Following the changes to Government advice, the Compliance & Customer Relations Team are working from home. We will therefore not be able to collect correspondence sent via post. All our services remain up and running as normal with staff working from home. Please contact the team electronically using the links at the foot of this page. We aim to respond to you as soon as we are able. However, during the ongoing Coronavirus Pandemic, there may be a delay in responding to your enquiry and we ask for your patience should the response be delayed.
Following the changes to Government advice, the Compliance & Customer Relations Team are working from home. We will therefore not be able to collect correspondence sent via post. All our services remain up and running as normal with staff working from home. Please contact the team electronically using the links at the foot of this page.
The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 govern how we collect, use and process personal information and gives individuals a number of rights regarding their personal information. The principles laid down by the GDPR are:
- lawfulness, fairness and transparency - personal data shall be processed lawfully, fairly and in a transparent manner in relation to individuals
- purpose limitation - personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- data minimisation - personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
- accuracy - personal data shall be accurate and, where necessary, kept up to date
- storage limitation - personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
- integrity and confidentiality - personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
- accountability – the data controller shall be responsible for, and be able to demonstrate compliance with, the principles
Your rights under GDPR
Data Protection Impact Assessments
DPIA's are carried out within the Council for all new projects and changes of service where personal information will be processed in a different manner. We are currently unable to make these available online, however, more information can be provided by emailing email@example.com.
How to use your right or make a complaint
Apply by completing the online Subject Access Request form.
Alternatively, please print and complete the Subject Access Request (SAR) - request form (MS Word, 332KB)
Please email your request to: firstname.lastname@example.org or post to The Data Protection Officer, 1st Floor Westfields, c/o Municipal Buildings, Earle Street, Crewe, CW1 2BJ
If you are not satisfied with our response you can complain to the Information Commissioner.