Legal services privacy notice - Privacy notices

What personal information do we collect?

We process a range of information about you. This includes

  • your name, address and contact details, including email address and telephone number
  • date of birth
  • your criminal record
  • financial information
  • health information
  • details of your relationships with other individuals We process this information in a variety of ways. For example, data is provided to us by other council departments who seek our advice and representation or via a third party such as the court or a solicitor.
Why do we process personal data?

Some of the information that you provide to the Council is passed to our service so that we can provide the Council with legal advice and representation. Processing personal data is necessary to ensure we can provide that service. Depending on the nature of the issue, processing your personal data will come under one of the following legal bases

  •  We need it to comply with a legal obligation
  • We need it to perform a task in the public interest
  • We need it to fulfil our contractual obligations
Who has access to your personal data?

Where necessary your information will be shared with the parties set out below for the purposes stated above.

  • Central Government Agencies (e.g. Home Office, DCLG, etc)
  • Other Public Bodies (e.g. Land Registry)
  • Health Agencies (including GPs)
  • Police & Judicial Agencies (e.g. Courts)
  • Other Local Authorities
  • Legal representatives of other parties
  • External Legal advisors to the Council - Solicitors and Barristers' and their admin support colleagues
  • Experts appointed to assist the Council, either directly or as joint Experts (e.g. Surveyors)
  • Insurers and Auditors
  • Elected Members of the Council We will not routinely transfer your data to countries outside the European Economic Area.
How do we protect personal data?
We take the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. Data will only be processed by members of staff authorised by us for this purpose. Access to our systems is limited to members of the legal team whose job role requires access to the personal data.
How long do we keep your personal data?

We process many different types of personal data and we hold it for as long as necessary for the purposes stated.

In some cases, for example if defending a legal claim, prosecuting or exercising our Statutory / Governmental or Public duty in another way, this may mean we retain it for a minimum of six years.

In other cases, for example contracts entered into under deed or property deeds, this may mean we retain it for a minimum of twelve years.

Your rights

As a data subject, you have a number of rights, including access to your data. A request for access can be made via our website or by sending an email to foi@runnymede.gov.uk

Data Protection Subject Access Request(SAR) | Introduction – Runnymede Borough Council

To find out more about your rights please see the ‘Your Rights’ section of our main privacy statement

If you believe that Runnymede Borough Council has not complied with your data protection rights, you should initially try to resolve it with the relevant department.

If you are unable to resolve the issue to your satisfaction contact our Data Protection Officer (DPO) who will investigate. If you remain dissatisfied with the outcome of the DPO’s review you can make a complaint to the Information Commissioner. You can find out further information on making a complaint to the Information Commissioner on their website Information Commissioner's Office (ICO)