The General Data Protection Regulation (GDPR)
Sunningwell Parish Council (SPC) undertakes to collect and use the personal data of residents of the parish who have consented to the holding of specified personal information in compliance with the General Data Protection Regulation (GDPR). Our legal basis for processing this data is our legitimate interest as a parish council wishing to communicate with parishioners in order to convey information related to parish council activities which SPC considers to be in the interest of parishioners. All information held is that received from the data subjects with their own consent. We use the data for the administration of the parish database the communication of information and the organisation of SPC sponsored events.
This information will be recorded in our parish residents’ database, which is stored offline in compliance with the GDPR. Our residents’ data is used only for SPC administration and is not sold or shared with any other organisation other than to enable us to send bulk emails and as may be required by law. Your personal data is not passed on by us for use by any other third parties.
In addition we may hold data relating to people and organisations from whom we are seeking or have already obtained the provision of goods or services for the Parish. We will manage such data in a similar manner to that held in respect of residents save that they will not be included in our residents mailing list.
Information about our data use policies, including how you can see what data we hold about you, how you can limit its use and how you can ask for inaccuracies in data to be corrected is set out below and may also be obtained from the parish clerk upon written request.
Personal data collected
The data we routinely collect includes names, addresses, email addresses and telephone numbers of residents who live in Sunningwell Parish.
Use of data
We use residents’ data for SPC administration; the communication of council and other information relevant to the parish and the organisation of council sponsored events and to enable parishioners to respond easily to any messages sent.
Sharing of data
Our residents’ data is used only for SPC administration and is not sold or shared with any other organisation other than to enable us to send bulk emails and as may be required by law. Your personal data is not passed on by us for use by any other third parties.
Source of the data
Data is provided voluntarily by parish residents themselves.
In addition we may hold data relating to people and organisations from whom we are seeking or have already obtained the provision of goods or services for the Parish or in respect of any person or organisation from within or outside the parish who communicates with us. We will manage such data in a similar manner to that held in respect of residents who have requested to be added to the mailing list save that they will not be included in our residents mailing list.
Storage of data
SPC personal record data is mainly stored in digital form on computers and also in the form of written documents kept at the home of the parish clerk.
Responsibility for compliance with the relevant laws and regulations
Under the GDPR (General Data Protection Regulation) we do not have a statutory requirement to have a Data Protection Officer. The person who is responsible for ensuring that SPC discharges its obligations under the GDPR is the Parish Clerk, Brian Rixon.
Access to personal data
In the event that the parish clerk is not available the SPC Chairman and / or the Vice Chairman for the time being may be given access to residents’ data in order for them to carry out legitimate tasks for SPC.
Legal basis for collecting of personal data
SPC collects personal data of parishioners by consent and for the purposes of its legitimate interests as a parish council wishing to communicate with parishioners.
Checking what data we hold about you
If you want to know the data we hold about you, you should contact the parish clerk.
You can contact us with a “Subject Access Request” if you want to ask us to provide you with any other information we hold about you. If you are interested in any particular aspects, specifying them will help us to provide you with what you need quickly and efficiently. We are required to provide this to you within one month.
There is not usually a fee for this, though we can charge a reasonable fee based on the administrative cost of providing the information if a request is manifestly unfounded or excessive, or for requests for further copies of the same information.
Collection of “special” data
The GDPR refers to sensitive personal data as “special categories of personal data”.
SPC does not normally record any such special data; the only data we might record would relate to the disability of a parishioner who might have special requirements for access to SPC sponsored events or who might have allergies details of which those catering for a SPC sponsored event might need to be made aware. Such information would only be recorded following an explicit request by or on behalf of the parishioner concerned. If you wish to change this data on your record you can do so at any time by contacting the parish clerk.
Requesting for data to be removed, limited or corrected
Part or all of your data record will be corrected or removed from our database upon receipt of a written request from the data subject ie the parishioner concerned.
These options can be implemented by contacting the parish clerk: clerk@sunningwell-pc.gov.uk
Length of time personal data is kept
We normally keep parishioners’ data whilst they are resident in the parish. We will normally delete any resident’s contact details entirely upon becoming aware that they are no longer resident in the parish. However any parishioner may have their data deleted at any time upon written request.
Children
We will not process any data relating to a person known to us as being a child without the express consent of the child’s parent or legal guardian.
Deceased residents
Upon becoming aware of the death of a resident we will remove their data.
Data Information Officer
The Parish Clerk is our Data Information Officer. Please contact him in respect of anything connected with data held by Sunningwell Parish Council: clerk@sunningwell-pc.gov.uk