Under the General Data Protection Regulation 2016 (GDPR) and Data Protection Act 2018 (DPA) Bassetlaw District Council, Queen’s Building, Potter Street, Worksop, Notts, S80 2AH is a Data Controller for the information it holds about you. This notice provides details of how the Council's ICT department collects and uses information about you. The Council has a lawful basis for collecting and processing personal information about you for the purpose of ICT Services under Public Task, Contract (Staff), Consent (web analytics – cookies) and Legitimate Interest.
Information we collect about you
We MAY collect the following information as part of our purpose under ICT Services:
- Contact number
- Social media account
- Details of the type of computer or mobile phone, web browser or operating system used
- Location (based on IP address)
- Web pages viewed and search terms used on our website
How we collect information about you:
We collect information about you via the following methods:
- Website visits
Use of your personal data
We are collecting your personal data for the following purposes:
- To respond to customer queries
- To manage staff IT accounts
- Analyse web statistics
- Improve our online services
- For the prevention and detection of crime or fraud
Sharing of your personal data
We MAY share your information with the following third parties for the reasons detailed above:
- Other Council Departments such as Customer Services to assist with enquires and to share feedback
- Other councils such as Nottinghamshire County Council
- Third party organisations such as Google
- Our service providers
We MAY be required to disclose information about you in other specific situations such as:
- Where we are required to disclose information by law
- When disclosing the information is required to prevent or detect crime
- When disclosure is in the vital interests of the person concerned
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
Keeping your personal data
We will keep your personal data in accordance with our retention schedule, unless you explicitly request it to be removed under GDPR information rights. This right to have your data removed is not an absolute right, for example, we will need to retain your data if this information forms part of a legal requirement, public registry or an existing contract.
We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.
View the most recent copy of the Retention Schedule. The Retention Schedule is a Live Document and as such, is updated regularly. Read our policy and guidelines that govern how we manage our Retention Schedule.
Protecting your personal data
We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the personal information that we hold.
We do not currently transfer your data to any third country or international organisation.
Research and statistics
Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.
There are a number of rights that you may exercise depending on the legal basis for processing your personal data. In most cases, these rights are not absolute and there may be compelling or overriding legal reasons why we cannot meet these rights in full. This will be explained to you in more detail should you contact us for any of the reasons detailed below:
- Request a copy of the personal information the council holds about you
- To have any inaccuracies corrected
- To have your personal data erased
- To place a restriction on the council’s processing of your data
- To object to processing and
- To request your data to be ported (data portability)
- To object to any automated decision making including profiling and the right to ask for any automated decision making to be reviewed by a human
Where the processing of your personal data is based on your consent, in most circumstances, you have the right to withdraw that consent at any time and we will act on your instructions.
For more information about how the Council may use your data and to learn more about your rights please see the Council’s Privacy Statement.
If you have any concerns or questions about how your personal data is processed, please contact the Council’s Data Protection Officer at the above address or by email to DataProtectionOfficer@bassetlaw.gov.uk. If you are dissatisfied, you can then make a complaint to the Chief Executive under stage 1 of the Council’s complaints procedure. Should you wish to pursue this further, please send your reasons in writing to the Council’s Chief Executive Officer here at Queen’s Buildings. If you remain dissatisfied with the Council’s response, you can complain to the Information Commissioner's Office in writing to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone 0303 123 1113 (local rate) or 01625 545 745.
Last Updated on Tuesday, August 3, 2021