Building control privacy notice

What personal information do we collect?

We receive and process a range of personal data. This may include

  • your name, address, signature and contact details, including email address and telephone number
  • information provided to us in your submissions
  • financial information such as payment details
  • information about medical or health conditions, including whether or not you have a disability where relevant to your building regulation application.

The organisation collects this information in a variety of ways. For example, it is supplied to us directly (or via your agent on their behalf) or we receive it from a third party website that provides a transaction service e.g. the planning or other electronic portal

Why do we process personal data?

Processing your information is necessary to enable the building control section to perform their duties administering building regulation applications and in the exercise of our official authority. For example to; making decisions and providing advice on building regulation applications.

  • to undertake site inspections
  • to undertake enforcement action
  • maintain registers of works undertaken
  • responding to allegations of unauthorised works Some information provided to us, we are obliged under the regulations to make available on building regulation registers.

This is a permanent record of building regulation related works that form.

Who has access to your personal data?

The register of building regulation applications is available via the council offices and may in future be on the council website for the public to view (in the same way as the planning register). We operate a policy where we routinely redact the following details before making forms, documents, letters, reports available online:

  • personal contact details - e.g. telephone numbers, email addresses
  • signatures
  • special Category Data - e.g. supporting statements that include information about health conditions and information agreed to be confidential.
  • financial Information.

Sometimes we might decide it is necessary, justified and lawful to disclose data that appears in the list above. In these circumstances we will discuss this with you. If you are submitting supporting information which you would like to be treated confidentially or wish to be specifically withheld from the public register, please let us know as soon as you can - ideally in advance of submitting the application. The best way to contact us about this issue is

Where necessary for the purposes stated your information will be shared with the parties set out.

  • other council departments, including
  • internal consultees
  • Consultees
  • engineering/ plan checking consultants
  • legal advisors. We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

We do not allow our data processors to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions and data protection laws. They are also obliged to implement appropriate technical and organisational measures to ensure the security of data. We will not transfer your data to countries outside the European Economic Area.

How do we protect personal data?

The organisation takes the security of your data seriously. The organisation has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its authorised employees or individuals working on behalf of the Council in the performance of their duties.

How long do we keep your personal data?

How long we keep information will depend on the specific reason we are processing the data. We will keep your data for as long as necessary for the purpose it was provided or to comply with the law Some information will be kept longer to understand decisions that have been made.

Your rights

As a data subject, you have a number of rights. You can

  • access and obtain a copy of your data on request (known as a subject access request)
  • require us to change incorrect or incomplete data
  • ask us to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing. Where possible we will seek to comply with your request, but we may be required to hold or process information to comply with a legal requirement.
  • object to the processing of your personal data in certain circumstances.

We may still be required to hold or process information if there are legitimate grounds for doing so.