- What kind of information we are talking about
- Why we collect personal data
- What types of information we hold
- Who we collect information from
- Who we share information with
- How long we keep information for
- Our directorates
- Law enforcement and fraud
- Security
- Automated decision making or profiling
- Cookies
- Your rights
- Complaints
- Changes to our policy
Peterborough City Council is a data controller and processor for the purposes of Data Protection legislation. This means that we are responsible for deciding the purpose of collecting and using information, but as a processor we also use the information in line with why we collected it as part of our everyday work.
Peterborough City Council became a unitary authority in 1998. We were previously part of Cambridgeshire County Council.
As a unitary authority, we have both the powers of a non-metropolitan county and district council combined. This means that we provide services such as social care and education, which a county council may supply, but we also provide planning, council tax, benefits and the regulatory services that a district council provides.
This privacy notice explains what we do generally. It has links to our directorates and which services sit within those directorates. All directorates and services come under our Chief Executive.
We also have a section on your rights and how you can contact us to exercise these rights.
We are always looking to improve our privacy notices to ensure that you understand what data we collect, why and what we do with it. If you have any comments or questions, then we would like to hear from you.
What kind of information we are talking about
The legislation covers “personal data” which is information which directly or indirectly identifies a person. This could mean:
- Name
- Address
- Date of birth
- National Insurance Number
- IP address
- Genetic data
Some personal data is what we used to call sensitive personal data but is now called special categories of data. These still include types of information like ethnicity, religion and health.
Why we collect personal data
For some council services, there is a need to collect personal data so that we can get in touch or provide the service you require. Many of these services are statutory, which means that we are required by law to provide them, and this will be why we ask for information from you. This is our legal basis for using the information because without the information then we would not be able to that service to you.
Each service will have its own requirements. You will only be asked to provide the information which we need in order to provide you with that service. If you contact the Chief Executive’s Office for assistance, then we will ask for information to enable your question to be answered or forwarded to an officer to provide the answer to you.
There will be some services which we need your consent to collect and use your information. Where this is the case then we always make this clear to you when you first become involved with the service.
You always have the right to withdraw from receiving that service. If you do withdraw consent then we will always make sure that we explain the impact of you doing this is.
It may also be that we provide a service to you which is statutory, but we would like to use some information for another reason, such as research or evaluation of our work. Where we need your consent to do that, we will make this clear to you and give you a choice.
What types of information we hold
This will depend on the service and what information is needed however it will include both personal data and special categories of data. It may include but not be limited to:
- Name
- Ethnicity
- Identification Number
- Email address
- Address
- Financial
- Nationality
- IP Address
- Date of birth
- Household members
- Criminal offences
- Education
- Gender
- Physical health
- Mental health
- Sexual health
We will:
- Only ask for information if we have legitimate grounds to do so
- Explain why we are asking for that information
- Only ask for the information we actually need
- Keep accurate and up to date information
- Only keep information for as long as it is needed
- To ensure that we take appropriate steps to keep your information secure
All staff who have access to information about you will have received training on data protection and information security. All data is stored within the European Union except for data relating to the council's email marketing system. This data is stored in the USA under the provisions of the EU-US Privacy Shield Framework.
Who we collect information from
It will depend on the service, however, the starting point will normally be yourself or someone acting on your behalf.
We may also receive information from other organisations who we work with to deliver a service. For example, your information may be shared with us by a health professional because we will provide reablement services to you. In those cases, the person or agency referring you should tell you what they are doing.
We may also receive information about you or family members, because the organisation which holds that data is required by law to provide us with it. This is often a school or pre-school who are required to inform us about children attending the school. Sometimes we may need to ask other agencies or organisations for relevant information about you to fulfil our legal responsibilities or to provide services.
Who we share information with
It will depend on what service you are receiving as to who we share information with and why. It will depend on what service you receive and where permitted but this may include but not limited to:
- Other local authorities
- Police
- Law enforcement
- Trade Unions
- Central Government
- Health and social
- Housing providers
- Fire Service
- Legal representatives
- Courts
- Employers
- Debt collection
- Regulatory bodies like OFSTED
- Members and political parties
- Commissioned service providers
- Schools
We work with a number of different partners to provide services. This may be government departments like the NHS or local health providers like GPs, it may be the Police or the Department for Work and Pensions.
We may pass your information to these other agencies or organisations as allowed or required by law, for example to enable them to carry out their statutory duties, or where it is necessary to prevent harm to yourself or other individuals.
We have strategic partners like Serco and Skanska. This means that we provide them with your information to provide services like Council Tax administration or highways work. This is always done under a contract so that they can only use your information for the reasons specified in the contract, and must abide by the same data protection legislation as we do.
