Page last updated: 15 May 2018
Westhampnett Parish Council is committed to protecting your privacy and security. This policy explains how and why we use your personal data, to ensure you remain informed and in control of your information.
From 15th May 2018, Westhampnett Parish Council will ask residents and all who we communicate with on a general basis to “opt-in” for communications. This is due to a change to the rules which govern how we can communicate with you and a new regulation on personal data (the General Data Protection Regulation) coming into force on 25th May 2018. Therefore we are introducing a new approach that relies on you giving us your consent about how we can contact you. This means you’ll have the choice as to whether you want to receive these messages and be able to select how you want to receive them (email, phone or post).
You can decide not to receive communications or change how we contact you at any time. If you wish to do so please contact the Clerk.
We will never sell your personal data, and will only ever share it with organisations we work with where necessary and if its privacy and security are guaranteed.
Any questions you have in relation to this policy or how we use your personal data should be directed to the Clerk.
WHAT INFORMATION WE COLLECT
Personal data you provide
We collect data you provide to us. This includes information you give when communicating with us. For example:
personal details (name, email, address, telephone etc.)
details of your particular interest in or connection with Westhampnett Parish Council
Information created by your involvement with Westhampnett Parish Council
Your activities and involvement with Westhampnett Parish Council will result in personal data being created. This could include details of how you’ve helped us by volunteering or being involved with our campaigns and activities.
Sensitive personal data
We do not collect or store sensitive personal data (such as information relating to health, beliefs or political affiliation).
Accidents or incidents
If an accident or incident occurs on our property, at one of our events or involving one of our staff or members (including volunteers) then we’ll keep a record of this (which may include personal data and sensitive personal data).
HOW WE USE INFORMATION
We only ever use your personal data with your consent, or where it is necessary in order to:
enter into, or perform, a contract with you;
comply with a legal duty;
protect your vital interests;
for our own (or a third party’s) lawful interests, provided your rights don’t override these.
In any event, we’ll only use your information for the purpose or purposes it was collected for (or else for closely related purposes):
We use personal data to communicate with people. This includes keeping you up to date with our news, items of specific local interest, meetings or events.
We use personal data for administrative purposes. This includes:
maintaining databases of our volunteers, Westhampnett residents, councillors, organisations and contractors;
performing our obligations under Local Government legislation;
helping us respect your choices and preferences (e.g. if you ask not to receive marketing material, we’ll keep a record of this).
DISCLOSING AND SHARING DATA
We will never sell your personal data. We may share personal data with subcontractors or suppliers who provide us with services, if the service has a direct impact on you or your household. However, these activities will be carried out under a contract which imposes strict requirements on our supplier to keep your information confidential and secure.
Occasionally, where we partner with other organisations, we may also share information with them (for example, if you register to attend an event being jointly organised by us and another organisation). We’ll only share information when necessary.
HOW WE PROTECT DATA
We employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to, or use or disclosure of your personal information.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our Clerk has received data protection training and we have a set of detailed data protection procedures.
Where we store information
We store our data within the European Union. Some organisations which provide services to us may transfer personal data outside of the European Economic Area, but we’ll only allow them to do if your data is adequately protected.
For example, some of our systems use Microsoft products. As a US company, it may be that using their products result in personal data being transferred to or accessible from the US. However, we’ll allow this as we are certain personal data will still be adequately protected (as Microsoft is certified under the USA’s Privacy Shield scheme).
How long we store information
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you newsletters, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).
We continually review what information we hold and delete what is no longer required.
KEEPING YOU IN CONTROL
We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as subject access request);
the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
the right to have inaccurate data rectified;
the right to object to your data being used for marketing or profiling; and
where technically feasible, you have the right to personal data you have provided to us which we process automatically on the basis of your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
You can complain to Westhampnett Parish Council directly by contacting our Data Protection Officer.
If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the UK Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk