Skip to main content Skip to accessibility
  Non-Javascript users can confirm they have successfully signed out of MyAccount by clicking here

Information Security Breaches Privacy Notice

Last updated: Monday, 13 August 2018
Please note: the following notice provides additional privacy information to the Rochdale Borough Council privacy notice.

There are multiple situations that would constitute an information security breach and we deal with each on a case by case basis. Our Information Governance Policy aims to meet the standards of the following legal frameworks:

  • The Data Protection Act
  • The Computer Misuse Act

What personal information we collect

We collect personal information to make sure that we can carry out our work. The personal information we collect includes:

  • Name
  • Age and date of birth
  • Address
  • Gender
  • Telephone number
  • Marital status
  • National Insurance number
  • Bank details
  • Passport number
  • Insurance details
  • Medical records
  • Health
  • Religion
  • Ethnicity
  • Disability
  • Sexuality
  • Memberships
  • Political opinion
  • Nationality
  • Photographs
  • Criminal or offending data
  • Attainment or educational data
  • Employment data
  • Vehicle registration
  • Driving license number

Who we collect personal information about

When we collect personal information it may be about:

  • Customers
  • Employees
  • Named individuals
  • Service users

How we use personal information

We use your personal information to:

  • Undertake corporate administration activity
  • Undertake reviews and investigations
  • Manage disciplinary actions
  • Improve corporate procedures

Why we use your personal information

We are required by law to process data in a way that ensures your personal information is secure. This is detailed in legislation and guidance including:

  • General Data Protection Regulation (GDPR)
  • Data Protection Act 2018

We are allowed to process personal and sensitive data for the following reasons under the General Data Protection Regulation (GDPR) Articles and the Data Protection Act:

  • To comply with a legal obligation
  • Substantial public interest

Who we share your personal information with

We collect information from and disclose information to individuals and organisations that can support our work including:

  • Affected parties
  • Council departments
  • Courts and tribunals
  • Councillors
  • Employers
  • Financial organisations
  • Healthcare organisations
  • Housing associations
  • Individuals
  • Law enforcement and prosecuting agencies
  • Licensing authorities
  • Ombudsman and regulatory bodies
  • Other public bodies, authorities
  • Partner agencies
  • Schools and higher education providers
  • Service providers
  • Training providers

When we make an automated decision about your personal information

This service doesn't make any decisions using computers or programmes that don't involve a human being when using your personal information.

How long we keep your personal information

There is no minimum legal time limit for how long this service needs to store your information so we will only keep your information for as long as is necessary to provide the service you have asked us for.

When we transfer your personal information beyond the European Economic Area (EEA)

This service doesn't transfer your information outside the EEA.

We do not routinely share data with any organisation outside the UK, but our website is available across the internet and we communicate with applicants and stakeholders wherever they are.


To request your personal information and exercise your privacy rights please contact:

If you need to raise a concern to our Data Protection Officer about our use of your personal information, please contact:

Information Governance Unit
Number One Riverside
Smith Street
Rochdale OL16 1XU ​

We are registered as a Data Controller with the Information Commissioner's Office.

Our registration number is Z5481774.