Under the General Data Protection Regulation 2016 (GDPR) and Data Protection Act 2018 (DPA) Bassetlaw District Council, Queen’s Building, Potter Street, Worksop, Notts, S80 2AH is a Data Controller for the information it holds about you. The Council would hold and process your information for the purpose of procurement through a lawful basis of; collecting contractual information before we enter into a contract with you, and your consent.
Information we collect about you
We MAY collect the following information to meet our obligations:
- Work contact information such as Job Title, Address, Email, and Telephone Number
- If you are a Sole Trader, your Unique Tax Reference (UTR) number
- If you are trading from your home address, your Home Address.
- Personal CV’s which would include qualifications, skills, and employment history etc.
- Information which is relevant to Staff personal information as and when required i.e. employment terms and conditions, salaries/wages, and disciplinary etc
Use of your personal data
We are collecting your personal data for the following purposes:
- The evaluation of tenders/quotations and awarding of contracts for goods, services or works, including small businesses and independent traders
- Conducting procurement activities and quotations
- Business related activities
- Contact management activities
- Reporting and financial activities
- Responding to queries
- Financial and business checks
- Maintaining a Contacts Register
- Statistical analysis and reporting
- Prevention and/or detection of crime or fraud.
We have a legal obligation under various UK legislation including but not limited to:
- Local Government Act
- Public Contracts Regulations 2015
- Localism Act 2011
- Public Services (Social Value) Act 2012
- Bribery Act 2010
Sharing of your personal data
We MAY share your information with the following third parties for the reasons detailed above:
- Internal Council Departments i.e. Legal or Finance
- Other Public Authorities and partners i.e. Nottingham City Council
- ‘EastMidsTenders’ Website
- External partners that help us to deliver services
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
Keeping your personal data
We will keep your personal data in accordance with our retention schedule, unless you explicitly request it to be removed under GDPR information rights. This right to have your data removed is not an absolute right, for example, we will need to retain your data if this information forms part of a legal requirement, public registry or an existing contract.
We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.
View the most recent copy of the Retention Schedule. The Retention Schedule is a Live Document and as such, is updated regularly. Read our policy and guidelines that govern how we manage our Retention Schedule.
Protecting your personal data
We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the personal information that we hold.
We do not currently transfer your data to any third country or international organisation.
Research and statistics
Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.
There are a number of rights that you may exercise depending on the legal basis for processing your personal data. In most cases, these rights are not absolute and there may be compelling or overriding legal reasons why we cannot meet these rights in full. This will be explained to you in more detail should you contact us for any of the reasons detailed below:
- Request a copy of the personal information the council holds about you
- To have any inaccuracies corrected
- To have your personal data erased
- To place a restriction on the council’s processing of your data
- To object to processing and
- To request your data to be ported (data portability)
- To object to any automated decision making including profiling and the right to ask for any automated decision making to be reviewed by a human
Where the processing of your personal data is based on your consent, in most circumstances, you have the right to withdraw that consent at any time and we will act on your instructions.
For more information about how the Council may use your data and to learn more about your rights please see the Council’s Privacy Statement at www.bassetlaw.gov.uk/privacy
If you have any concerns or questions about how your personal data is processed, please contact the Council’s Data Protection Officer at the above address or by email to DataProtectionOfficer@bassetlaw.gov.uk. If you are dissatisfied, you can then make a complaint to the Chief Executive under stage 1 of the Council’s complaints procedure. Should you wish to pursue this further, please send your reasons in writing to the Council’s Chief Executive Officer here at Queen’s Buildings. If you remain dissatisfied with the Council’s response, you can complain to the Information Commissioner's Office in writing to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone 0303 123 1113 (local rate) or 01625 545 745.
Last Updated on Monday, May 18, 2020