External Projects and Climate Change - Privacy notices

What personal information do we collect?

We process a range of information, which may include:

  • your name and address
  • contact details, including email address and telephone number
  • date of birth
  • bank account details
  • health information on the occupants of the property
  • financial information - household income and any other scheme eligibility information
  • details about the property receiving the installations including size and cost
  • details about the expected energy, carbon and cost savings expected to be delivered by the installation, including pre- and post-installation where appropriate

We process this information in a variety of ways. For example, data is collected from our own records or via application forms and correspondence with you about grants and energy efficient schemes that you may be eligible for.

Why do we process personal data?

Processing your information is necessary for the performance of a task carried out in the public interest or in the exercise of our official authority. We have a public task to reduce the carbon footprint for example, to make you aware of grants and schemes available to improve the energy efficiency of low energy performing homes. We process your data for those purposes which includes the delivery, administration and evaluation of grants and energy efficiency schemes.

Who has access to your personal data?

Your information may be shared with the parties set out below for the purposes stated above.

  • Delivery Partners appointed by the Council
  • Government Departments including Department of Business, Energy and Industrial Strategy (BEIS); Department of Work and Pensions (DWP) and other Government departments where necessary
  • Ofgem and delivery partners of central and Local Government home energy schemes such as the Energy Company Obligation
  • Your own energy suppliers
  • Non-profit and voluntary sector agencies
  • Other departments or sections of Runnymede Borough Council and Council Committees

We may also need to contact any of the above to check information provided by you, or information about you provided by a third party with other information we hold.

We may also get information from third parties or give information to them to check the accuracy of information, to prevent or detect crime, or to protect public funds.

Where we need to disclose sensitive information such as medical details to a third party, we will only do so once we have obtained your explicit consent, or where we are legally required to or have another lawful basis to do so. We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions and with data protection law. They are also obliged to implement appropriate technical and organisational measures to ensure the security of data

The organisation will not routinely transfer your data to countries outside the European Economic Area.

How do we protect personal data?

We take the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.

Data will only be processed by members of staff authorised by the Data Controller for this purpose. Access to our systems is limited to authorised members of the External Projects and Climate Change team whose job role requires access to the personal data.

How long do we keep your personal data?

For personal data relating to grants and energy efficient schemes your data will be stored securely by us for a maximum period of 7 years following closure of a scheme.

Your rights

As a data subject, you have a number of rights, including access to your data. A request for access can be made via our website or by sending an email to foi@runnymede.gov.uk

Data Protection Subject Access Request(SAR) | Introduction – Runnymede Borough Council

To find out more about your rights please see the ‘Your Rights’ section of our main privacy statement

If you believe that Runnymede Borough Council has not complied with your data protection rights, you should initially try to resolve it with the relevant department.

If you are unable to resolve the issue to your satisfaction contact our Data Protection Officer (DPO) who will investigate. If you remain dissatisfied with the outcome of the DPO’s review you can make a complaint to the Information Commissioner. You can find out further information on making a complaint to the Information Commissioner on their website Information Commissioner's Office (ICO)

Submit a FOI request

Submit a subject access request

Report personal data published