the postal address above. Please mark the envelope FAO: Data Protection Officer.
The information we collect about you is split into two categories that are determined by the definitions set out in law.
Personal data is information that identifies and relates to you, this may include:
• name, address, date of birth and other contact information
• unique identification numbers
• details of your social and/or economic status
• location data
• online identifiers (for example an IP address)
Why we collect information about you
Wellingore Parish Council collects and uses your information to help deliver public services. These services are split into the following categories:
• Responsibilities of the Parish Council
• Grass Cutting
• Village Maintenance
We process your information for the following purposes:
• for the service you requested, and to monitor and improve our performance in responding to your request
• to ensure that we meet our legal obligations and to exercise our statutory powers in the public interest
• to conduct public consultations and engagement
• where necessary for law enforcement functions
• where necessary to protect individuals from harm or injury
• to support effective decision making and improve efficiency of services
• for the purposes of public and staff safety and crime prevention and detection
We will only collect the information that we need to deliver services to you and as far as is reasonable and practicable we will ensure that your information is accurate and kept up to date.
Lawful bases for processing information about you
We must ensure that we have a lawful basis to collect and use your information. The lawful bases the council relies on vary depending on our involvement with you. They are:
• compliance with a legal obligation as required by UK or EU law to process for a specific purpose
• performance of a public task in the public interest or an official function which has a clear basis in law
• performance of a contract for the supply of goods or services
• with your consent, where there is documented evidence of that consent
• pursuit of a legitimate interest, of the council or a third party
• to protect a person’s vital interests (for example, to protect someone’s life)
If the information you provide us contains special category data, this requires a further lawful basis to those listed above. In relation to the council’s processing activities these are:
• for reasons of substantial public interest
• to establish, exercise of defend legal claims
• for preventative and occupational medicine and the assessment of the working capacity of an employee
• provision of health and social care treatment or the management of health and social care systems
• carrying out obligations and exercising specific rights in the field of employment and social security and social protection law
• with your explicit consent
• to protect an individual’s vital interests
• processing personal data which are manifestly made public by you
How we may collect your information
Your information is collected in several ways:
• directly from you when you contact the council or sign up to a service. This includes face to face contact, telephone calls, and emails
• provided by members of the public
• provided by another organisation involved in the provision of services such as healthcare, social and welfare organisations, and law enforcement agencies
• provided by another organisation to allow the research and intelligence necessary to perform our statutory functions
• provided by government bodies such as the Department of Work and Pensions and Her Majesty’s Revenue and Customs
Who we may share your information with
The type of service you receive will inform who we share your information with. Where necessary we may share your information with the following categories of recipients:
• healthcare, social and welfare organisations and professionals
• providers of goods and services
• financial organisations, including debt collection, tracing and credit referencing agencies
• elected members
• local and central government
• ombudsman and regulatory authorities
• professional advisors, consultants and contractors
• police forces, other law enforcement and prosecuting authorities
• voluntary and charitable organisations
• Disclosure and Barring Service
• courts and tribunals
• utilities providers
How long we hold your information for
We are required to retain your information for as long as is necessary, after which it will be securely destroyed.
Retention periods can differ and will depend on various criteria including the purpose of processing, regulatory and legal requirements, and internal organisational need.
We have retention schedules in place that set out in detail how long information will be held for.
How we protect your information
We operate an information security management system which helps to protect your information. We do this by putting in place technical and organisational security measures designed to reduce the risk to your information through loss, theft, and unauthorised access.
The information security management system is subject to constant review and independently audited.
All staff are required to undertake regular data protection training and must comply with a variety of policies designed to keep your information secure.
Where your information is held
We may process your information in both digital and hard copy format. Primarily your information will be held within the United Kingdom but in some limited circumstances it may be transferred overseas using web services that are hosted outside of the European economic area. Where this is the case we will ensure that adequate and appropriate safeguards are in place to protect your information overseas.
Your information rights
You have several rights in relation to the information that the council holds about you:
Access - You have the right to ask us for copies of your personal information.
Rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Erasure - You have the right to ask us to erase your personal information in certain circumstances.
Restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
Object to processing - You have the right to object to the processing of your personal data in certain circumstances.
Data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
Automated decisions and profiling – You have the right to prevent your information being processed and decisions being made about you solely by automated means (without any human involvement)
To view more information about your rights and when these might apply visit the Information Commissioner's website.
View our data protection information for more details about how to make a request to exercise your information rights.
Information Commissioner's Office
You have the right to complain to the Information Commissioner’s Office (ICO) if you are not satisfied with the way that the council has handled your information.
The ICO is an independent body set up to uphold information rights in the United Kingdom. They can also provide advice and guidance and can be contacted through the Information Commisioner's website, via their helpline on 0303 123 1113 or in writing to:
Information Commissioner’s Office