Privacy policy

What the privacy policy is

This privacy policy explains how Renfrewshire Council (referred to in this policy as ‘we’, ‘us’ or ‘the council’) uses information about you and how we look after it. We need to process personal information about you so that we can provide better services for you.

What personal information is

Personal information is anything that identifies and relates to you.

It can include information that can be used with other information to identify you.

For example, this could be your:

name
address
contact details
bank details
personal and family history
identification numbers
online identifiers.

Special category information

Some personal information is more sensitive and needs more protection.

This is often very personal to you such as information about your:

racial or ethnic background
genetic or biometric data
health
political opinions
religious or philosophical beliefs
sex life
sexual orientation
trade union membership.

We get most of the personal information we use from you and from what we learn about you through your interactions with us.

We may also get some information about you from:

the technology you use to access our services
information you make public on social media
family members
your legal representative
referees
employers
information from publicly available sources
health and education providers
commissioned partners
regulatory bodies
police and other local authorities.

Why we need your personal information

We may need to use your personal information to:

deliver services and support to you
manage those services we provide to you
train and manage the employment of our workers
help investigate any worries or complaints you have about our services
keep track of spending on services
check the quality of services
help with research and planning of current and new services
protect public funds and prevent and detect crime and fraud.

There are circumstances when you are required by law or contract to provide personal information.

How we look after your information

When we ask you for personal information, we will:

make sure you know why we need it
ask only for what we need
protect your personal information and make sure nobody has access to it who shouldn't
take proportionate precautions to prevent the loss, misuse or destruction of your personal information
let you know if we share it with any other organisations to give you better public services
make sure we don't keep it longer than necessary, and
not make your personal information available for commercial use without your permission.

In return, we ask you to:

give us accurate information, and
tell us as soon as possible if there are any changes, such as a new address.

This helps us to keep your information reliable and up to date.

Consent

We will not ask for consent in cases where we need to process your information to carry out our public functions.

If we have asked for your consent to process your information, you have the right to withdraw this, in whole or in part, at any time. We will explain any consequences of this to you, including any impact on the service we are delivering.

Who we share your personal information with

Sometimes we have a legal duty to provide personal information to other organisations.

For example, we share certain data with other public bodies such as Her Majesty's Revenue and Customs (HMRC) and will do so where the law requires this.

We also generally comply with requests for specific information from other regulatory and law enforcement bodies where this is necessary and proportionate.

Information is also used by the council to improve the services we deliver to you.

Profiling and automatic decision making

The council does not use profiling or automated decision-making processes. Some processes are semi-automated such as anti-fraud data matching, but a human decision maker will always be involved before any decision is reached in relation to you.

Transfer of personal information outside the UK or European Economic Area

We will not transfer personal data outside the European Economic Area (EEA) unless this cannot be avoided.

We’ll only transfer data outside the UK and the EEA when we are satisfied that the party which will handle the data and the country it is processing it in will provide adequate safeguards for personal privacy.

On the occasions when we do transfer your information outside the UK or the European Economic Area, we'll inform you.

How long we keep your personal information

We'll only keep your information as long as we need to.

Full details of how long the council usually retains your information can be found in the council's Retention and Disposal Schedule.

However, there may be circumstances where we may need to keep your information for longer. Once we no longer need to keep your information, it will be securely destroyed.

Your rights in relation to your personal information

You have a number of rights in relation to the personal information we collect and use about you.

Further information about these rights can be found on the Information Commissioner's individual rights page.

You have the following rights:

the right to be informed about how your information will be used.
the right of access to your personal information.
the right to rectification, which is the right to require the council to correct any mistakes.
the right to request the erasure of any personal information held by the council where the council no longer has legal reason to hold the information.
the right to request that your information is only processed in certain ways.
the right to data portability.

The right to object to the council processing your personal information.

These are not absolute rights are there may be circumstances where the council is legally obliged to process your information in a particular way.

For example, your details will be accessed by the council staff who need this to provide you with a service and if the service is provided by an external agency, that agency. We are also legally obliged to protect public funds, so details will be checked internally for fraud prevention and verification purposes and may be shared with other public bodies for the same purpose.

Right to be informed

Our Data Protection Officer, Allison Black, monitors Renfrewshire Council's compliance with the law and can deal with any concerns you have about how we handle personal data.

You have the right to ask more details on:

what information we hold about you and how to ask us to correct any mistakes
agreements we have with other organisations for sharing information
circumstances where we can pass on your information without telling you, for example, to prevent and detect crime or produce anonymised statistics
our instructions to staff on how to collect, use and delete your personal information and
how we check information we hold is accurate and up to date.

You can exercise any of these rights by contacting us:

Right to complain

When we ask you for information, we will abide by all relevant legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

However, if you are unhappy with the way we process your personal data you have the right to complain.

Any complaints regarding your data should be addressed to the Data Protection Officer, Allison Black on dataprotection@renfrewshire.gov.uk.

If the matter is not resolved, you can contact the Information Commissioner's Office, who can also provide independent data protection advice. The address and contact details for the Information Commissioner's Officer are:

45 Melville Street
Edinburgh
EH3 7HL
telephone: 0303 123 1115
email: scotland@ico.org.uk

Adult care and health

Benefits and money

Bins and recycling

Business and licensing

Children, young people and families

Community and neighbourhood

Council tax

Education, schools and adult learning

Housing

Jobs, careers and volunteering

Parking, roads and transport

Parks, libraries and culture

Planning and land

Registrations

About HSCP

Council and elections

Staff info