County Councillor Privacy Notice
Under the Data Protection Act 2018, county councillors are required as data controllers to provide a copy of their privacy notice that informs you how they will use your data.
You can view their privacy notice below:
I, as a County Councillor, am the Data Controller of the personal data that I hold about you. This means that I am required to comply with the data protection principles set out in the GDPR and the UK Data Protection Act 2018. This Privacy Notice tells you what you can expect when your data is collected, stored, used, and deleted, and what your rights are.
Legal Basis for Processing
As a County Councillor, I process your personal data to enable me to assist you with any dealings that you have with me as the elected member for your division. The lawful basis for my processing your personal data will normally be Article 6 (e) of the GDPR - "Necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller". On infrequent occasions I may be asked to process what the Data Protection Act refers to as "Special Category Data" - this can include types of information such as medical, health, political, trade union or other data. If I am required to process data of this type then I will rely on Article 9 (g) of the GDPR which allows me to process this data for "reasons of substantial public interest".
Managing Personal Data
I will only use the data supplied to me for the purposes for which it has been collected or supplied, and will not use it for any other purposes. Data I process will not be excessive and will be limited only to what is required to undertake my duties.
Under the GDPR and Data Protection Act 2018 I have a responsibility to ensure that the data I hold about you is accurate and up to date and I will make every reasonable effort to ensure that this is the case. In addition, and in compliance with the fifth Data Protection Principle, I will not retain personal data for any longer than is legally required, and will securely delete it when it has reached the end of its retention period.
I also have a responsibility to ensure that records are stored and processed securely. Paper records will be stored in a secure manner appropriate to their contents, and electronic records will be stored on devices with appropriate levels of technical protection, and transferred with encryption and/or password protection where necessary, depending on their contents.
Under the GDPR you, as the Data Subject have the right to:-
- Access the information I hold about you. This information is usually provided free of charge but a charge may be made in specific circumstances specified in the regulations.
- Request that I rectify (correct) inaccurate or out of date factual information about you.
- Request that records I hold about you are erased where there is no other legal reason to retain them.
- Restrict processing of the information I hold about you if you have an objection to that processing, whilst your objection is investigated.
- Object to processing of your personal information including automated decision making and profiling.
- Make a complaint or raise a concern to a supervisory authority if you are not supervisory authority if you are not satisfied with how the information held about you, or an information request, has been handled.
If you have a query about any of the personal data I hold about you can contact me using the details on my Councillor Page on the Staffordshire County Council website.
If you are not satisfied with my response or believe I am not processing your personal data in accordance with the law you can contact the Information Commissioner's Office (ICO)