Data Protection
An essential activity within the council is the requirement to gather and process information about the staff and people who use our services. This will be done in accordance with the General Data Protection Regulations (GDPR), the Date Protection Act 1998 (The Act) and other related government legislation.
GDPR
The General Data Protection (GDPR) is an EU regulation that establishes a new framework for handling and protecting the personal data of EU citizens. It introduces new obligations and liabilities for all organisations – including parish councils, that handle personal data and new rights for individuals in respect of their personal data. All organisations must comply with the new rules by 25 May 2018.
Information held by Wheatley Hill Parish Council
A data audit of all personal data has been carried out and includes:-
1. What is held
2. Where it came fom
3. Who is it shared with
4. The legal basis for holding it
5. Whether consent is necessary
6. How it is protected
In addition, Wheatley Hill Parish Council is aware of the ICO’s code of practice and the risk to information privacy. The Parish Council looks to minimise this risk by looking to ensure personal information is
- Accurate and up to data
- Relevant
- Not kept too long
- Not disclosed to those who the person it relates to does not wish to have
- Not used in ways that are unacceptable to or unexpectedly by the person it is about
- kept securely
Children
Wheatley Hill Parish Council does not hold any information or data on any child
Data Protection Policy
Privacy Policy
Privacy Notice