Information about you

Fair processing

Our basic legal requirement is to make sure you know what we intend to do with your information and who it will be shared with.

There may be times when we share your information with those who work on our behalf to provide you with the service you need.

Sometimes we may need to ask other agencies or organisations for relevant information about you, to fulfil our legal responsibilities or to provide services. For example, this could be to enable them to carry out their legal duties, or where it is necessary to prevent harm to yourself or other individuals.

We have a duty to:

  • keep sufficient information to provide services and fulfil our legal responsibilities
  • keep your records secure and accurate
  • keep your information only for as long as is required

You can help us by:

  • letting us know when you change address or name
  • telling us if any of the information we hold about you is wrong
  • allowing us to share as much information about you as we need to

We will only process your personal data if either:

  • you have given consent to the processing
  • you have entered into a contract with us or on your request we are taking steps to entering into a contract with you
  • we must comply with a legal obligation
  • we must protect your vital interests or those of another person
  • we must carry out a task that is in the public interest
  • we must pursue our legitimate interests or those of a third party

Service-level privacy notices (PDF 228.64KB)

Personal data

'Personal data' is any information about a person where the information includes details that can be used to identify the person – for example, by name, location, a reference number or a description.

Special categories of personal data

Some types of data are classified in special categories – for example:

  • racial or ethnic origin
  • political opinions
  • religious or philosophical beliefs
  • trade union membership
  • sex life or sexual orientation
  • health data
  • genetic data
  • biometric data for the purpose of uniquely identifying a person

We will only process special categories of personal data if either:

  • you have given explicit consent to the processing
  • we must carry out tasks under employment, social security or social collective law
  • we must protect the vital interests of a person who is physically or legally unable to give consent
  • processing relates only to members or former members of the council – or those who have regular contact with it in connection with those purposes – and provided there is no disclosure to a third party without consent
  • data has already been made public by the individual
  • we must establish, exercise or defend a legal claim
  • processing is necessary for reasons of substantial public interest
  • processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of law or a contract with a health professional
  • we must protect the public interest in public health
  • we must enable archiving of data that has a public interest – that is, scientific research, historical research or for statistical purposes

Criminal offence data

We are a 'competent authority' for the purposes of law enforcement, and are required to process criminal offence data. Departments that must process criminal offence data include our Youth Offending service and Corporate Fraud service.

Criminal offence data is personal data that relates to criminal convictions, including types of data about criminal allegations, proceedings or convictions that would have been classed as 'sensitive personal data' under data protection law.

Criminal records disclosed during the recruitment process are not processed as criminal offence data for the purposes of law enforcement.

Law enforcement purposes refer to the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and the prevention of threat to public security.

We will only process criminal offence data if:

  • one of the conditions listed for 'sensitive personal data' above applies
  • we are processing the data in an official capacity, or have specific legal authorisation and are compliant with additional safeguards set out in data protection legislation

Closed Circuit Television (CCTV)

We use CCTV:

  • for public safety
  • for the safety of our staff
  • to help prevent, detect, investigate and prosecute any criminal offence

We may use CCTV for other purposes where we have procedures in place to explain its use.

For further information, go to use of CCTV.

Why we collect and store personal data

For some of our services we need your data so we can get in touch with you, or provide the service. We always try to make sure the information we collect is correct and isn't an invasion of your privacy.

When we don't directly provide the service, we may need to pass your personal data to the people who do provide the service. They must keep your details safe and secure, and use them only to fulfil your request. We will usually only pass your sensitive personal data onto a third party once we have your permission, unless we are legally required to do so.

How long we keep your information

In some instances the law sets the length of time information has to be kept. In most cases, however, we use our discretion to make sure we don't keep records for longer than we need to.

We will always try to keep your personal data secure, whether it is held on paper or electronically. Our privacy statement is our commitment to you when you access our services online.

Using your personal data

We will use the information you provide:

  • for the provision of council services
  • for regulatory, licensing and enforcement functions
  • for all financial transactions, including payments, grants and benefits
  • to ask your opinion on specific products and services for which you've provided information
  • to make sure we meet our legal obligations, including those related to diversity and equal opportunity
  • to train our employees
  • to investigate any complaints you might have about services we deliver
  • to keep track of spending on our services
  • to help with research and planning of new services

Profiling and automated decision-making

Profiling means any form of automated processing that uses personal data to:

  • evaluate certain personal aspects relating to a person
  • analyse or predict aspects of a person's economic and health situation, reliability, personal preferences and interests

Automated-decision making means any processing that is carried out by automated means without any human review element in the decision-making. We will make sure we obtain your consent, or there is intervention by a real person, for any automated decision-making that has legal effects or similar significant effects on you – for example, electronic recruitment.

We may use your information from the services with which you engage to create a single view and profile of you. This will help us better understand your specific needs and make sure we are providing the right and efficient services to you for your needs. It will also create one accurate record of your basic personal data across all our services, and special categories of data where required.

Profiling will be carried out only when necessary to provide you with the service you requested, or where required by law, or where the law allows. We will notify you if we do this and will ask for your consent where required.

Your rights

You have the right to:

  • be informed about how and why your data is being processed
  • access the data held about you
  • request changes to be made if the data we hold about you is wrong
  • request that the data we hold about you be deleted, in certain circumstances
  • request that we limit the processing of your data, in certain circumstances
  • data portability – this means we may be able to transfer the data we hold about you to another organisation
  • object to your data being processed, in certain circumstances
  • withdraw your consent if we have used consent as a legal basis
  • complain about the way your data has been processed
  • be told if decisions are being made using automated methods or if profiling is taking place

You should contact us using the details at the end of this page if you would like to:

  • make a request for your data to be changed, deleted or transferred to another supplier
  • withdraw the consent you have given to us to process your data – withdrawing consent may have an impact on the services we are able to provide to you
  • complain about the way your data has been handled
  • make another request with regards to the list of rights above

You can download a detailed guide to your rights below.

Data protection – a guide to your rights (PDF 170.22KB)

How we accept your data

Sometimes someone may call us on your behalf. We will accept calls in good faith and record information we are told about on your record. If we need to send a staff member out to investigate or fix anything, we will.

Sometimes we find the calls were a hoax, or misleading. We do not wish to put bureaucracy in the way of services, however, by refusing to act in good faith – especially in an emergency.

Although we may take calls about you or your account, we will not talk about you or your account with anyone but you, unless you have given us permission to do so.

You should contact us immediately if you suspect someone unauthorised has called us and put incorrect information on your record.

Data Protection Officer (DPO)
Information Management team, Thurrock Council, Civic Offices, New Road, Grays, RM17 6SL

: information.matters@thurrock.gov.uk

You should use our complaints process if you are a concerned that we have misused your personal information.

Obligation to provide personal data

When you provide data to us it is often on a voluntary basis, but sometimes there is a statutory duty or contractual obligation for you to provide us with your data. Examples include:

  • if you enter into an agreement with us – for example, to rent a property or borrow from a library
  • if you request a service from us – for example, applying for a taxi licence

You are also obliged provide us with your personal details in relation to statutory services such as council tax or children's social care.

Your right to complain to the Information Commissioner's Office

If you are unhappy about we have processed your data, you can refer your case to the Information Commissioner's Office (ICO). In most cases, the ICO will not consider your case until the matter has been considered by us first.