Under the General Data Protection Regulation 2016 (GDPR) and Data Protection Act 2018 (DPA) Bassetlaw District Council, Queen’s Building, Potter Street, Worksop, Notts, S80 2AH is a Data Controller for the information it holds about you. This notice provides details of how the Council's leisure services collects and uses information about you. The Department will process your personal information to provide you with courses, events, services and activities of public interest within Bassetlaw. The Council has a lawful basis for collecting information about you for this purpose under Consent and Legitimate Interests.
Information we collect about you
We MAY collect the following information as part of our day-to-day activities or special events:
- Date of Birth
- Medical details
- GP details
- Relevant contact (Children)
The information you would need to provide would depend on the type of activity or event.
How we collect information about you
We collect information by the following means:
- Online i.e. our website and social media platforms
- Via email
- Over the telephone
- By paper correspondence
- In person (face-to-face)
Use of your personal data
We are collecting your personal data for the following purposes:
- To contact you about bookings or related events or courses
- To hold you or your child’s place in an activity, event or course
- To organise or administrate an activity, or event or course
- To maintain waiting lists for a certain activity, event or course
- To contact you regarding any of our services, activities, events or courses
- To protect your health and safety
- For the prevention and detection of crime or fraud
Sharing of your personal data
We MAY share your information with the following third parties for the reasons detailed above:
- Other Council Departments
- Other Council’s such as Nottinghamshire County Council
- Barnsley Premier Leisure
We MAY be required to disclose information about you in other specific situations such as:
- Where we are required to disclose information by law
- When disclosing the information is required to prevent or detect crime
- When disclosure is in the vital interests of the person concerned
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
Keeping your personal data
We will keep your personal data in accordance with our retention schedule, unless you explicitly request it to be removed under GDPR information rights. This right to have your data removed is not an absolute right, for example, we will need to retain your data if this information forms part of a legal requirement, public registry or an existing contract.
We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.
View the most recent copy of the Retention Schedule. The Retention Schedule is a Live Document and as such, is updated regularly. Read our policy and guidelines that govern how we manage our Retention Schedule.
Protecting your personal data
We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the personal information that we hold.
We do not currently transfer your data to any third country or international organisation.
Research and statistics
Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.
There are a number of rights that you may exercise depending on the legal basis for processing your personal data. In most cases, these rights are not absolute and there may be compelling or overriding legal reasons why we cannot meet these rights in full. This will be explained to you in more detail should you contact us for any of the reasons detailed below:
- Request a copy of the personal information the council holds about you
- To have any inaccuracies corrected
- To have your personal data erased
- To place a restriction on the council’s processing of your data
- To object to processing and
- To request your data to be ported (data portability)
- To object to any automated decision making including profiling and the right to ask for any automated decision making to be reviewed by a human
Where the processing of your personal data is based on your consent, in most circumstances, you have the right to withdraw that consent at any time and we will act on your instructions.
For more information about how the Council may use your data and to learn more about your rights please see the Council’s Privacy Statement at www.bassetlaw.gov.uk/privacy
If you have any concerns or questions about how your personal data is processed, please contact the Council’s Data Protection Officer at the above address or by email to DataProtectionOfficer@bassetlaw.gov.uk. If you are dissatisfied, you can then make a complaint to the Chief Executive under stage 1 of the Council’s complaints procedure. Should you wish to pursue this further, please send your reasons in writing to the Council’s Chief Executive Officer here at Queen’s Buildings. If you remain dissatisfied with the Council’s response, you can complain to the Information Commissioner's Office in writing to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone 0303 123 1113 (local rate) or 01625 545 745.
Last Updated on Friday, July 10, 2020