An essential activity within the council is the requirement to gather and process information about the staff and people who use our services. This will be done in accordance with the General Data Protection Regulations (GDPR), the Data Protection Act 1998 and other related government legislation.
The General Data Protection Regulation (GDPR) is an EU regulation that establishes a new framework for handling and protecting the personal data of EU citizens. (This will still apply after Brexit).
It introduces new obligations and liabilities for all organisations - including parish councils, that handle personal data and new rights for individuals in respect of their personal data. All organisations must comply with the new rules by 25th May 2018.
For Lynemouth Parish Council itself, as a corporate body, it is the formal Data Controller and as such must meet its obligations.
Information held by Lynemouth Parish Council
A data audit of all personal data is being carried out. This includes:-
- What is held
- Where it came from
- Who it is shared with
- The legal basis for holding it
- Whether consent is necessary
- How it is protected.
In addition, Lynemouth Parish Council is aware of the ICO's code of practice and the risk to information privacy.
In particular Lynemouth Parish Council looks to minimise this risk by looking to ensure personal information is:
- Accurate and up to date
- Not kept too long
- Not disclosed to those who the person it relates to does not wish to have
- Not used in ways that are unacceptable to or unexpectedly by the person it is about
- Kept securely.
Lynemouth Parish Council is reviewing and amending all of its policies and procedures in order that they cover all the rights which individuals have including:-
- Information and Data Protection Policy 2018
- Social Media Policy
- Removable Media Policy
- Document Retention and Disposal Policy.
Communicating Privacy Information
Lynemouth Parish Council is reviewing all of its Privacy Notices and Privacy Impact Information including:-
- Privacy Impact Assessment Information
- Privacy Notice.
Subject Access Requests / Consents / Data Breaches
Lynemouth Parish Council is updating its procedures in respect of handling requests and providing information.
- Subject Access Form
- Data Breach Form
- Consent Form.
Lynemouth Parish Council does not hold any information / data on any child.
Data Protection Officer
If you have a complaint regarding the way your personal data has been processed you may make a complaint to Lynemouth Parish Council's Parish Clerk, who can be contacted on telephone number: 07788 111729 or via e-mail: firstname.lastname@example.org