Council tax privacy notice - Privacy notices

What personal information do we collect?

We collect and process a range of information about you. This can include

  • your name and address
  • contact details, including email address and telephone number ( you do not have to provide this, but it may make it easier to resolve any issues)
  • financial information such as bank details (if you choose to pay by direct debit)
  • your national insurance number
  • date of birth (of people in your household who are approaching the age of 18 and may affect your Council Tax liability)
  • your marital status and who you live with
  • your gender
  • your employment status and information about your employment
  • health data (if you claim a disability band reduction) We collect this information in a variety of ways. For example, it may be supplied by you when filling out a form or calling our customer services department.
Why do we process personal data?
We have a legal obligation to process information for council tax purposes. Council tax billing, collection and enforcement processes are supported by legislation laid down by the Government. We are legally required to process this information and to impose penalties if information is not provided, incomplete or knowingly incorrect. We also collect and use your contact details to communicate with you about your account, including providing access to an e-billing service. This is not a legal requirement and is done with your consent.
Who has access to your personal data?

Where necessary your information will be shared with the parties set out below for the purposes stated above.

  • Commissioned partners including Northgate
  • Valuation Office Agency
  • HM Courts and Tribunals Service
  • Cabinet Office (National Fraud Initiative)
  • HM Revenue & Customs
  • Department for Work & Pensions (DWP), Enforcement Agents and employers (to recover unpaid Council Tax)
  • Other council departments
  • The Police - for the prevention and detection of crime We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

We do not allow our processors to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions and data protection laws. They are also obliged to implement appropriate technical and organisational measures to ensure the security of data. We will not transfer your data to countries outside the European Economic Area.

How do we protect personal data?
We take the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. Data will only be processed by members of staff authorised by us for this purpose. Access to our systems is limited to members of the Customer Service and Council Tax teams whose job role requires access to the personal data.
How long do we keep your personal data?
We will keep all records relating to Council Tax for as long as you have an ongoing liability with us. Even if you have moved away and do not owe us any money, we will keep details of the property or properties and dates for which you were liable for Council Tax. This is in case there is a change to the Council Tax Band of the property. Council Tax re-banding can be backdated back to 1 April 1993 and the band can increase or decrease.
Your rights

As a data subject, you have a number of rights, including access to your data. A request for access can be made via our website or by sending an email to

Data Protection Subject Access Request(SAR) | Introduction – Runnymede Borough Council

To find out more about your rights please see the ‘Your Rights’ section of our main privacy statement

If you believe that Runnymede Borough Council has not complied with your data protection rights, you should initially try to resolve it with the relevant department.

If you are unable to resolve the issue to your satisfaction contact our Data Protection Officer (DPO) who will investigate. If you remain dissatisfied with the outcome of the DPO’s review you can make a complaint to the Information Commissioner. You can find out further information on making a complaint to the Information Commissioner on their website Information Commissioner's Office (ICO)