Privacy Notice for Bridlington Town Council
This privacy notice provides details of how Bridlington Town Council will use information that we collect. The Council makes every effort to ensure the way in which it uses data is transparent, fair and lawful.
What information do we hold and use?
We collect and process the following information:
- Personal information (such as name, address, contact details)
- Special categories of personal information, where we have a legal requirement to do so (such as ethnicity, age range, disabilities,
- criminal activities, health & medical information)
- Standard banking details including bank address, sort code, account number, balance sheet & statement
- Company information (such as company name, address, key contact & VAT)
- Photographs and videos of individuals where the person may be identifiable
- Legal documents (e.g. contracts)
What do we use the information for? We use the information you give us for the following purposes:
Partnership management (internal and external)
Grant and fund management
Project management (including monitoring outcomes of funded programmes)
Local Government delivery of Service, advice and guidance
Delivery of estates management
Event management
Volunteer engagement
Consultations and public engagement activities
On what grounds do we use the information? We process personal data only when:
the data subject has given consent to the processing of information for agreed purposes;
it is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data
subject prior to entering into a contract;
it is necessary for compliance with a legal obligation to which the controller is subject;
it is necessary to protect our clients, customers, premises, assets and partners from crime through the operation of CCTV system at
the Skatepark which record images for security and
processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in
the controller.
How do we collect this information? We collect information by the following mechanisms:
Application form
Enquiry form
Online forms
Consultation exercises
Event registration and delivery
Personal and professional correspondence
We collect information by the following means:
Online
Via Email
Over the telephone
By paper correspondence
In person (face-to-face)
Who we share your information with? We will only share your information with other local authorities, public sector bodies, Government
departments, and relevant third party funding organisations where we are required to fulfil a contractual obligation. Third party funders may
include, but are not limited to, HM Revenue & Customs (HMRC) & Department of Work and Pension (DWP).
You will be required to sign a privacy statement as necessary to give your consent to any information sharing for any partnership management
and volunteer engagement activities.
How long do we store it and is it secure? Information you provide may be stored in both manual and electronic formats and it will be
held to facilitate the services provided by projects and to assist with record keeping, statistical and research purposes, statutory purposes and
to facilitate on-going communication. Authorisation provided by individuals in association with the activities outlined under the section ‘What do
we use the Information for?’ is done so with permission for their information to be stored and processed as specified above. The Council has
retention schedules in place to ensure that information is only held for as long as it is needed and for the purpose for which it was collected.
Details of how we keep your information secure are available on the Bridlington Town Council website. At the end of that retention period,
your data will either be deleted.
What rights do you have?
The rights that you have depend upon the grounds upon which we collected your information.
Where either contractual obligation or public interest is the lawful basis for processing you will have the right to be informed, the right of
access, the right to rectification & Rights in relation to automated decision making and profiling.
Where consent is the lawful basis for processing all of the following apply; the right to be informed, the right of access, the right to
rectification, the right to erase, the right to restrict processing, the right to data portability, the right to object, rights in relation to automated
decision making and profiling.
Where can I find out more?
If you want to know more about how the Council uses information, your rights or have a concern about the way we are collecting or using
your personal data, we request that you raise your concern with us in the first instance.
Alternatively, you can contact the Information Commissioner’s Office.
Website Specific Information
Who we are
Our website address is: https://bridlington.gov.uk.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where your data is sent
Visitor comments may be checked through an automated spam detection service.