To provide you with efficient services, we will sometimes share your personal information between teams within the Council, and with external partners and agencies involved in delivering services on our behalf.
Within the Council we may share your information between our services:
- so that the information held about you is up-to-date
- to allow us to provide and improve our services to you
- for statistical analysis for performance and management insight to help improve our services
- for fraud prevention
We will only share your information where it is required such as where services are delivered jointly with other organisations. We will tell you who these other organisations are when we gather your information. This is detailed further in each of the 'service privacy notices' below.
In order to provide services to you, we may need to appoint other organisations to carry out some activities on our behalf.
These may include, for example:
- data processors
- IT providers
- payment processing organisations
- delivery organisations
- mailing houses
- contractors or consultants providing services to the Council, or directly to service users, where we need to provide them with personal information to allow them to provide these services
We select these organisations carefully and put measures in place to make sure that they are not allowed to do anything with your personal information which the Council could not do itself.
Where information is shared with other organisations or processed on our behalf, we will ensure adequate protection by ensuring contracts and sharing agreements are in place that define security controls around the sharing of the information.
Information is also analysed internally in order to provide management information, inform service delivery reform and similar purposes.
Data protection policy
We have a Data Protection Policy (PDF 304 KB). This policy is regularly reviewed by the Data Protection Officer to ensure that the Council complies with the requirements of the data protection law.
All council officers are required to undertake data protection and information security training to ensure that personal data is processed in accordance with data protection principles.