covid-19 adviceCoronavirus (COVID-19)
Check out the latest information and advice about Coronavirus (COVID-19)

Data Protection Act

Data Protection Act 2018

The Data Protection legislation seeks to protect an individual’s privacy by regulating the way their personal data is processed.

Tamworth Borough Council strives to ensure personal information we collect, use and hold is processed securely and complies with data protection principles outlined in the General Data Protection Regulation (GDPR) and its associated legislation.

Further information can be found at: https://ico.org.uk/

Data Controller / Data Protection Officer
For the purposes of the General Data Protection Regulation (‘GDPR') and the Data Protection Act 2018 Tamworth Borough Council of Marmion House, Lichfield Street, Tamworth, Staffordshire, B79 7BZ is a “controller" of your personal data. Our Data Protection Officer can be contacted by writing to the above address, by telephoning 01827 709266 or by email: data-protection@tamworth.gov.uk

Your rights

Data Protection legislation provides the following rights for individuals:

The right to be informed
You have the right to be informed about the collection and use of your personal data. We will normally do this by way of privacy notices on forms or on our website.

The right of access 
You have the right to request access to the information we hold about you. The information requested will be provided free of charge, however, we may charge a reasonable fee if the request is considered “manifestly unfounded” or “excessive”. We may also charge a fee if you request further copies of information we have already provided to you

The right to rectification
You have the right to request that inaccurate personal information be rectified and incomplete personal information updated.

The right to erasure
You have a right to ask us to erase information about you. This right will only apply where:

  • The personal data is no longer necessary for the purpose which we originally collected it for
  • We are relying on consent as the lawful basis for holding the data and you withdraw that consent
  • We are processing the data for direct marketing purposes and you object to that processing

The majority of processing carried out by the council is governed by legislation, which usually includes how long we have to keep your information. The right of erasure won’t apply where we have a lawful reason to process your data and it is kept in accordance with our retention schedule.

Where your information has been shared with others, we will endeavour to ensure they are aware of your request for erasure.

The right to restrict processing
You have the right to restrict the processing of your personal data where:

  • you contest the accuracy of your personal data and the council needs to verify its accuracy before further processing takes place;
  • the data has been unlawfully processed and you oppose erasure of the data and request restriction of its use instead;

The right to data portability
You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. This is called data portability. However, this only applies if we’re using your personal information with consent (not if we’re required to by law) and if decisions were made by a computer and not a human being.

It’s likely that data portability won’t apply to most of the services you receive from the Council.

You can ask to have any computer made decisions explained to you, and details of how we may have ‘risk profiled’ you

The right to object
You have the right to object to the processing of your personal information.

The right to object only applies in certain circumstances.

Where personal data might lawfully be processed because processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority, a data subject should be entitled to object to the processing of any personal data relating to his or her particular situation. It should be for the Council to demonstrate that its compelling legitimate interest overrides the interests or the fundamental rights and freedoms of the data subject.

Please note that the above rights are not absolute.

The Council can refuse your request. For full details of rights, grounds to exercise them and the exemptions available to the Council please see articles 12 to 23 of the GDPR.

How to exercise my rights:
To request a copy of personal information we may hold (The Right of Access), please complete the online form located here [link to form] alternatively email the Councils Data Protection Officer at: data-protection@tamworth.gov.uk

To exercise any other of your rights under Data Protection legislation, please email: data-protection@tamworth.gov.uk

Useful links:

Contact: Information Governance Team: Tel: 01827 709587 or email: Data-Protection@tamworth.gov.uk

Complaints

If you are unhappy with the way the Council has handled your personal data then please speak with the service area concerned or our Data Protection Officer so we can look into your concerns.

Following this, if you remain unhappy, the ICO is responsible for upholding your rights, ensuring the council is open and protects people’s privacy.

Read more about the role of ICO: The Information Commissioner's Office (ICO) (external website)

Other complaints
If you are not satisfied with the service you have received generally, you can contact us using the Council's Tell Us Policy.

 

Protecting public funds - Data matching and the National Fraud Initiative

This authority is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for auditing or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.

The Cabinet Office is responsible for carrying out data matching exercises.

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency that requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

We participate in the Cabinet Office's National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office for matching for each exercise. Find out more about the data sets here

The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under the Data Protection Act 2018.

Data matching by the Cabinet Office is subject to a Code of Practice.

View further information on the Cabinet Office's legal powers and the reasons why it matches particular information.

For further information on data matching at this authority contact Rebecca Neill, Head of Audit and Governance, Monitoring Officer, email rebecca-neill@tamworth.gov.uk