PRIVACY POLICY
Your personal data and privacy
We want you to know how we use any personal or ‘special’ personal data we collect from or about you. Here is our privacy notice that gives you the reasons we collect and use your information and details of how we keep your personal data safe.
When we collect, store, use or share your personal data Reigate & Banstead Borough Council is known as the data controller and we have a Data Protection Officer in post to make sure we are following the law. The Data Protection Officer can be contacted via data.protection@reigate-banstead.gov.uk.
You can contact our Data Protection Officer with any questions about how your personal data is held or any concerns about how your personal data is being used.
Collecting information from you
We need to collect and use information about people in order to perform a wide range of public functions such as providing you with services, and because of statutory (legal) requirements.
The bits of personal data we may collect include name, address, date of birth, home address, telephone numbers, private email address, emergency contacts, and bank details.
Some personal data is ‘special’ and we need to take extra care if we ever need to collect it from you to provide you with council services. The list of ‘special’ personal data is:-
- race
- ethnic origin
- politics
- religion
- trade union membership
- genetics
- biometrics (where used for ID purposes)
- health
- sex life
- sexual orientation.
Using your personal data
We will only collect the minimum amount of information we need from you. We will collect this personal data so that we can:-
- deliver your council services and anything we must do by law
- carry out our regulatory, licensing and enforcement roles as required by law
- make payments, grants and benefits
- spot and take action against fraud and other crimes
- listen to your ideas about council services so that we can plan
- train staff
- investigate any complaints you have about us
- tell you about council services.
We will not sell your data on to anybody ever.
Our legal basis for processing your personal data
The Local Government Acts and the Localism Act 2011 give the council its main powers to collect and use your data, but there are many more Acts that lay out the reasons why we may collect your data.
We will also collect and use your data under contract – for example if you ask us to provide pest control services.
Each service at the council will produce a privacy notice explaining the reasons and legal basis for collecting your data and those notices will appear as links on this page over time.
All this means there are very few times we actually collect and use your personal data only with your consent, but if we do collect by consent then you have a right to be forgotten and to stop us processing your personal data at any time. Just contact our Data Protection Officer with the details.
Sharing your data
We are allowed to share data about you with others for a range of reasons. These include when we have to share your data for legal reasons with the Police or the Immigration services. For example we take part in the National Fraud Initiative’s anti-fraud data matching exercise.
We have to share information with certain other public bodies such as the Department for Work and Pensions (DWP), HM Revenues and Customs (HMRC), courts, tribunals, other formal bodies dealing with legal processes or external regulatory bodies.
We may also use your personal information if it is in your vital interest, where your life is or could be in danger. This will not happen very often, if at all, but will help to identify and assist individuals: whose vital interests are threatened, and /or who need additional support during emergencies or major incidents, for example emergency evacuation.
We will share data about you between departments so that we can keep your details up-to-date and improve our service to you. Only members of staff who need to access relevant parts of your information will be allowed to do so. For example, when we hold your data in a database or other electronic format passwords and permissions will be used to restrict which members of staff can see or amend it.
If we use a third party to provide you with council services we will have to pass your details to them in order that they can provide the service. Where we have these arrangements there is always an agreement in place to make sure that the organisation complies with Data Protection Law.
Your data and your rights
You have a right to object to the processing of your personal information, to rectify, to restrict and to port your personal information.
You can ask to see what data we hold about you and ask to be sent a copy - this is called a Subject Access Request.
If you have provided consent to the council to process any of your data then you also have a right to withdraw that consent. Remember, most of the time we will not need your consent to process data as we will have to use your data for our legal duties.
Contact the Data Protection Officer (details above) if you have questions about any of your rights.
Things you can do to help us;
- Make sure that you tell us when any of your details change; and
- Let us know as soon as possible if any of the information we hold on you is wrong.
You can also contact the Information Commissioner’s Office (ICO), the UK’s independent body set up to uphold information rights:
- ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF ICO website 0303 123 1113.
Keeping your data
We will retain your personal information for as long as we have to provide a service to you or if the law sets a time that we need to keep it for. We have a Records and Retention Schedule which lists how long we keep classes of information.
Changes to this privacy notice
We will frequently be updating this privacy notice.