Privacy Notices - Environmental Health and Trading Standards; requests for service or complaints Privacy Notice

Introduction

As part of its Statutory Duties in the Environmental Health and Trading Standards topic areas, we collect and process personal data relating to the people who report issues to them, and to other people or addresses that those people may be concerned about. The Council is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

What is a Privacy Notice?

A Privacy Notice is a statement issued by an organisation such as the Council which explains how personal and confidential data about individuals is collected, used and shared.

Who is collecting and using your personal data?

Swindon Borough Council will act as a “Data Controller” for any personal data that you provide to us. We will ensure that the data given to us is processed in line with our Data Protection Act 2018 /and the UK General Data Protection Regulations. (GDPR).

To find out more about Swindon Borough Council’s data protection policies please contact our Data Protection Officer. dataprotection@swindon.gov.uk or in writing to:

Data Protection Officer
Civic Offices
Euclid Street
Swindon
Wiltshire
SN1 2JH

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of data is governed by the Data Protection Act 2018/UK GDPR.

What personal data do we collect?

The Environmental Health and Trading Standards teams may collect a range of information about you concerning that which you are seeking to bring to the Council’s attention.

This includes:

  • your personal and contact details such as but not limited to your name, location, landlord, date of birth, gender, address and telephone number
  • Details of who you wish to complain about or raise concerns about, such as their name, address, and what they may be doing to give rise to concerns
  • details of how that affects you and others
  • witness details and statements where applicable
  • details of any supporting evidence
  • feedback information and recommendations
  • we collect this information via online forms or in person by telephone, email, or face to face

We will seek further information if applicable, from you, or witnesses, or others to support any investigation we may make.

Data will be stored electronically on SBC IT systems (including email).

How do we process your personal data?

We comply with our obligations under the UK GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

Why do we need your personal information?

In completing the report forms we use to collect the data, you consent for us to use it in accordance with the relevant articles. 

The Council needs to process data to undertake legislative requirements for the concerns you are reporting to us, for a public task, to monitor performance, and/or to feedback to you what we have done in the course of dealing with your concerns.

We may also have a legitimate interest in processing the personal data.

How the law allows us to use your information?

We must always ensure that processing your data is generally lawful, fair and transparent and complies with all the other principles and requirements of the Data Protection ACT 2018/UK GDPR.

Article 6 – 

(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

(e) Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.

Article 9 – 

Article 9(2)(g) permits you to process special category data if:
“processing is necessary for reasons of substantial public interest, on the basis of Domestic Law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject”.

Schedule 1 of DPA 2018:

  • 6. Statutory and government purposes
Who do we share your information with?

Your data may be shared internally where needed to be for the purpose you contacted us about, such as if another team deals with the issue you are concerned about and we need to refer your case, or if we have a legal duty to do share it.

How do we protect your information?

We will do what we can to make sure we hold records about you (electronically) in a secure way, and we will only make them available to those who have a right to see them.

We will maintain the reliability, accuracy, completeness and currency of personal data in our databases and to protect the privacy and security of our databases. We keep your personal data only for as long as reasonably necessary for the purposes for which it was collected.

Our servers and databases are protected by industry standard security technology.

How long do we keep your personal information?

We may keep your personal information for up to seven years.

What you can do with your information?

Under data protection law, you have the following rights:

  • Your right of access - You have the right to ask us for copies of your personal information.
  • Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
Your right to complain

In the event that you wish to complain about the way that your personal data has been handled by Swindon Borough Council, you should write to our Data Protection Officer and clearly outline your case. Your complaint will then be investigated in accordance with our customer complaint and data protection incident procedures.

Data Protection Office

You can contact our Data Protection officer by email:

DataProtection@swindon.gov.uk

If you remain dissatisfied with the way your personal data has been handled, you have the right to complain to the Information Commissioner’s Office at www.ICO.org.uk.

You may refer the matter to the Information Commissioner’s Office whose contact details are below:
Information Commissioner’s Office

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Email: casework@ico.org.uk

The ICO website also contains information on data protection and your rights and remedies.

What if you do not provide personal data?

If you do not provide personal data, we will be unable to investigate the issue that concerns you, nor tell you that we will not.

How will we ensure compliance?

All staff are regularly trained on data handling. Regular audits take place to ensure we process data properly.

Main privacy notice

You are viewing the Privacy Notice for Environmental Health and Trading Standards; requests for service or complaints.

Read the main Privacy Notice