Castle Bromwich Parish Council is committed to protecting the personal information we hold of people who use our services.
We comply with all laws concerning the protection of personal information, including the General Data Protection Regulation (GDPR). We have security measures in place to reduce the risk of theft, loss, destruction, misuse or inappropriate disclosure of personal information. All our systems have unique login details and access is only given to the staff who need it.
Your personal information is being processed by Castle Bromwich Parish Council .We are devoted to managing personal information in line with current legislation and best practice, this includes the new General Data Protection Regulation (GDPR) which is active from May 25th, 2018. Whenever you provide personal information, we will treat information in accordance with our privacy policy.
This statement of privacy applies to Castle Bromwich Parish Council’s use of any personal information we collect or create about you. This includes information:
- we collect from visitors to our website and users of our web applications
- given to us by phone, social media, such as Facebook and Twitter, email, in letters, in forms and other correspondence
- given in person
What information we may collect about you and where it comes from
Castle Bromwich Parish Council collects personally identifiable information whenever you access or sign up to any of our services, request information, make a complaint or participate in activities provided by us. This information may include your name, email address, home or work address, telephone or mobile number, date of birth or bank account details. We also collect anonymous demographic information, which is not unique to you, such as postcode, age, gender, preferences, interests and favourites.
Description of processing
The following is a broad description of the way this organisation processes personal information: Reasons/purposes for processing information
We process personal information to enable us to provide …
Type/classes of information processed
We process information relating to the above reasons/purposes. This information may include:
- personal details
- family, lifestyle and social circumstances
- goods and services
- financial details
- education details
- employment details
- customers
- suppliers
- staff
- people contracted to provide a service
- complainants, enquirers or their representatives
- professional advisers and consultants
- landlords
- people captured by CCTV images
- representatives of other organisations
- elected members
We also process sensitive classes of information that may include:
- physical or mental health details
- racial or ethnic origin
- religious or other beliefs
- trade union membership
Who the information is processed about
We process personal information about customers and clients, advisers and other professional experts and employees.
Who the information may be shared with
We sometimes need to share the personal information we process with the individual them self and with other organisations. Where this is necessary we are required to comply with all aspects of GDPR. What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons. Where necessary or required we share information with:
- business associates, professional advisers
- family, associates and representatives of the person whose personal data we are processing
- suppliers
- local and central government
- financial organisations
- ombudsmen and regulatory authorities
- credit reference and debt collection agencies
- healthcare professionals, social and welfare organisations
- current, past or prospective employers
- examining bodies
- service providers
How we use the information we collect about you
We process personal information to enable us to provide a range of government services to local people and businesses which include:
- maintaining our own accounts and records
- supporting and managing our employees
- promoting the services we provide
- carrying out health and public awareness campaigns
- managing our property
- carrying out surveys
- crime prevention including the use of CCTV
- corporate administration and all activities we are required to carry out as a data controller and public authority
- undertaking research
- internal financial support and corporate functions
- managing archived records for historical and research reasons
- planning including applications and decisions, building control, local plans and conservation
Consent
We will ask you for your permission to process your personal information if it is not covered by a public task or legal duty. This might be when we want to use your information in a way which is unexpected or different to the original purpose where there is no legal basis. If we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. If you wish to withdraw your consent, please contact the service that asked for your consent in the first instance.
We will need the parental consent of children under the age of 13 if we offer services directly to children over the internet. We will make reasonable efforts to verify age and parental responsibility.
When we may use your details to contact you
Castle Bromwich Parish Council may contact you in a variety of circumstances, for instance:
- in relation to any service, activity or online content you have requested or signed up for to make sure that we can deliver the services to you, g. to verify your email when you sign up to an online account, to help you reset your password or to check if you still want to use the service (if your account has not been active recently)
- in response to any correspondence we receive from you or any comment or complaint you make
- in relation to any personalised services you are receiving
- to invite you to participate in surveys about the council services
Retention policy
| Retention Period | · Our retention policy can be obtained by contacting the clerk, or visiting our website. |
| Where stored: | Electronic, paper |
| Authority: | Castle Bromwich Parish Council |
| Information Asset Owner: | Castle Bromwich Parish Council |
| Location Held: | Electronically or Secure File |
| Permanent Preservation: | No |
| Sensitive Personal Data: | No |
Rights of Data Subjects
| The right to be informed | Data subjects should be clear about what, why and in what way, Personal Identifiable Information (PII) will be processed. |
| The right of access | Data subjects have the right to learn what PII is held on them by whom and why |
| The right of rectification | Data subjects can request corrections to their PII |
| The right to erase | Data subjects can request to be forgotten |
| The right to restrict processing | Data subjects can ask organisation to stop processing their PII |
| The right to data portability | Data subjects can ask for their PII in machine readable format or to have it sent to another organisation |
| The right to object | Data subjects can object to organisation processing their PII |
| Automated decision making and profiling | Protection against targeted marketing and decision making |
If you wish to require more information regarding rights, you can do this by consulting the Information Commissioners Office (ICO) website. Or you can contact our Data Protection Officer: