- > Privacy Statement and Fair Processing Notice
Privacy Statement and Fair Processing Notice
Your personal data
In order to meet its responsibilities as a local authority, Runnymede Borough Council collects, holds and processes considerable amounts of information. Where this involves your personal data, that is information that identifies you such as your name and address, then the Council must comply with the requirements of the Data Protection Act 1998. Where this involves sensitive personal data, information about you of a private nature such as the state of your health, the Act imposes additional requirements.
Using your Personal Data
The Council will only use your personal information when it has a legitimate basis for doing so and will process it in a fair and lawful way. The Council may use your personal information for the purpose for which you provided it and other compatible purposes. We will process your personal data only where it is necessary to do so and in a proportionate way, including in the following circumstances:
- To allow the Council to be able to communicate with you and provide services that are appropriate for your needs.
- To plan, monitor and improve the performance of those services.
- Where the Council exercises its enforcement functions, for instance licensing and planning enforcement.
- When undertaking legal proceedings, including prosecutions by the Council.
- To process financial transactions such as payments and benefits, including where the Council is acting on behalf of other government bodies e.g. Department for Work and Pensions.
- To prevent and detect fraud and other crimes.
- In order to protect individuals from harm or injury.
- To ensure that the Council fulfils its duties under the general law including those imposed under the Equalities Act 2010 and the Health and Safety Acts.
How we take care of your personal data
We ensure that all your personal information is securely and safely held, whether it is stored electronically or in hardcopy. The Council is moving to maximize its use of electronic, rather than paper, records. We have controls in place when storing and transferring information so it is protected and any risks associated with inappropriate disclosure are minimized. We manage information through its lifecycle, so that only the personal data relevant for the particular purpose is collected. We take steps to ensure that the data we input is accurate and where necessary it is updated, including where its accuracy is challenged. We ensure that your information is not kept longer than is necessary for our purposes. That is, not beyond the business need or what the law may require, in accordance with our retention policy. Redundant data is permanently deleted or disposed of securely. Our staff are trained to handle personal information in the proper way. A failure to take proper care or misuse of information by staff may be treated as a disciplinary matter.
Sharing your Personal Data
In most cases, only our staff will use your personal data, which we are under a general duty not to disclose. However, there are some occasions when the Council will share your information with other organisations or make it publicly available:
- Where we share your sensitive personal data, such as your health information, we will normally need your permission, which we may request when the information is originally obtained.
- When we provide, for instance, a support service to an individual we may share personal information with another agency or provider to ensure the appropriate service is delivered.
- The Police and other agencies may request personal information necessary for the purposes of investigating or preventing crimes or prosecuting offenders and the Council will accede to these requests under an exception to non-disclosure.
- We may approach other organisations to pro-actively share personal information if we believe it is necessary to prevent a crime, for instance to stop a vulnerable person from being abused.
- For data matching purposes, we may share your personal data with other bodies responsible for auditing or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.
- The Council participates in the statutory National Fraud Initiative which is a data matching* exercise with other public bodies run by the Cabinet Office for the purposes of preventing and detecting fraud.
- Information collected for public registers, such as planning or licensing applications, must be published by us or made available on request.
Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerized data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.
Your rights and requests about the information we hold
If you discover any inaccuracies in your personal data you have the right to request that they are corrected free of charge. Please notify us in writing, explaining what you consider is incorrect and what it should be replaced with and including enough information to identify yourself. You have a right to request access to the personal data that we may hold about you. You should make such Subject Access Request in writing to the Freedom of Information Officer with the fee of £10.00 and proof of identity. For further details see the Freedom of Information page.
Questions and further information
If you have any questions or communications about this statement you can write or contact us at: email@example.com
Further information about data protection and privacy matters can be found on the Information Commissioner's website.