Data Protection An essential activity within the council is the requirement to gather and process information about the staff and people who use and deliver our services. This will be done in accordance with the General Data Protection Regulations (GDPR) (2018), the Data Protection Act 2018 (The Act) and other related government legislation.
Information held by Parish Council A data audit of all personal data has been carried out. This includes:
1. What is held
2. Where it came from
3. Who it is shared with
4. The legal basis for holding it
5. Whether consent is necessary
6. How it is protected
In addition, the Parish Council is aware of the ICO’s code of practice and the risk to information privacy. In particular the Parish Council looks to minimise this risk by looking to ensure personal information is:
· Accurate and up to date
· Not kept too long
· Not disclosed to those who the person it relates to does not wish to have
· Not used in ways that are unacceptable to or unexpectedly by the person it is about
· Kept securely
Policies and Procedures The Parish Council has reviewed and amended all of its policies and procedures in order that they cover all the rights which individuals have (see attached):
Children The Parish Council does not hold any information / data on any child.
Data Protection Officer The Parish Council is awaiting (Aug 2018) advice from NALC on whether a Data Protection Officer is required.