This page provides a summary of personal data processing activities undertaken by us. It complies with Article 30 of the UK GDPR by providing:
- The name and contact details of the controller and the data protection officer.
- The purpose of the processing.
- A description of the categories of data subjects and of the categories of personal data.
- Where applicable, transfers of personal data to a third country etc.
- Where possible, the envisaged time limits for erasure of the different categories of data.
- Where possible, a general description of the technical and organisational security measures in place.
Controller:
Barnsley Metropolitan Borough Council
PO Box 609
Barnsley
S70 9FH
Nature of work:
Further information relating to the work we do can be found in our privacy notice.
Data protection officer:
Mr David Robinson
Email: dpo@barnsley.gov.uk
Description of processing
The information on this page is a very broad description of the way we process personal information. To understand how your own personal information is processed you may need to refer to any personal communications you've received, check our privacy notice or contact us directly to ask about your personal circumstances.
Reasons/purposes for processing information
We process personal information so we can provide a range of government services to local people and businesses which include:
- Adult services function
- Adult social care function
- Advice and benefits function
- Advice and welfare rights function
- Alcohol and entertainment function
- Alternative education provision function
- Animal welfare function
- Animals function
- Arts and entertainment function
- Asylum and immigration function
- Benefits function
- Building and construction function
- Building control function
- Business advice and support function
- Business and employment function
- Business grants function
- Business rates function
- Businesses function
- Businesses and markets function
- Careers and employment function
- Carer and disability benefits function
- Carers function
- Children and families function
- Children and young people social care function
- Commercial activities function
- Commercial property function
- Commercial waste function
- Communications and publicity function
- Community centres and facilities function
- Community grants function
- Community safety function
- Community transport function
- Complaints and compliments function
- Conservation and sustainability function
- Consultations function
- Corporate Landlord function
- Corporate management function
- Council and community housing function
- Curriculum and policy function
- Cycling function
- Data protection and freedom of information function
- Democracy function
- Democratic services function
- Development control function
- Disabled facilities grants function
- Early years and childcare function
- Educational support function
- Elected members function
- Emergencies function
- Environmental health function
- Environmental protection function
- Equipment and supporting services function
- Events and exhibitions function
- Extra-curricular activities function
- Facilities function
- Family benefits function
- Finance function
- Food function
- Footpaths, byways and bridleways function
- Fostering and adoption function
- Funerals and cremations function
- Gambling and lottery function
- Goods and services function
- Grants and aid function
- Grants for children and young people function
- Hazardous materials function
- Hazardous waste function
- Health and safety at work function
- Health and social care function
- Health and welfare at school function
- Heating and housing benefits function
- Help and advice for adults function
- Higher education function
- Highway maintenance function
- Highways function
- Highways policy function
- Homelessness and prevention function
- Household waste function
- Housing function
- Housing advice function
- Housing allocation function
- Housing finance function
- Housing grants function
- Housing policy function
- Housing services function
- Human resources function
- Improvements and repairs function
- Incident response function
- Information communication technology function
- Internal operation function
- Legal function
- Leisure activities function
- Leisure and culture function
- Libraries function
- Library membership function
- Licences, permits and permissions function
- Local history and heritage function
- Looked after children function
- Low income benefits function
- Markets function
- Multiple occupancy homes function
- Museums and galleries function
- Neighbourhood and Communities security function, including CCTV
- Parking function
- Parks and open spaces function
- Permissions and consents function
- Planning and building control function
- Planning policy function
- Planning services function
- Policy and performance function
- Pollution control function
- Procurement function
- Public Health Function
- Public safety function
- Public transport function
- Pupil development and support function
- Recycling function
- Reference and research function
- Regeneration function
- Registration function
- Religion and culture function
- Road safety function
- Road signs and markings function
- Roads and streets function
- School admissions function
- School and special libraries function
- Schools function
- Schools and education function
- Special education needs function
- Sports and sporting venues function
- Statistics and census information function
- Street care and cleaning function
- Support for children and young people function
- Taxation function
- Taxi and private hire function
- Tourism function
- Trading standards function
- Transport function
- Transport and highways function
- Transport schemes function
- Volunteering and voluntary organisations function
- Waste and pollution function
- Waste management function
- Waste policy function
- Water activities function
- Youth offending function
The processing for the above functions is carried out by our directorates and service teams that sit within those directorates. Read more about the council structure.
