Spelthorne Borough Council is committed to protecting your privacy when you use our services. The following Privacy Notice explains how we use information about you and how we protect your privacy.
We have a dedicated Data Protection Officer who makes sure we respect your rights and follow the law. If you have any concerns or questions about how we look after your personal information, please contact the Data Protection Officer at firstname.lastname@example.org or by writing to the Data Protection Officer at Spelthorne Borough Council, Council Offices, Knowle Green, Staines-upon-Thames, TW18 1XB.
What is personal information?
Personal data is information about a living person that means we can work out who they are such as name, address, telephone number, date of birth, bank details etc. This can include written letters, emails, photographs, audio recordings and video recordings.
Some data is called special category data which is more sensitive, and we have to look after it more carefully. This includes details of ethnic origin, religious beliefs, sexual orientation, trade union membership, health data, and biometric (eg fingerprints, facial recognition) and genetic (eg DNA) data.
Why do we collect your personal information?
The Council/KGE will only use your personal information when it has a legitimate reason for doing so and will process it in a fair and lawful way. We may use your information to:
Allow the Council to be able to communicate with you and provide services that are appropriate for your needs
Plan, monitor and improve the quality of those services
Where you have given us your consent to use your personal information, you have the right to remove it at any time, and can do so by contacting the data protection officer at email@example.com.
We will never process more data than is necessary!
Where we can, we’ll only collect and use personal information if we need it to deliver a service or meet a requirement.
If we don’t need personal information we’ll either keep you anonymous if we already have it for something else or we won’t ask you for it.
We don’t sell your personal information to anyone else.
What can you do with your information?
The UK’s Data Protection legislation is all about allowing you the control over what happens to your data. Therefore, under the Data Protection Act 2018, you can exercise the following rights:
The right to be informed via Privacy Notices such as this
The right to request access to and to receive a copy of any information we hold about you (including in an electronic format) – to request a copy of this information you must make a subject access request in writing
If you find that the information SBC holds about you is no longer accurate, you have the right to ask to have this corrected.
The right – under certain conditions – to ask us to erase your personal data
You may request that SBC stops processing your personal data in relation to any council service (this may delay or prevent us delivering a service to you, we will seek to comply with your request but may be required to hold or process information to comply with our legal duties).
The right to see CCTV images of yourself and be provided with a copy
For more information on exercising your rights, please see .
Who might we share your information with?
To ensure that Spelthorne Borough Council provides you with an efficient and effective service we will sometimes need to share your information between teams within the council as well as with our partner organisations.
We may disclose your information to others, but only where this is absolutely necessary, either to comply with our legal obligations or as permitted by Data Protection legislation. This includes for the purpose of the prevention and/or detection of crime, or where it is necessary to allow a third party working for or acting on behalf of the Council, to provide a service.
We will often complete a privacy impact assessment (PIA) before we share personal information to make sure we protect your privacy and comply with the law.
We will never share your information for marketing purposes.
Where in the world is your information?
The majority of personal information is stored on systems in the UK. But there are some occasions where your information may leave the UK either in order to get to another organisation or if it’s stored in a system outside of the EU.
We have additional protections on your information if it leaves the UK ranging from secure ways of transferring data to ensuring we have a robust contract in place with that third party.
We’ll take all practical steps to make sure your personal information is not sent to a country that is not seen as ‘safe’ either by the UK or EU Governments.
If we need to send your information to an ‘unsafe’ location we’ll always seek advice from the Information Commissioner first.
How long do we keep your personal information?
There’s often a legal reason for keeping your personal information for a set period of time, or we will most likely be collecting your data in the interest of you, as an individual and as a member of the public.
Where can I get advice?
If you have any worries or questions about how your personal information is handled please contact our Data Protection Officer at firstname.lastname@example.org .
For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner’s Office (ICO) at:
Information Commissioner’s Office
Cheshire SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545745 if you prefer to use a national rate number.
If you email us…
If you email us we will make a record of your contact and your email address. For security reasons we advise you keep the amount of confidential information you send to us via email to a minimum.