Finance, Legal and Governance
Data Controller – Somerset Council – Information Commissioner’s Office Registration Z5957592
Data Protection Officer contact – informationgovernance@somerset.gov.uk
Purpose for processing
- Financial Services
- Legal Services
- Governance, including Member Support
- S151 Role
Legal basis for processing
By law – Finance, Legal and Governance is required to process data in response to a number of laws and statutory instruments to ensure the delivery of the services detailed above. In some cases, Finance, Legal and Governance may ask for your explicit consent to process your personal data, see below for more details.
Legitimate interests – Finance, Legal and Governance uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
Data sharing – the personal data provided to Finance, Legal and Governance will be shared with a range of partners when providing services including National Government Departments, the NHS, the police and other local authorities. When Finance, Legal and Governance is required to share your personal data, you will be informed at the point your data is collected.
Safeguarding – in cases where you or another member of the public may be at risk your personal information will be shared.
Other statutory obligations – in cases where the council is legally obliged to disclose your personal information in cases such as prevention or detection of crime or fraud your personal information will be shared.
Transfers abroad – your data will not be transferred abroad unless you are specifically informed at the point your data is collected.
Data retention – this data will be retained for a period determined by UK law and regulations, or in some cases to meet specific requirements of the service being provided. You will be informed of this at the point your data is collected.
Your rights – you have the right to ask Somerset Council for a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the council has no other legal obligation concerning that data.
You also have the right to complain to the regulator – Information Commissioner’s Office (IOC).
Consequences: In some cases, if you do not supply your information to us, we will not be able to provide you with the services we are obliged to provide by law or any supplementary service you have asked for.
Explicit consent
If the legal basis for processing is explicit consent we will need to ensure you are provided with a:
- Clear explanation of exactly what is being consented to
- Clear “opt-in”
- Clear option to withdraw your consent later by use of an “opt-out”
Privacy of Electronic Communications Regulations (PECR)
To meet the requirements of the Privacy of Electronic Communications Regulations (PECR) we will ensure that we give you clear options on the information you receive, and how you can receive it.
If we are using your contact details to distribute further information, we will provide you with opt-in options so you can choose the method of communication, such as post, email, or phone, and to choose what you will receive, such as newsletters, invitations to events, and service updates. We will also offer you a clear option to unsubscribe to any communications sent with your consent.