Type/classes of information processed
We process information relevant to the above reasons/purposes which may include:
- Business activities
- Case file information
- Employment and education details
- Family details
- Financial details
- Goods and services
- Housing needs
- Licences or permits held
- Lifestyle and social circumstances
- Personal details
- Student and pupil records
- Visual images, personal appearance, and behaviour
We also process special categories of information, previously known as sensitive data, that may include:
- Criminal proceedings, outcomes and sentences
- Genetic/biometric data
- Offences (including alleged offences)
- Physical or mental health details
- Political affiliation/opinions
- Racial or ethnic origin
- Religious or other beliefs of a similar nature
- Trade union membership
Who information is processed about
We process personal information about:
- Adults living in the borough
- Business owners
- Carers or representatives
- Children living in the borough
- Claimants
- Complainants, enquirers or their representatives
- Customers
- Landlords
- Licence and permit holders
- Offenders and suspected offenders
- Payers of Council Tax and/or business rates
- People captured by CCTV images
- Professional advisors and consultants
- Receivers of council services
- Recipients of benefits
- Representatives of other organisations
- Staff, persons contracted to provide a service
- Students and pupils
- Suppliers
- Traders and others subject to inspection
- Tenants
- Witnesses
Who information may be shared with
We sometimes need to share information with the individuals we process information about and other organisations. Where this is necessary, we're required to comply with all aspects of the data protection legislation. The following is a description of the types of organisations we may need to share some of the personal information we process with, for one or more reasons.
In certain circumstances, where necessary or required by law, we may share information with:
- Courts, prisons
- Credit reference agencies
- Current, past and prospective employers and examining bodies
- Customers
- Customs and excise
- Data processors
- Debt collection and tracing agencies
- Educators and examining bodies
- Family, associates or representatives of the person whose personal data we are processing
- Financial organisations
- Healthcare professionals
- Healthcare, social and welfare organisations
- Housing associations and landlords
- Housing and tenants’ associations
- International law enforcement agencies and bodies
- Law enforcement and prosecuting authorities
- Legal representatives, defence solicitors
- Licensing authorities
- Local and central government
- Ombudsman and regulatory authorities
- Partner agencies, approved organisations and individuals working with the police
- Police complaints authority
- Police forces
- Other police forces, non-home office police forces
- Political organisations
- Press and the media
- Private investigators
- Professional advisors and consultants
- Professional bodies
- Providers of goods and services
- Regulatory bodies
- Religious organisations
- Security companies
- Service providers
- Students and pupils including their relatives, guardians, carers or representatives
- Survey and research organisations
- The Disclosure and Barring Service
- Trade unions
- Tribunals
- Voluntary and charitable organisations
Organisational security measures
We have a robust suite of security controls in place to protect the records we hold about you (on paper and electronically). We meet stringent Public Sector Network (PSN) security controls, and strict Payment Card Industry Data Security Standards (PCI-DSS). We comply with Cyber Essentials and NHS Digital’s Data Security and Protection Toolkit (DSPT) standards.
Access to your records is only available to those who have a right to see them. Examples of further security include:
- Encryption, meaning that information is hidden so that it can't be read without special knowledge (such as a password). This type of technology is applied to a number of our systems including our email system.
- Access controls, controlling access to systems and networks using multi factor authentication, allows us to stop people who're not allowed to view your personal information from getting access to it.
- Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong.
- Regular testing of our technology and ways of working including keeping up to date on the latest security updates (patches).
Further details and policies relating to how we look after your information can be found in our privacy policy.
How long we keep your personal information
There's often a legal reason for keeping your personal information for a set period of time, we try to include all of these in our retention schedule. A copy of this document is available on request from our records manager, you can email them at recordsmanagement@barnaley.gov.uk.
For each service the schedule lists for how long your information may be kept. This ranges from months for some records to decades for more sensitive records. As services, laws and legislation change regularly, the retention schedule is constantly changing to reflect the new requirements.
Transfers
In very rare circumstances, it may sometimes be necessary to transfer personal information overseas.
Any transfers made will be in full compliance with all aspects of the data protection legislation, for example, only with your consent if appropriate and with additional security measures in place to protect your information.
The majority of personal information is stored on systems located on our own servers in our own secure premises, although there are some occasions where your information may leave the UK in order to get to another organisation, or, if it is stored in a system that uses servers elsewhere.
We have additional protections on your information if it leaves the UK ranging from secure ways of transferring data, undertaking risk assessments on systems being used to ensuring we have a robust contract in place with the third party.
We'll take all practical steps to make sure your personal information is not sent to a country that is not seen as 'safe' either by the UK or EU governments.
Further information
If you have any concerns about how your personal information is handled please contact our data protection officer via the details provided.
For independent advice about data protection, privacy and data sharing issues, you can contact the regulatory body: Information Commissioner’s Office (ICO) at:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK99 5AF
Phone: 0303 123 1113