Privacy Policy

Our statement of how we gather, use, disclose and manage our customers' data.

1 How we look after your personal data

West Sussex County Council: the data controller

West Sussex County Council (WSCC) respects your privacy and is committed to protecting your personal data. We comply with the Data Protection Act 1998, any subsequent replacement legislation and the General Data Protection Regulation (EU) 2016/679) (GDPR).

The County Council is registered as a ‘data controller’ with the Information Commissioner’s Office (ICO - Reg. No. Z6413427), the UK supervisory authority for data protection issues. We ensure that your personal data is processed fairly and kept securely and for no longer than is necessary.

It is important that the personal data we hold about you is accurate and up to date, so please tell us if your personal details change during your relationship with us. If you are under 18, get your parent or guardian's permission before you provide personal information to our website.

It is important you read this privacy notice together with any other privacy notice we may give you when we are collecting or processing personal data about you. In doing so you can be fully aware of how and why we are using your data.

2 What information we collect and how we use it

In order to register and receive or use many of the services, including those on our website, you need to give us some personal information. We will hold this information for as long as it is needed for the service you have requested and remove it when that purpose has been met.

In the case of an online information service, such as email alerts, we will remove your details if you inform us that you no longer wish to continue to receive the service.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances.

  • Public task: to perform a task in the public interest or for an official function.
  • Legal obligation: to comply with the law (not including contractual obligations).
  • Contract: for a contract with you, or because you have asked us to take specific steps before entering into a contract.
  • Vital interests: to protect someone’s life.
  • Legitimate interests: to protect the interests of the County Council or someone else unless there is a good reason to protect your data which overrides those other interests.
  • Consent: you have specifically agreed to our use of your data and we have no other legal basis for processing it.

3 Data security

We have put in place security measures to prevent your personal data from being lost, used or accessed in an unauthorised way, altered or disclosed inappropriately.

We also limit access to your personal data to those employees, agents, contractors and other third parties who have a need to know in order for our service to be provided. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

We have procedures to deal with any suspected breach of the rules about personal data and will notify you and the regulator of a breach where we are required to do so.

CCTV 

The County Council uses CCTV for the detection and prevention of crime.

Electronic communications

We reserve the right to monitor and record electronic communications (website, email and phone conversations) for the purposes of keeping records, staff training, detection, investigation and prevention of crime.

  • Phone conversations - We will inform you if your call is being recorded or monitored.
  • Email - Emails that we send to you or you send to us may be kept as a record of contact and your email address stored for future use in accordance with our record retention policy. If we need to email sensitive or confidential information to you, we will perform checks to verify the correct email address and may take additional security measures. If sending us such information we recommend using our secure online forms where we provide them, or the postal service.
  • Website - Our website does not store or capture personal information of visitors using the site through general public access, but it does log visitors' IP addresses. Cookies are not used for the general running of our website, but are used to enable requested services. Using our website confirms your acceptance of our use of cookies.

Equality data

We may use equality data such as ethnic, gender, sexual orientation and age information to compile statistics in order to comply with equality legislation and assist in planning services.

Such data does not identify individuals or affect anyone’s entitlement to services.

Public funds

The County Council must protect public funds and may use personal information and data matching techniques to detect and prevent fraud and ensure public money is targeted and spent in the most cost-effective way. In order to achieve this, information may be shared with other bodies responsible for auditing or administering public funds, including:

  • the Audit Commission
  • the Department for Work and Pensions
  • other local authorities, HM Revenue and Customs
  • fraud investigation services
  • the police.

4 Who we share your information with

Your personal information may be shared with internal departments of the County Council or external organisations and agencies involved in delivering services on our behalf.

Statutory services such as education, social care, protection of vulnerable children and adults and public health may involve collecting, using and sharing Special Category data (sensitive personal data) as defined by the GDPR. We do not disclose or share sensitive or confidential information without your explicit consent, except in a small number of situations where:

  • disclosure is required by law
  • we have good reason to believe that failing to do so would put you or someone else at risk of harm.

You may decide you do not wish your personal information to be collected or shared, or may wish to set conditions on our use of it. In such cases we may not be able to provide the service you require, or may only be able to provide it in a limited way. There are occasions where we have a legal obligation to collect or use personal information without consent.

We may use personal information to identify individuals who need additional support during emergencies or major incidents, for example, in an emergency evacuation.

To enable WSCC to provide effective joined-up social care with health partners, we may share personal identifiable information with NHS Digital. This is in order to obtain NHS numbers from the Personal Demographics Service (PDS), the national electronic database of NHS patient details.

Other third parties

We do not pass personal data to third parties for marketing, sales or any other commercial purposes without your prior explicit consent. We may process your personal information using web services hosted outside the European Economic Area (EEA), but only where a data processing agreement is in place that complies with obligations equivalent to those of the Data Protection Act.

5 National Fraud Initiative

The National Fraud Initiative (NFI) is an exercise that takes place every two years to match electronic data within and between public sector bodies to prevent and detect fraud. It does not require the consent of the individuals concerned.

We have a legal obligation to take part in the exercise, which also includes police authorities, local probation boards, fire and rescue authorities and other local councils.

Details recorded on our payroll system are provided electronically to the Cabinet Office as part of the exercise, using a password-protected website. Strong security measures are in place to protect the information, and access to the data extract file is strictly controlled.

The data extract will not be sent by post or courier. Once the data extract file has been successfully submitted it will be removed from our computer network.

6 Your rights

  • To request access to your personal data.
  • To request correction of our records.
  • To request removal of data or limit our use of it - This right is not absolute and we may not be able to comply with your request. You have a right to have personal data erased and to prevent types of data processing in the following specific circumstances.
    • Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
    • When you withdraw consent we have relied upon.
    • When you object to the processing and there is no overriding legitimate interest for continuing the processing.
    • The personal data was unlawfully processed.
    • The personal data has to be erased in order to comply with a legal obligation.
    • The personal data is processed in relation to the offer of information society services to a child.
  • To object to processing - In some cases, we may need to explain that we have good grounds to continue to process your information.
  • To data portability - This right allows individuals to obtain and reuse their personal data for their own purposes for different services. This only applies to personal data provided by you, with your consent or for the performance of a contract, and when processing is automated.
  • Not to be subject to automated decision-making, including profiling - This right only applies where the decision is based on automated processing and we do not undertake any automated decision-making, including profiling.
  • To withdraw consent (when this is the only basis for our use of your data).

To find out more about your legal rights or request a change or deletion to your personal information see Your rights.

To obtain access to the records we hold about you see Accessing your personal data.

7 Contact for data protection issues and complaints

We have appointed a data protection officer (DPO) who is responsible for overseeing issues in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, contact the DPO:

Last updated:
29 May 2018

Share this

Share this

Do you have any feedback about this page?

Help us improve this website

Let us know how we're doing. We're constantly trying to improve this website. Your feedback is very important to us. You can simply add a star rating to indicate how useful you found this page. If you have more specific feedback use the form below.

Rate this page:
Clear star rating
  • West Sussex County Council will only use this email address to respond to any issues raised.