Our aim is not to be intrusive, and we will not ask for irrelevant or unnecessary information. The information that you provide will be subject to rigorous measures and procedures to make sure it cannot be accessed by, or disclosed to, anyone who should not see it.
Measures will include encryption, pseudonymisation, access control and system testing. We have a Data Protection Policy and an ICT Code of Practice. These define our commitments and responsibilities to privacy and cover a range of information security areas.
We provide initial and refresher training to all staff on how to handle personal data.
We will not keep your information longer than is necessary and when we dispose of physical or digital records we will do so in a secure way.
Where the council is considering using new or potentially intrusive technologies that could impact on individual privacy we will undertake a Data Protection Impact Assessment (DPIA), which may be subject to review and approval by the Information Commissioner's Office.