- What personal information do we collect?
-
What information do we collect? We collect and process a range of information about you. This includes
- your name, address and contact details, including email address and telephone number, date of birth and gender
- financial information such as bank details and transactional data including payments to and from you
- information relating to your property
- your preferences in receiving marketing from us and our third parties and your communication preferences.
In addition, if you are a tenant or prospective tenant we collect the following information
- information about medical or health conditions, including if you have a disability
- employment details, including your national insurance number
- information about your marital status, next of kin and their emergency contact details; We collect this information in a variety of ways. For example, data is collected through application forms and correspondence with you.
- Why do we process personal data?
-
We need to process data for the performance of a contract with you. For example, we need to process your data to provide you with tenancy management services or a Rent Deposit Scheme, or in order to take steps at your request, prior to entering into a contract for these services. Furthermore, where you have been referred to us via housing options we have a legal duty to assist you under homelessness legislation. In other cases, we require your consent to process your information. For example, we would like to provide marketing material for our other services which may be of interest to you. However we will always ask for your consent for this and give you the opportunity to withdraw consent at any time.
- Who has access to your personal data?
-
Your information may be shared with the parties set out below for the purposes stated above.
- Commissioned partners
- District/Borough Councils
- Other departments within Runnymede Borough Council
- Housing Associations
- Health Agencies
- Education Funding Agency
- Other public bodies and government agencies We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions and data protection laws. They are also obliged to implement appropriate technical and organisational measures to ensure the security of data. We will not transfer your data to countries outside the European Economic Area.
- How do we protect personal data?
-
We take the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. Data will only be processed by members of staff authorised by us for this purpose. Access to our systems is limited to authorised members of the housing team whose job role requires access to the personal data.
- How long do we keep your personal data?
-
We will hold your personal data for the duration of the tenancy agreement and will keep the information for 6 years after end of tenancy unless there is a debt registered.
- Your rights
-
As a data subject, you have a number of rights, including access to your data. A request for access can be made via our website or by sending an email to foi@runnymede.gov.uk
Data Protection Subject Access Request(SAR) | Introduction – Runnymede Borough Council
To find out more about your rights please see the ‘Your Rights’ section of our main privacy statement
If you believe that Runnymede Borough Council has not complied with your data protection rights, you should initially try to resolve it with the relevant department.
If you are unable to resolve the issue to your satisfaction contact our Data Protection Officer (DPO) who will investigate. If you remain dissatisfied with the outcome of the DPO’s review you can make a complaint to the Information Commissioner. You can find out further information on making a complaint to the Information Commissioner on their website Information Commissioner's Office (ICO)