Information Security Breaches Privacy Notice

Privacy notice name
Information Security Breaches Privacy Notice
Last updated
Monday, 13 August 2018
Introduction

There are multiple situations that would constitute an information security breach and we deal with each on a case by case basis. Our Information Governance Policy aims to meet the standards of the following legal frameworks:

  • The Data Protection Act.
  • The Computer Misuse Act.
What personal information we collect

We collect personal information to make sure that we can carry out our work. The personal information we collect includes:

  • Name.
  • Age and date of birth.
  • Address.
  • Gender.
  • Telephone number.
  • Marital status.
  • National Insurance number.
  • Bank details.
  • Passport number.
  • Insurance details.
  • Medical records.
  • Health.
  • Religion.
  • Ethnicity.
  • Disability.
  • Sexuality.
  • Memberships.
  • Political opinion.
  • Nationality.
  • Photographs.
  • Criminal or offending data.
  • Attainment or educational data.
  • Employment data.
  • Vehicle registration.
  • Driving license number.
Who we collect personal information about

When we collect personal information it may be about:

  • Customers.
  • Employees.
  • Named individuals.
  • Service users.
How we use personal information

We use your personal information to:

  • Undertake corporate administration activity.
  • Undertake reviews and investigations.
  • Manage disciplinary actions.
  • Improve corporate procedures.
Why we use your personal information

We are required by law to process data in a way that ensures your personal information is secure. This is detailed in legislation and guidance including:

  • General Data Protection Regulation (GDPR)
  • Data Protection Act 2018

We are allowed to process personal and sensitive data for the following reasons under the General Data Protection Regulation (GDPR) Articles and the Data Protection Act:

  • To comply with a legal obligation.
  • Substantial public interest.
Who we share your personal information with

We collect information from and disclose information to individuals and organisations that can support our work including:

  • Affected parties.
  • Council departments.
  • Courts and tribunals.
  • Councillors.
  • Employers.
  • Financial organisations.
  • Healthcare organisations.
  • Housing associations.
  • Individuals.
  • Law enforcement and prosecuting agencies.
  • Licensing authorities.
  • Ombudsman and regulatory bodies.
  • Other public bodies, authorities.
  • Partner agencies.
  • Schools and higher education providers.
  • Service providers.
  • Training providers.
Automated decision about your personal information
This service doesn't make any decisions using computers or programmes that don't involve a human being when using your personal information.
How long we keep your personal information
There is no minimum legal time limit for how long this service needs to store your information so we will only keep your information for as long as is necessary to provide the service you have asked us for.
Transferring personal information beyond the EEA
This service doesn't transfer your information outside the European Economic Area (EEA).

We do not routinely share data with any organisation outside the UK, but our website is available across the internet and we communicate with applicants and stakeholders wherever they are.
Related content
Contact

Contact the team