Find out how and why we collect information about you, what we collect and who we share it with. Be aware of your rights, how to correct things that are wrong, and how to object to us using the data.
The General Data Protection Regulation (GDPR) legally controls what data can be collected and what can be done with it. Our Corporate privacy statement (PDF, 104.1kb) explains how we will deal with your data. Below is a summary of what it means.
Please note: the contents of this page will also need updating when the Data Protection Bill 2018 is passed.
What we collect
We collect your personal data in a variety of ways, for example, when you create an online customer account, fill in a form (online or paper), speak to us on the phone or face to face.
When we no longer require your personal data, it is deleted according to our retention guidelines.
Data collected by us is generally processed within the UK and the EEA, and meets UK government security policy.
The data we collect can include the following:
Name and contact details: we collect your name, address, email address, phone number and similar contact details to help provide you with services and to contact you in relation to those services. If you have given specific permission, we also use these for marketing purposes for services/events provided by us or by others in the local area. If you have given specific permission for third party marketing, we may also pass this data to third parties for carefully selected marketing relevant to you.
Demographic data: this can include age, gender, nationality, race, religion, sexuality, disability and ethnicity in order to fulfil our obligations under the Equalities Act 2010. This data is not personally identifiable and is managed separately from other data. We also use aggregated data from other services to inform our planning of services. We cannot identify individuals from the data, but it will include matters such as health, police information and financial information.
Device and usage data: when you connect to us online, we collect data about pages you have visited, completed actions, error messages, device operating system, region and language settings. This data do not allow us to identify you, and is used to improve our services.
Preferences and account data: if our systems include the ability to create accounts using a username/password. If you have created an account, we may store data in all the categories referenced elsewhere on this page, including sensitive data, with your account. This allows us to retrieve this data to auto-fill forms for you and present you with data about your past requests to us. Some systems may allow a guest logon or anonymous requests. You cannot retrieve history under a guest logon.
Financial data: if you would like to apply for or pay for services online, we will need your financial information which is added to secure third party systems. We also collect data about income, outgoings, savings and assets owned in order to provide services to you. These include matters such as benefits and provision of social care. We additionally receive financial data about you from third parties e.g. credit rating agencies.
Health and care data: if you are using one of our health or social care services, we collect data about your health, including medical conditions and disabilities which we need to provide that service to you. We additionally receive health data about you from third parties such as your healthcare provider eg NHS under a series of multi-agency sharing agreements. Data about you is used to inform our services to you and is only shared with practitioners in those services.
How we use it
We use data about you to provide you with services, communicate with you, to plan our services, and to personalise your experience:
providing services to you: this includes charging for services and collection of taxes eg collection of council tax
communicating with you: this includes replying to requests you make, explaining how your services work, confirming competition prizes
planning our services: this includes helping to plan our current and future services, eg the best places to offer a service, and is often anonymised (data from which you is not personally identifiable)
personalising your experience: allowing us to show you services that are relevant to you
legal requirements: eg for the prevention and detection of crime
We will not direct market to you unless you give us your specific consent.
We share your personal data with a range of organisations to provide you with services, plan services and to ensure that crime is prevented or detected.
Third party organisations delivering services on our behalf: this sharing is covered by agreements to maintain your privacy to the same level as we require of ourselves, and data shared is strictly restricted to that necessary for delivering services.
Central government, health and social care, police: we share data with these organisations, as required by law, for the delivery of service, prevention and detection of crime, public health, safety and service planning. Where sharing is not required by law, it is covered in our privacy agreements with you.
Children and adult services professionals: we only share information with professionals who are directly involved in providing services, support, care or treatment to you. This may include doctors, nurses, teachers, care workers, social workers, foster carers or family workers.
Marketing: we will only share your details with 3rd parties to send you direct marketing, if you have given us your express consent.
A cookie is a small piece of code that can be stored on your computer, phone or whatever you use to surf the Internet by the websites you visit. Cookies have many uses, which may include storing information about you. Find out more information about about the cookies we use on our website.
Your customer accounts
We have several systems (portals) that allow you to register to use them and create an account. These includes our customer services account, planning portal and parent portal.
Registering with one of these portals allows us to simplify your access to our services. By storing your personal data in the accounts we are able to automatically fill in basic data about you and your circumstances so you don't have to do it more than once. By linking your accounts from our internal systems, we can show you information from these systems and make it easier for you to manage your relationship with us.
We are revising our portal information and it will be updated very shortly.
We use a variety of techniques to ensure the privacy of your personal data and protect it from unauthorised disclosure or access. These include physical security, encryption at rest and in transit, multi-factor authentication and intrusion detection systems.
How to contact us
We will update this privacy information as required. If there are significant changes we will notify you either by a notice when you logon or directly sending you a notification. We encourage you to periodically review this statement.
If you want to get in touch with us about anything on this page, please contact us.
We have a wide range of purposes for which we gather data, all aimed at providing you with the best possible service. Every time you are asked to submit personal or sensitive data to us, you should be made aware of the privacy notice relating to the service you receive from us.
Below is a list of all our privacy notices. If you can't see the one you need, contact us.