Our legal responsibilities
We collect, hold and use data about people and organisations with whom we work and in order to conduct our business. This may include members of the public, current, past and prospective employees, clients, customers, contractors, partners and suppliers. In addition, we may be required to collect and use personal data in order to comply with our statutory obligations.
We must abide by the eight principles of the Data Protection Act which make sure that personal information is:
- Fairly and lawfully processed
- Processed for limited purposes
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than is necessary
- Processed in line with your rights
- Not transferred to other countries without adequate protection
Notification is a statutory requirement of the Act and we must notify the Information Commissioner's Office (ICO) and give details about our processing of personal information.
The ICO publishes certain details in the register of data controllers, which is available to the public for inspection. Our entry in the Data Protection Public Register is available via this link Data Protection Public Register. Enter Z568603X, the Council's Data Protection Registration number.