Democratic Services and Elected Members - privacy notice
Who we are
Derby City Council is the local government unitary authority for Derby City. Our address is The Council House, Corporation Street, Derby, DE1 2FS. You can contact our Data Protection Officer on 01332 640763 or by email at firstname.lastname@example.org
How do we collect information from you?
We collect information from you when you visit www.derby.gov.uk, when you fill in any forms using our customer portals or on our website, including myAccount; also when you contact us in writing, speak to us on the phone, by email or any other type of electronic communication, or talk to us face to face.
What types of information do we collect from you?
We collect different categories of information about you, depending on the service you want from us and/or the reason why we need to process information relating to you. This could be personal information (for example your name and address), or other more sensitive data that we would only collect and use in very particular circumstances that are set out in law.
Details of information obtained from third parties
We collect information from you when you visit www.derby.gov.uk; also when you contact us in writing, speak to us on the phone, by email or any other type of electronic communication, or talk to us face to face. We collect different categories of information about you, depending on the service you want from us and/or the reason why we need to process information relating to you. This could be personal information (for example your name and address), or other more sensitive data that we would only collect and use in very particular circumstances that are set out in law.
What is the lawful basis?
The legal basis for data processing we are relying on comes from Article 6 of the UK General Data Protection Regulations (UK GDPR). The following sections apply:
- Article 6(1)(c) Legal Obligation - processing is necessary for compliance with a legal obligation to which the controller is subject;
- Article 6(1)(e) Public task -the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.
We may also ask for your consent in certain circumstances in accordance with:
- Article 6(1)(a) the data subject has given consent to the processing of his or her personal data for one or more specific purpose
We rely on the following conditions as per Article 9 (2) of the UK GDPR:
- the data subject has given explicit consent to the processing of those personal data for one or more specified purposes
- (g) processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject
- (f) processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity
If we have asked for your consent you will be able to opt out any time by emailing email@example.com.
How is your information used?
In accordance with your consent and schedule 1 Part 2 of the Data Protection Act 2018 we may use your information to:
- Enable councillors or officers of the council to investigate or assist with any issues which you may have raised, and so that we can notify you of any updates or keep you informed;
- Ensure any requests you have made for the Mayor, or another high-profile councillor, to attend an event you have organised can be dealt with appropriately.
In accordance with our public tasks arising from the following provisions:
- Local Government Act 1972
- Local Authorities (Executive Arrangements) (Meetings and Access to Information) (England) Regulations 2012
- Local Authorities and Police and Crime Panels (Coronavirus)(Flexibility of Local Authority and Police and Crime Panel Meetings)(England and Wales) Regulations 2020
- School Standards and Framework Act (SSFA) 1998
- Localism Act 2011
- Coronavirus Act 2020
We may use your information to:
- Enable the council to proceed with an appeal you have lodged against a decision that has been taken in relation to your child's schooling, in order that we can contact you to arrange hearings or to inform you of the outcome of those hearings;
- Ensure any petition you have led or signed is dealt with in accordance with the council's Petitions Scheme, and to ensure you are notified of the outcome;
- Allow officers to ensure any Public Questions you have asked to put at meetings of the Council are dealt with appropriately, and to enable necessary checks to be undertaken to ensure those asking questions are Derby residents;
- Enable regulatory matters where you are either an applicant, appellant or objector to proceed, where appropriate, to be considered at council committees such as Planning Control Committee, Licensing Committee, or a sub-committee of either of the above;
- Enable the council to deal with complaints about councillors which you may have raised, in accordance with the council's Councillor Complaints Procedure;
- Enable the Council to conduct public meetings in publicly accessible forums, such meetings may be conducted virtually via digital broadcasts or held as a ‘face to face’ meeting. Public meetings will be routinely recorded, and the videos will be published in an effort to promote transparency.
- Enable the Council to contact and where necessary visit you for the purpose of granting an award.
- Allow the Council to collate messages of condolence on the death of a member of the royal family and create a publicly available Book of Condolence
Coronavirus has been added as a notifiable disease under the Health Protection (Notification) Regulations 2010. The Council have a legal duty to process and share personal information in accordance with the Coronavirus Act 2020. Any such processing will be done in the public interest to promote health and wellbeing.
The Council have a duty to notify Public Health England and the local authority where the individual resides (if different), where there are suspected Coronavirus cases. In this instance, the Council will disclose the information under Article 9(2)(j) of the UK GDPR (processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health), and confidential information can be lawfully disclosed in the public interest, without consent, where the benefits to an individual or to society outweigh both the individuals and the public interest in keeping the information confidential.
The Council may contact staff, service users, residents and patients with messages relating to Coronavirus by text, phone, letter or e-mail. This contact is not direct marketing; therefore we do not need your Consent before contacting you. There is more information available on the national Information Commissioners Office approach to the current epidemic.
Research and Statistics
Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.
Who has access to your information?
We may share your information with the following third parties:
- Councillors appointed to committees which need to consider regulatory matters where you are an applicant, appellant or objector;
- Non-councillors who sit on an independent panel in consideration of school admission appeals or school exclusion reviews;
- The Local Government Ombudsman, only in cases where you have referred a matter to them for resolution and they have requested the information from us in order to deal with your complaint;
- Other council departments, where an issue you have raised through your local councillor, or through us in seeking to reach your local councillor, requires a response that those other departments are best placed to provide
- Your local councillor or a Cabinet Member, where you have an issue with us and have specifically asked for a councillor to respond.
- The wider public where issues are raised and discussed within public democratic meetings and broadcasts
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
What are your rights in relation the personal data we process?
Access – you can request copies of any of your personal information that is held by the Council.
Rectification – you can ask us to correct any incorrect information.
Deletion – you can ask us to delete your personal information. The Council can refuse to delete information if we have a lawful reason to keep this.
Portability – you can ask us to transfer your personal data to different services or to you.
Right to object or restrict processing – you have the right to object to how your data is being used and how it is going to be used in the future.
Right to prevent automatic decisions –.you have the right to challenge a decision that affects you that has been made automatically without human intervention, for example an online form with an instant decision.
How long will we keep your information for?
We keep and dispose of all records in line with our record retention schedule. We will comply with Data Protection legislation.
What security precautions are in place to protect the loss, misuse or alteration of your information?
We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the information you provide to us. However, we cannot guarantee the security of any information you transmit to us. We recommend that you take every precaution to protect your personal information.
Keeping your data up to date
We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.
Details of any automated decision processes
There are no automatic decisions concerning the use of your personal data.
If you are accessing online services and are under the age of 13‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
Cookies are small text files which identify your computer to our servers. They are used to improve the user experience. View what cookies we use and how you can manage them.
Internet Protocol (IP) addresses are collected when our site is used:
- for statistical/analytical purposes
- to identify any malicious activity
If you would like to make a complaint regarding the use of your personal data you can contact our Data Protection Officer;
- By post: Information Governance, The Council House, Corporation Street, Derby, DE1 2FS
- By phone: 01332 640763
- By email: firstname.lastname@example.org
For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner's Office (ICO):
- By post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
- By phone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number