In order to deliver services in an effective way the Council will need to collect and use personal information about you. Your privacy is important to us and the Council will process the information you provide in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018. Your data will be kept secure and confidential and the Council will only collect the personal information that is required to provide efficient services to you.
The type of personal data the Council collects will depend on the specific service being provided, but may include data such as name, contact details, and financial details. Where appropriate, the Council may also need to collect ‘special category’ data (racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health data, data concerning a person’s sex life, or sexual orientation) and/or criminal conviction data.
Under Data Protection legislation, the Council must have a lawful basis for any personal data it processes. The majority of personal data processed by the Council is under the lawful basis of ‘Public Task’ which means ‘processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority”.
To ensure that the Council provides you with an efficient and effective service, it will sometimes need to share your personal data with other partner organisations that support the delivery of the service you may receive. This may include:
The Council may also need to supply your personal data to other organisations it has contracted to provide a service to you. The Council will not make any disclosures to third parties for marketing purposes unless you give us your consent to do so.
The Council has a duty to protect the public funds it administers and may use the personal data provided by you, as well as data matching techniques, to detect and prevent fraud. The Council will also make any disclosures required by law and may also share this information with other bodies responsible for detecting/preventing fraud or auditing/administering public funds to ensure money is targeted and spent in the most appropriate and cost effective way. In order to achieve this, information may be shared with other internal departments within Pembrokeshire County Council and with Audit Wales.
The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found by visiting: CIFAS
Under the UK General Data Protection Regulation, you have rights as an individual which you can exercise in relation to the information we hold about you:
The Council takes any complaints received about Data Protection seriously and encourages people to bring to our attention if they believe that our collection or use of personal data is unfair, misleading or inappropriate.
This Privacy Statement and the individual service Privacy Notices do not provide exhaustive details of all aspects of our collection and use of personal data. However, the Council is happy to provide any additional information or explanation needed.
Any complaints or requests for this should be sent to the address below:
Data Protection Officer
Pembrokeshire County Council
Email: email@example.com Telephone: 01437 764551
If you want to make a complaint about the way the Council has processed your personal data, you can contact the Information Commissioner’s Office as the statutory body which oversees Data Protection law:
Information Commissioner’s Office
Email firstname.lastname@example.org Telephone no: 0303 1231113
Pembrokeshire County Council will use your personal data for the provision of services, including those detailed in the structure below. For individual service Privacy Notices select the headings below.
Pembrokeshire County Council endeavours to meet the highest standards when collecting and using personal data. A Data Protection Policy is in place which all employees have to sign up to on commencement of their employment and regular training is provided. A small dedicated Data Protection Team is in place to offer advice and assistance with monitoring compliance.
As a Local Authority, Pembrokeshire County Council delivers services to you – examples of the types of service provided (and links to individual service Privacy Notices) are listed on the Departmental Privacy Notices page.
The Council will keep your personal data for as long as it is required by us or other regulatory bodies, and in accordance with our Local Authority Retention and Disposal Schedules & Retention Schedule for Schools. In most cases this will be a minimum of 6 years. Your personal data will be securely disposed of once it is no longer required.
You can find out if the Council holds any personal data by making a subject access request under the Data Protection Act 2018.