The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 regulate the processing of information relating to individuals. This includes the obtaining, holding, use or disclosure of such information.
To make sure that we handle personal data lawfully and appropriately we must comply with the Act, and in particular the Data Protection Principles. These require that personal data must be:
- processed fairly, lawfully and transparently
- collected for specified, explicit and legitimate purposes
- adequate, relevant and necessary
- accurate and where necessary up to date
- kept in identifiable form for no longer than necessary
- processed securely
Your rights under the act
Your rights under the act are:
You have the right know whether your personal data is being processed and if so, the right to have a copy.
You have the right to have inaccurate personal data rectified without undue delay.
In certain circumstances you have the right to have your personal data erased or deleted.
In certain circumstances you have the right to restrict us from processing your information.
You have the right to receive the personal data which you have given us (the data controller) in a structured, commonly used and machine-readable format.
You have the right to object at any time to the processing of your personal data. We (the data controller) will no longer process your data unless we can show that there is a good reason to do so. This must override your interests, rights and freedoms, or be for our defence of legal claims.
Under the Act you have the right, subject to exemptions, not to be subject to a decision when it is based on automated processing.
Request to see your information
Please use the Subject Access Request Form.
A reply to a subject access request is normally made within one month. Proof of ID and any information needed to locate the information may be required.
Report incorrect data
You should write to us telling us what data is incorrect. We must respond to you within 21 days.
Make a complaint
We do our best to meet the highest standards when collecting and using personal information. We take any complaints we receive about this very seriously.
How long we keep your personal data
We will not keep your personal data for no longer than is necessary. The Data Retention Policy tells us how long we can keep personal information.
Further information about the Data Protection Act can be found on the Information Commissioner’s Office website.
Elsewhere on the web
- Data Protection Policy - PDF 88Kb
- Information Management Strategy - PDF 603Kb
- Privacy Notice, Financal Control and Closing - PDF 191Kb
- Elected Member Protocol (003) - PDF 412Kb
- Privacy Notice, Financal Systems - PDF 191Kb
- Privacy Notice, Freedom of Information - PDF 180Kb
- Privacy Notice, Governance - PDF 191Kb
- Privacy Notice, Housing - PDF 206Kb
- Privacy Notice, Budgetary Support - PDF 189Kb
- Privacy Notice, Education and Family Support - PDF 194Kb
- Privacy Notice, Fair Processing Statement Legal - PDF 185Kb
- Privacy Notice, Land Charges - PDF 180Kb
- Privacy Notice, Electoral - PDF 191Kb
- Privacy Notice, Direct Payments - PDF 190Kb
- Privacy Notice, Human Resources - PDF 192Kb
- Privacy Notice, Childrens - PDF 221Kb
- Privacy Notice, General - PDF 213Kb
- Privacy Notice, Social Services and Wellbeing - PDF 206Kb
- Privacy Notice, Complaints - PDF 157Kb
- Privacy Notice, Insurance and Risk - PDF 171Kb
- Privacy Notice, Benefits - PDF 232Kb
- BCBC Corporate Retention Schedule - PDF 539Kb