The privacy of your personal data when using our website is important to us.
We are dedicated to safeguarding and preserving your privacy when you are visiting our site or communicating electronically with us.
Corton Denham Parish Council General Privacy Notice and Data Protection Policy
1. Personal Data
Personal data is any information about a living individual which allows them to be identified from that data.
2. Corton Denham Parish Council
This Privacy Notice is provided by the Corton Denham Parish Council (the CDPC) which is the data controller for some personal data relating to its Local Authority, Councillors, local residents and certain local services. The CDPC uses this data only for the exercise of its legal responsibilities and the conduct of customary parish affairs within Corton Denham: this includes communications on Council matters, planning applications, and notification and reporting of general village activities, including those on the Parish website (cortondenham.org.uk).
3. Handling of Personal Data
Personal data held and processed by the CDPC is limited to names, photographs, and contact details such as telephone numbers and
postal/e-mail addresses. It neither holds nor processes sensitive data as described in the GDPR as “special categories of data”.
The CDPC will comply with data protection law, ensuring that personal data will be
– Used lawfully, fairly and in a transparent way;
– Collected only for valid purposes that have been clearly explained, and not used in any way that is incompatible with those purposes;
– Relevant to the purposes as explained above, and limited only to those purposes;
– Accurate and kept up to date;
– Kept only as long as necessary for the purposes as explained;
– Kept in a secure way so as to protect personal data from loss, misuse, unauthorised access and disclosure, and properly destroyed when their purpose has been completed.
The CDPC is a public authority and has certain powers and obligations. Most personal data is held and processed for compliance with legal obligations which includes the Council’s statutory functions and powers. Sometimes when exercising these powers or duties it is necessary to process the personal data of residents or people using the Council’s services. It may also be used in the conduct of customary village activities.
The CDPC will always take into account individual interests and rights, and this Privacy Notice summarises below individuals’ personal rights and the Council’s obligations under GDPR. Sometimes the use of personal data requires individual consent, and that consent will always be obtained before that use.
The CDPC may need to share personal data with other data controllers ,such as the Local Authority, other public authorities/agencies, and contractors, so that they can carry out their responsibilities to the CDPC. These third parties have an obligation to put in place appropriate security measures and will be responsible to individuals directly for the manner in which they process and protect their personal data. If the CDPC and other data processors are processing personal data for the same purposes, then they may be “joint data controllers” which means that they are both collectively responsible for that personal data. Whether the CDPC is a sole or joint data controller, any personal questions, rights or complaints should be raised directly with the CDPC as your data controller.
The CDPC may keep some records permanently if legally required. It may keep some records for an extended period, e.g., where there is a legal obligation to retain some data in connection with statutory obligations as a public authority. But both these cases are unlikely for the CDPC, who in general will endeavour to keep data only for so long as it is needed.
The CDPC maintains a website (cortondenham.org.uk) to meet its legal obligations under the Transparency Code: this also benefits the village as a whole. Steps have been taken to avoid publishing personal data on this website. In exceptional circumstances when it may become appropriate to hold personal data, such as the promotion of a village activity with an organiser’s name and contact details, prior and formal permission will be sought from the individual involved and that personal data will be removed as soon as the activity is completed. Our website is also accessible from overseas so, on occasions, some personal data may be accessed from overseas.
4. Individual Personal Rights
Individuals have the following rights with respect to their personal data;
– The right to access personal data held by the CDPC
At any point you can contact firstname.lastname@example.org to request the personal data held on you, as well as why, who has access and where that personal data was obtained.
– The right to correct and update personal data held by the CDPC
If the data held is out of date, incomplete or incorrect you can inform the CDPC and your data will be updated.
– The right to have personal data erased
This right can be exercised at any time, and upon notice the CDPC will immediately delete the personal data (or inform you if it cannot be deleted because of a legal obligations)
– The right to object to processing of their personal data or to restrict it to certain purposes only
Upon receiving the request the CDPC will contact you to confirm that appropriate action has been taken
– The right to data portability
You have the right to request that the CDPC transfer some or all of your personal data to another controller
– The right to withdraw consent for the processing of their personal data
You can withdraw any consent that you have made by e-mail to email@example.com
– The right to lodge a complaint to the Information Commissioner’s Office
You can contact the Information Commissioner’s Office on 0303 123 1113 or via e-mail https://ico.org.uk/global/contact-us/email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
5. Contact Details
All questions and complaints about this General Privacy Notice should be addressed to the parish clerk (firstname.lastname@example.org), who acts on behalf of the CDPC who are the data controller under the GDPR.
The CDPC will keep this notice under review, and will post this notice and any updates on our website cortondenham.org.uk.
23.5.18. Message from The Parish Clerk
Richard Thatcher (Clerk to Corton Denham Parish Council)
4.12.18. From the PCC of St Andrew’s, Corton Denham
The Parochial Church Council (PCC) of St Andrew’s, Corton Denham, in common with many other organisations, is subject to the provisions of the General Data Protection Regulations (GDPR) which came into force on 25th May 2018. Accordingly, the PCC wishes to draw your attention to its updated Data Privacy Notice in the St Andrews section of the Parish Website (cortondenham.org.uk) which governs how personal data is managed by the PCC.
Susanna Thatcher (Churchwarden)
- Contributors to the CD News will be informed that a copy of the CD News will be placed on the Village website and advised of the website ‘protocol, published on the website in the ‘Privacy’ section.
- If so requested by a contributor or the Editor, part of or all the relevant article will be omitted from the website version.
- Unless otherwise requested, the names of contributors will be included with the relevant article.
- Photograph captions identifying individuals will be removed from the website version.
- Photographs of children will be excluded from the website version.
- No contact details of individuals will be included in the website version unless they are already available in the public domain.
- No personal information regarding village residents or their families will be included in the website version.
- Unless a ‘blanket’ permission for photography has been given (eg by the Village Hall), photographs of people taken on private property will only be included when the property owner or the individuals concerned have given authority in advance for such photos. In the event of any uncertainty in this regard, photographs of individuals will not be included on the website version of the CD News.