Please be aware that we may take longer to respond to any correspondence or complaints, due to staff shortages and our response to Coronavirus. Thank you for your understanding.
The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 regulate the processing of information relating to individuals. This includes the obtaining, holding, use or disclosure of such information.
To make sure that we handle personal data lawfully and appropriately we must comply with the Act, and in particular the Data Protection Principles. These require that personal data must be:
- processed fairly, lawfully and transparently
- collected for specified, explicit and legitimate purposes
- adequate, relevant and necessary
- accurate and where necessary up to date
- kept in identifiable form for no longer than necessary
- processed securely
Your rights under the act
Your rights under the act are:
You have the right know whether your personal data is being processed and if so, the right to have a copy.
You have the right to have inaccurate personal data rectified without undue delay.
In certain circumstances you have the right to have your personal data erased or deleted.
In certain circumstances you have the right to restrict us from processing your information.
You have the right to receive the personal data which you have given us (the data controller) in a structured, commonly used and machine-readable format.
You have the right to object at any time to the processing of your personal data. We (the data controller) will no longer process your data unless we can show that there is a good reason to do so. This must override your interests, rights and freedoms, or be for our defence of legal claims.
Under the Act you have the right, subject to exemptions, not to be subject to a decision when it is based on automated processing.
Request to see your information
Please use the Subject Access Request Form.
A reply to a subject access request is normally made within one month. Proof of ID and any information needed to locate the information may be required.
Report incorrect data
You should write to us telling us what data is incorrect. We must respond to you within 21 days.
Make a complaint
We do our best to meet the highest standards when collecting and using personal information. We take any complaints we receive about this very seriously.
How long we keep your personal data
We will not keep your personal data for no longer than is necessary. The Data Retention Policy tells us how long we can keep personal information.
Further information about the Data Protection Act can be found on the Information Commissioner’s Office website.
Elsewhere on the web
- Information Management Strategy - PDF 222Kb
- Elected Member Protocol - PDF 58Kb
- Data Protection Policy - PDF 49Kb
- BCBC Corporate Retention Schedule - PDF 539Kb
- Privacy Notice – Revenues - PDF 172Kb
- MASH Privacy Statement - PDF 371Kb
- Privacy Notice, Benefits - PDF 209Kb
- Privacy Notice, Budgetary Support - PDF 192Kb
- Privacy Notice, Education and Family Support - PDF 202Kb
- Privacy Notice, Direct Payments - PDF 190Kb
- Privacy Notice, Complaints - PDF 166Kb
- 11 Jan 2021 Regional Contact Tracing Privacy Notice - DOCX 36Kb
- Privacy Notice, Electoral - PDF 179Kb
- Privacy Notice, Fair Processing Statement Legal - PDF 190Kb
- Privacy Notice, Financial Control and Housing - PDF 172Kb
- Privacy Notice, Governance - PDF 190Kb
- Privacy Notice, Insurance and Risk - PDF 220Kb
- Privacy Notice, Human Resources - PDF 193Kb
- Privacy Notice, Freedom of Information - PDF 168Kb
- Elected Member Protocol - PDF 58Kb
- Privacy Notice, Financial Systems - PDF 174Kb
- Privacy Notice, Housing - PDF 255Kb
- Privacy Notice, Land Changes - PDF 185Kb
- Privacy Notice, Social Services and Wellbeing - PDF 190Kb
- General privacy notice - PDF 187Kb