Privacy

PRIVACY NOTICE

Last updated 18.01.2021

 

Thank you for choosing to be part of our community at West Fen Parish Meeting (“we”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at stickneypc@aol.com.

When you visit our website https://west-fen.parish.lincolnshire.gov.uk/ (the "Website"), and more generally, use any of our services (the "Services", which include the Website), we appreciate that you are trusting us with your personal information. We take your privacy very seriously. In this privacy notice, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.

This privacy notice applies to all information collected through our Services (which, as described above, includes our Website), as well as any related services, sales, marketing or events.

Please read this privacy notice carefully as it will help you understand what we do with the information that we collect.

 

TABLE OF CONTENTS

1. WHAT INFORMATION DO WE COLLECT?

2. WILL YOUR INFORMATION BE SHARED WITH ANYONE?

3. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

4. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

5. HOW LONG DO WE KEEP YOUR INFORMATION?

6. DO WE COLLECT INFORMATION FROM MINORS?

7. WHAT ARE YOUR PRIVACY RIGHTS?

8. CONTROLS FOR DO-NOT-TRACK FEATURES

9. DO WE MAKE UPDATES TO THIS NOTICE?

10. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

11. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

12. WHAT IF THERE IS A BREACH OF THE WEST FEN PARISH MEETING DATA PROTECTION POLICY LEADING TO A LOSS OF MY PERSONAL INFORMATION?

 

1.WHAT INFORMATION DO WE COLLECT?

In Short: All records created, received or maintained by West Fen Parish Meeting in the course of carrying out its functions. These records may be created, received or maintained in hard copy or electronically. A small percentage of West Fen Parish Meeting records may be selected for permanent preservation as part of our archives and for historical research.

There is no definitive list of all types of information that we may collect or receive, but it would include things like personal contact details for our officers, local residents and third parties whom engage with us. It would also include documents or communications received by the Parish Meeting, and records of meetings that have been held.

 

2. WILL YOUR INFORMATION BE SHARED WITH ANYONE?

In Short:  We only share information either with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business or our legal obligations and duties.

We may process or share your data that we hold based on the following legal basis:

  • Consent: We may process your data if you have given us specific consent to use your personal information in a specific purpose.
     
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests, including for the functionality of organising and conducting our legitimate business.
     
  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
     
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
     
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of our assets, financing, or acquisition of all or a portion of our business to another local authority or company.

 

3. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short:  We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice.

 

4. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

In Short:  We may transfer, store, and process your information in countries other than your own.

Our website facilities and servers are provided by Lincolnshire County Council. For further details of the location of those servers please contact them. If you are accessing our Website from outside, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information (see "WILL YOUR INFORMATION BE SHARED WITH ANYONE?" above), in and other countries.

If you are a resident in the European Economic Area, then these countries may not necessarily have data protection laws or other similar laws as comprehensive as those in your country. We will however take all necessary measures to protect your personal information in accordance with this privacy notice and applicable law.

 

 

 

5. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short:  We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this notice will require us keeping your personal information.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

The retention schedule below is an example for certain types of documents, and it refers to record series regardless of the media in which they are stored.

Document

Minimum Retention Period

Reason

Minutes

 

 

Minutes of Council meetings

Indefinite

Archive

Minutes of committee meetings

Indefinite

Archive

General Management

 

 

Councillors contact details

Duration of membership

Management

Contracts

6 years

Limitation Act 1980

Email messages

At end of useful life

Management

Consent forms

5 years

Management

GDPR Security Compliance form

Duration of membership

Management

 

 

6. DO WE COLLECT INFORMATION FROM MINORS?

In Short:  We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Website, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Website. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at Westfenclerk@outlook.com.

 

7. WHAT ARE YOUR PRIVACY RIGHTS?

In Short:  You may review or change your personal information, or terminate your consent where it is otherwise expressly required, at any time.

If you are a UK resident, you may seek information or make a complaint to the Information Commissioners Office here: ico.org.uk.

If you are resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm .

If you are resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html .

 

Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Website. To opt-out of interest-based advertising by advertisers on our Website visit http://www.aboutads.info/choices/ .

 

8. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

 

9. DO WE MAKE UPDATES TO THIS NOTICE?

In Short:  Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

 

10. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may email us at Westfenclerk@outlook.com .

 

11. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information, please submit a request by email to Westfenclerk@outlook.com .

 

12. WHAT IF THERE IS A BREACH OF THE WEST FEN PARISH MEETING DATA PROTECTION POLICY LEADING TO A LOSS OF MY PERSONAL INFORMATION?

 

GDPR defines a personal data breach as “a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed”.  Examples include:

  • Access by an unauthorised third party
  • Deliberate or accidental action (or inaction) by a controller or processor
  • Sending personal data to an incorrect recipient
  • Computing devices containing personal data being lost or stolen
  • Alteration of personal data without permission
  • Loss of availability of personal data

West Fen Parish Meeting takes the security of personal data seriously, computers are password protected and hard copy files are kept in locked cabinets.

 

Consequences of a personal data breach

A breach of personal data may result in a loss of control of personal data, discrimination, identity theft or fraud, financial loss, damage to reputation, loss of confidentiality of personal data, damage to property or social disadvantage.  Therefore a breach, depending on the circumstances of the breach, can have a range of effects on individuals.

 

West Fen Parish Meeting duty to report a breach

If the data breach is likely to result in a risk to the rights and freedoms of the individual, the breach must be reported to the individual and ICO without undue delay and, where feasible, not later than 72 hours after having become aware of the breach.  The Data Protection Officer must be informed immediately so they are able to report the breach to the ICO in the 72 hour timeframe.

If the ICO is not informed within 72 hours, West Fen Parish Meeting via the DPO must give reasons for the delay when they report the breach.

When notifying the ICO of a breach, West Fen Parish Meeting must:

  1. Describe the nature of the breach including the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned
  2. Communicate the name and contact details of the DPO
  3. Describe the likely consequences of the breach
  4. Describe the measures taken or proposed to be taken to address the personal data breach including, measures to mitigate its possible adverse affects.

When notifying the individual affected by the breach, West Fen Parish Meeting must provide the individual with (ii)-(iv) above.

West Fen Parish Meeting would not need to communicate with an individual if the following applies:

  • It has implemented appropriate technical and organisational measures (i.e.encryption) so those measures have rendered the personal data unintelligible to any person not authorised to access it;
  • It has taken subsequent measures to ensure that the high risk to rights and freedoms of individuals is no longer likely to materialise, or
  • It would involve a disproportionate effort

However, the ICO must still be informed even if the above measures are in place.

 

Data processors duty to inform West Fen Parish Meeting

If a data processor (eg a third party provider) becomes aware of a personal data breach, it must notify West Fen Parish Meeting without undue delay.  It is then West Fen Parish Meeting’s responsibility to inform the ICO, it is not the data processors responsibility to notify the ICO.

 

Records of data breaches

All data breaches must be recorded whether or not they are reported to individuals.  This record will help to identify system failures and should be used as a way to improve the security of personal data.

Add a privacy notice