Wealden District Council is fully committed to full compliance with the requirements of the Data Protection Act 1998. The Data Protection Act 1998 (DPA) was introduced to protect personal data about you by setting rules and conditions which all bodies, such as Wealden District Council (the Act calls us Data Controllers) must obey when obtaining and using information about you. The Act also provides you with certain rights, which the Data Controllers must respect.
The Council holds personal information about its customers and clients and Wealden residents. All the information about you that we hold is protected under the Data Protection Act 1998. The Council will follow procedures which aim to ensure that all employees, elected Members, contractors, consultants, partners or other servants or agents of the council (collectively known as data users) who have access to any personal data held by or on behalf of the council are fully aware of and abide by their duties under the Data Protection Act 1998.
Privacy and Cookies
Wealden District Council collects, holds and processes a considerable amount of information, including personal information. We need this information to provide our services.
We know this information is important to our residents and we take our responsibilities under the Data Protection Act (external link) seriously. We make sure that any personal information collected and used is done so appropriately, correctly and safely.
This page tells you how Wealden District Council uses your personal information.
For full details of our policies and guidelines, and to make a request for information, please check our Data Protection page.
What are your rights?
You have the right to:
- Ask what personal information the Council holds about you
- Be given a copy of the information, a £10 charge will apply
- Be given details about the purposes for which the Council use the information and of other organisations or persons to whom it is disclosed
- Ask for incorrect data to be corrected
- Ask the Council not to use personal information about you for direct marketing; which is likely to cause damage or distress
- Be compensated for damage or distress should these be caused by our failure to comply with certain requirements of the Act.
Requesting your data
If you wish to request your own personal data via a Subject Access Request (SAR) please visit our Data Protection page. Further information on the Data Protection Act may be found on the Information Commissioners Office (ICO) (external link) Website.
Your personal data
The Council is the data controller for purposes of the Data Protection Act (1998) and is registered as a data controller with the Information Commissioner's Office (ICO) under registration number Z5133126.
The Council has an approved Data Protection Policy which provides the high level principles we operate to. This privacy notice describes how we translate those principles into practice and explains what we will, and will not, do with personal information.
We do not sell personal details to any external organisations. External contractors may process information on behalf of the Council. We require all these contractors to make sure they keep personal information safe and prohibit them from doing anything other than following our instructions.
What is personal data?
Personal data includes basic details such as name, address, telephone number, date of birth, and notes and comments made about a person. The information may be held in paper files, electronically or both. This may include, but is not limited to: computer entries, written correspondence, emails, letters, files, photographs and video recordings.
Sensitive personal data includes information on: race or ethnicity, political opinions, religious beliefs, trade union membership, physical or mental health, sexual life and any criminal offences or prosecutions.
We will always tell you why and how the information will be used as we will normally ask for consent to hold sensitive data.
For most purposes, we will only process your information with your consent. We will presume that by providing us with your details you are consenting for us to use them to provide the services you are using. We will explain the purpose for processing your information and how we will use it as early as possible.
We will not use your personal details for any other purpose without obtaining your consent or unless we have a lawful reason to do so. You may have been asked to provide this consent at the time when you originally contacted us, for example as part of the application form.
The main exception to this is the prevention of fraud. The Council must safeguard public funds and we reserve the right to check the information you have provided for accuracy and to detect fraud. We may match data we hold to identify unusual matches or discrepancies; this may include matching council data with external data sources such as information held by credit reference agencies. As a result, we will use the information you provide to make sure all amounts we are owed are paid on time and ensure any benefits you receive are appropriate. We may share your information with Debt Management agencies and the Courts to help collect any outstanding debts. We may also share your information for the same purposes with other public organisations, including neighbouring councils that handle public funds and with police forces. We may also provide forwarding addresses of council tenants to utility companies that are collecting outstanding debts.
We take part in the National Fraud Initiative (external link) anti-fraud data matching exercise.
We do our own data matching, using names, dates of birth and address across our systems. We will compare computer records held by one department, against others held by the same or other departments, to check they match. This is to make sure our information is correct and to create a customer index which can be used to help identify customers via a single customer record.
Other uses of data
All Local Authorities have a duty to improve the health of the population they serve. To help with this, we use data and information from a range of sources including hospitals to understand more about the nature and causes of disease and ill-health in the area.
For some regulated services your application may be published and potentially discussed in open committee. This will always be made clear on any relevant application forms and supporting documentation.
We may also check the information you have provided with other information already held in our departments in order to provide you with the service or response you require.
We have to share information with certain other public bodies such as the Department for Work and Pensions (DWP), HM Revenues and Customs (HMRC), courts, tribunals, other formal bodies dealing with legal processes or external regulatory bodies. We also have to assist in the prevention and detection of crime and we will therefore generally supply specific information requested by the police or other crime detection agencies, if we are satisfied that the disclosure would be lawful and appropriate.
Where a team or service area ask you for personal information through an online form, this information will only be used for the purpose indicated on the form and it will be held securely.
Closed Circuit Television (CCTV)
Closed Circuit Television (CCTV) is operated in and around council properties (including our customer service, offices, car parks and council housing communal areas). The purpose of the CCTV is for staff safety and crime prevention and detection. The footage is normally held for 14 days and may be shared with the police for crime prevention and detection purposes.
Most CCTV cameras located around the district are operated and controlled by Sussex Police.
The Electoral Register for the Wealden area is a separate legal entity from the Council and is separately notified with the Information Commissioner as a data controller as the Electoral Registration Officer of Wealden District Council, registration Number Z7459818.
Data Protection Statement
All of our application forms and requests for your personal information explain why we require the information requested.
We will store and use your personal information in line with the Data Protection Act 1998. The Data Protection Act 1998 sets out rules for processing personal information (known as personal data) and applies to many paper records as well as those held on computer. Any personal information you give us is held securely and will be used only for council purposes. Information that was collected for one purpose may be used for another council purpose, unless there are legal restrictions preventing this. Wealden District Council may share this information where necessary with other organisations, including (but not limited to) where it is appropriate to protect public funds and/or prevent fraud in line with the National Fraud Initiative guidelines.