Site Alert
Due to scheduled system maintenance, our Public Access (Planning) and Modern Gov (Councillor, Committee and Meeting info) systems will be temporarily unavailable this weekend. We apologise for any inconvenience caused.

Data Protection and GDPR

Information about your rights and how we use your data under GDPR

The General Data Protection Regulation (GDPR) came into effect on 25 May 2018. This was enacted in UK law by the Data Protection Act (DPA) 2018 and replaces the Data Protection Act 1998. As of January 1 2021 all references to GDPR now refer to UK GDPR.

There are several major changes caused by this change. These include:

  • individuals must be provided with more information when collecting their personal information
  • there are new regulations surrounding gaining consent. Both consent and explicit consent now require clear affirmative action. In other words, options must be opt in not opt out
  • data that has been used to complete its original purpose must be deleted. It cannot be reused for different circumstances unless the new purpose complies with the old one
  • individuals can revoke their consent to data processing at any time. It must be easy for them to do so
  • the data controller (in this case, ourselves) now has 72 hours to notify data breaches to the Information Commissioners Office (ICO). This is unless the breach is unlikely to result in a risk to data subjects. The ICO acts as the regulatory body for the United Kingdom
  • there is a single national office for complaints. This is the ICO
  • large data controllers (including ourselves) must appoint a Data Protection Officer
  • if we don't comply with GDPR we could face a fine of up to $20,000,000 or 4% of our global annual turnover for the preceding financial year

We have policies in place to deal with your data fairly and security. 

The UK left the European Union on 31 January and enter a Brexit transition period. During this period, which runs until the end of December 2020, it will be business as usual for data protection. We will continue to abide by the principles of the GDPR and DPA along with the guidance provided by the Information Commissioners Office

Information about the General Data Protection Act and its requirements on collecting and storing data
Information regarding the National Fraud initiative
Our Corporate Privacy Statement explains how we will handle your personal information

Share this page

Share on Facebook Share on Twitter Share by email


Print this page