OneAccount privacy notice

What personal information do we collect?

We will ask you to provide the following data when you register for a OneAccount.

  • Title
  • First name
  • Last name
  • Email address
  • Address
  • Telephone number

Individual online services will ask for more specific information relating to the service you apply, pay or report for. Please refer to the service specific privacy policy included on instruction pages.

Alternatively, you can view all departmental privacy policies online.

View all privacy policies
 

Why do we process personal data?

We will use your information to:

  • Create an account when you register for OneAccount
  • Contact you about your OneAccount, such as if you have a incomplete registration, your account is dormant and we need to notify you that it will be closed and password resets etc
  • Send email notifications when you sign up to alerts
  • Display your next bin collection dates using the address registered to your OneAccount
  • Link to your Council Tax account if you request it to be linked to your OneAccount so you can access information regarding your council tax account
  • Link to your Benefits account if you request it to be linked to your OneAccount so you can access information regarding your benefits account
  • Analyse and report on the number of accounts (anonymised data)

Runnymede Borough Council complies with its obligations under the GDPR by keeping personal data up to date; by storing it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

Who has access to your personal data?

We do not share your OneAccount data with any other organisation.

Please refer to departmental privacy policies for personal data captured on individual online services. 
 

How do we protect personal data?

The council takes the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its authorised employees or individuals working on behalf of the council in the performance of their duties.

We protect data we collect online using the following security methods:

  • encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code, or what is called a 'cypher'. The hidden information is said to then be 'encrypted'
  • pseudonymisation, meaning that we will use a different name so we can hide parts of your personal information from view.
  • controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
  • training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong
     
How long do we keep your personal data?

There is often a legal reason for keeping your personal information for a set period, so we try to include all of these in our corporate Retention & Disposal schedule and they are often explained within each service-related Privacy Notice.

For each service, the schedule lists how long your information may be kept for. This ranges from months for some records to decades for more sensitive records.

Incomplete OneAccount registrations
If you have an unregistered account, we will write to you once to give you advice on how to complete your registration. If you do not complete the registration process within a month of the reminder, we will delete your email address and person information relating to your initial registration. 

Deleted OneAccount’s
If you decide to delete your OneAccount you can call 01932 838383 who will be able to verify your details and process the deletion of your OneAccount.  We will delete your account however any data collected relating to a service you have applied for, paid for or reported will be retained within the council’s systems in line with the service specific privacy policy and retention periods.
 

Your rights

The law gives you several rights to control what personal information is used by us and how it is used by us.

  • You can ask for access to the information we hold on you
  • You can ask to change information you think is inaccurate
  • You can ask to delete information (right to be forgotten)
  • You can ask us to limit what we use your personal data for
  • You can object to the way in the in which your personal data is used

If you have any queries about access to your information,contact dpo@runnymede.gov.uk.

Your right to complain
If you wish to complain about the way that your personal data has been handled by Runnymede Borough Council, you should write to the Data Protection Officer and clearly outline your case. Your complaint will then be investigated in accordance with our customer complaint procedure.
dpo@runnymede.gov.uk

If you remain dissatisfied with the way your personal data has been handled, you have the right to complain to the Information Commissioner’s Office at www.ICO.org.uk. You may refer the matter to the Information Commissioner’s Office whose contact details are below.

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Email: casework@ico.org.uk