Data Protection
Privacy Notice (Fair Processing Notice)
Ribble Valley Borough Council is committed to improving the services the Council provides. To do this we need to collect, and use, information about the individuals we provide services to and individuals we have contact with.
We are committed to compliance with Data Protection legislation. We will make every effort to keep your personal information safe, accurate, up to date and keep it for no longer than is necessary.
The Council is registered as a data controller with the Information Commissioner Office (registration number Z6400958) as we collect and process personal data. This collection and processing of data applies to both council employees and members of the public.
How Ribble Valley Borough Council may use your details
We collect, process, and hold personal data in order to provide public services. The information may be collected on paper, online forms, by telephone, email, CCTV or by members of our staff, or one of our partners.
We need to collect and process your information for the following purposes:
- to deliver public services
- to ensure we meet our legal obligations
- to provide the service you requested
- to monitor and improve performance in responding to your service request
- to obtain your opinion about our services
- to contact you by post, email or telephone
- to process financial transactions
- to prevent and detect fraud or crime
- to collect monies owed to the Council
We may process your information overseas using services that are hosted inside the European Economic Area, but only with data processing agreements that meet our obligations under the Data Protection Act.
Retention Periods
We will only keep your information for as long as it is required. The retention period is either dictated by law or by our information retention policies. Once your information is no longer required it will be destroyed securely and confidentially.
Telephone Calls
We will inform you if we record or monitor any telephone calls you make to us. We do not record any financial card details if you make payments to us over the telephone.
Emails
If you email us we may keep a record of your contact, your email address, and the email. For security reasons we will not include confidential information about you in any emails we may send to you, unless you consent to this.
We suggest that you keep to a minimum the amount of confidential information you send to us via email.
Website
General access to Ribble Valley Borough Council’s public web site (www.ribblevalley.gov.uk) does not store or capture personal information, but logs your Internet Protocol (IP) address and details of which version of web browser you are using.
Ribble Valley Borough Council’s public website may request personal information when you:
• Complete an online form or survey
• Sign up for an account on www.ribblevalley.gov.uk
• Apply for a job vacancy
• Make an online payment
We employ cookie technology to help log visitors to our web site. A cookie is a string of information that is sent by a web site and stored on your hard drive or temporarily in your computer’s memory. The information collected is used for the administration of the server and to improve the service provided by the web site. No personal information is collected this way. You can reject the use of cookies, but you may be asked for information again, e.g. to participate in a survey. This statement only covers the council web sites maintained by us and does not cover other web sites linked from our site.
Data Sharing with Third Parties
We may share your information with third parties where we have a legal obligation to do so, or where permitted under the Data Protection Act, or with a third party working on behalf of the Council.
We will strive to ensure that any third party who we share personal data with has sufficient systems and procedures in place to prevent any loss of data.
We will not share your data with third parties for marketing or sales purposes, or for any commercial use without your prior express consent.
Detect and Prevent Fraud or Crime
We may use any of the information you provide to us for the prevention and detection of fraud or crime. We may share information provided to us with other bodies responsible for auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud or crime. This includes the Cabinet Office, the Department for Works and Pensions, other local authorities, HM Revenues and Customs and the Police.
National Fraud Initiative
The National Fraud Initiative (NFI) is an exercise that matches electronic data within and between public and private sector bodies to prevent and detect fraud.
Ribble Valley Borough Council is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for; auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.
The Cabinet Office is responsible for carrying out data matching exercises.
Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.
We participate in the Cabinet Office’s National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office for matching for each exercise, as detailed here.
The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned.
Data matching by the Cabinet Office is subject to a Code of Practice.
View further information on the Cabinet Office’s legal powers and the reasons why it matches particular information.
Your Rights
Your rights under the Data Protection Act 1998 and the EU General Data Protection Regulations (GDPR).
-
The Right to be informed
You have the right to be informed how your data is processed, via Privacy Notices such as this.
-
The Right of Access
You have the right to access the personal information we hold about you.
-
The Right to Rectification
We endeavour to ensure that information we hold about you is correct and up to date. You may find that the information we hold is no longer accurate. Please contact the Council to have the information corrected.
-
The Right to Erasure
You have the right to have your personal data erased and to prevent processing in specific circumstances:
- Where the data is no longer necessary in relation to the purpose for which it was originally collected
- When you withdraw consent for the data to be processed
- When you object to the processing of the data and there is no overriding legitimate interest for continuing the processing
- Your data was unlawfully processed
- Your information has to be erased in order to comply with a legal obligation
However we may refuse to comply with your request for erasure for the following reason:
- To comply with a legal obligation for the performance of a public interest task or exercise of official authority
- The exercise or defence of legal claims
- To exercise the right of freedom of expression and information
- For public health purposes in the public interest
- Archiving purposes in the public interest, scientific interest, historical interest or statistical purposes
-
The Right to Restrict Processing
You have the right to ask us to stop the processing of your personal data. However, this may cause delays or prevent us providing/delivering a service to you.
-
The Right to Data Portability
You have the right to request your personal data in a structured, commonly used, machine readable format.
-
The Right to Object
You have the right to object to your personal data being processed at any time.
-
Rights in Relation to Automated Decision Making Including Profiling
You have the right to insist on human intervention if a decision is based on the result of automated processing.
Information Security Incident
Should you wish to report or suspect a security incident in relation to the personal information we hold about you please contact the Council’s Data Protection Officer (details below).
Further Information
For further information about the use of your information or to request a copy of your personal information held by Ribble Valley Borough Council please contact:
Data Protection Officer
Ribble Valley Borough Council
Council Offices
Church Walk
Clitheroe
BB7 2RA
Telephone: 01200 425111
Email: dataprotection@ribblevalley.gov.uk
Changes to this privacy notice
We will regularly review and update this privacy notice to comply with changes in Data Protection legislation and to reflect changes in our services.