We may pass your personal data onto the people who provide a service such as care or support to you. These providers are obliged to keep your details securely, and use them only to fulfil your request. Once your request has been dealt with or the case has been closed, they will dispose of the details. If we wish to pass your sensitive personal data onto a third party, we will only do so once we have obtained your consent, unless we are legally required to do so.
Sometimes in order for us to provide services, there may be occasions when we share your data with those who carry work out on our behalf. For example, we may ask an external service provider to review Council Tax discounts or to undertake a statutory assessment of a service.
How long we keep information for
Under Data Protection, we are required to keep information for as long as it is required. It does not however specify how long a specific piece of information should be retained for. Therefore each department will use a retention schedule for documents etc which it holds and have a secure means of destruction. This can be made available.
Our directorates
Specific information relating to the information collected by each of our directorates can be accessed by clicking on one of the pdf links below. There will also be specific privacy notices attached to specific projects or pieces of work which will contain very clear information for you on how your information is being used.
Legal and Governance
The department consists of Legal Services, Information Governance, Electoral Services, the Civic Office and Democratic Services.
Human Resources
The department consists of services such as employee relationship, training and occupational health as well as recruitment.
Resources
The Resources department consists of the following: Financial Services, Commercial Group, Cemeteries, cremation and registrars.
Peterborough City Council may disclose Council Tax data it holds in relation to its functions to Office of National Statistics (ONS) under section 45A of the Statistics and Registration Service Act 2007. The ONS is responsible for the collecting, analysing and disseminating statistics about the UK’s economy, society and population. We will share your data with the ONS to help with the production of statistics related to the economy, population and society and to help with the Census. Details of the information we will share and how it will be used can be viewed on the ONS website.
Growth and Regeneration
The Growth and Regeneration directorate is in charge of driving that growth and overseeing major regeneration projects in the city. It includes Planning, Highways and Transport and Waste. It also includes City Services and External Communications, Regulatory Services such as Trading Standards and Environmental Health.
Public Health
The teams within the Public Health directorate help people to stay healthy, and protecting them from threats to their health.
People and Communities
This directorate is responsible for ensuring the needs of our residents are met, particularly those that are most vulnerable. The directorate includes five service directorates as below:
- Children’s and Safeguarding
- Adult Social Care
- Communities & Safety
- Commissioning
- Education
Law enforcement and fraud
We have certain functions such as Trading Standards, Environmental Health and other enforcement services.
In these instances, data that is identified for the prevention, investigation, detection or prosecution of criminal offences, or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security is processed under the provisions of Part 3 of the Data Protection Act. This is because it is necessary for the purpose of law enforcement purposes.
The access to your rights will remain the same as described in this notice.
Our legal basis for the processing personal data will be where it is necessary for the law enforcement purpose i.e. the prevention, investigation, detection and prosecution of criminal offences as we are required to do so by law. We will only conduct sensitive processing under Part 3 of the Act where it is necessary for us to meet our duties such as preventing fraud or detecting criminal offences.
We are under a duty to protect the public funds we administer and to this end may lawfully use and disclose information to other public sector agencies for the purpose of:
- Preventing or detecting fraud and any other crime and/or to administer council tax
- Protecting public funds in investigating misuse of public money
The Cabinet Office currently require us to participate in a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the National Fraud Initiative for matching for each exercise, and these are set out in guidance, which can be found on the National Fraud Initiative page of GOV.UK.
The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under its powers in Part 6 of the Local Audit and Accountability Act 2014. Data matching by the Cabinet Office is subject to a Code of Practice, the code of practice can be found on GOV.UK.
Security
We use appropriate technical, organisational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorised access, disclosure, alteration and destruction. We have written procedures and policies which are regularly audited, and the audits are reviewed at senior level.
Automated decision making or profiling
No decision will be made about you solely on the basis of automated decision making (where a decision is taken about you using an electronic system without human involvement) which has a significant impact on you.
Cookies
Cookies are small text files that are placed on your browser, you can find out which cookies we use and why on our cookies page.
Your rights
You have rights under Data Protection and these are stated on our Data Protection Rights page.
The request will be submitted to the Data Protection Officer and the Information Governance Service. There are reasons why we may not be able to agree to your request, but we will explain why and always look to see how we can help you.
Complaints
If you are unhappy about how your information has been collected, used or stored then you can complain to:
The Data Protection Officer for Peterborough City Council is shown below:
Ben Stevenson
Peterborough City Council
Town Hall
Bridge Street
Peterborough
PE1 1HG
dataprotection@peterborough.gov.uk
The Information Commissioner’s Office is the UK's independent body set up to uphold information rights. Their role is to uphold information rights in the public interest. They can be contacted as below:
The Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 01625 545700
http://www.ico.org.uk
Changes to our policy
We keep our privacy notice under regular review, and we will make new versions available on our privacy notice page on our website.