General Privacy Notice

1.  Introduction

This Privacy Notice is provided to you by Deeping Gate Parish Council (“the Council”), which is the data controller for your data.

“Personal data” is any information about a living individual which allows them to be identified from that data. Examples include your identity, contact information, photographs and bank details.

2.  Data Protection Law

The processing of personal data is governed by legislation relating to personal data, which applies in the United Kingdom, including the UK GDPR and the Data Protection Act 2018, collectively “the Data Protection Legislation”.

The Council will comply with data protection law, which stipulates that the personal data we hold about you must be:

  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and kept up to date.
  • Kept only as long as necessary for the purposes we have told you about.
  • Kept and destroyed securely, with appropriate technical and security measures in place to protect your personal data from loss, misuse, unauthorised access and disclosure.

3.  What Data We Collect

The Council will process some or all of the following types of personal data where necessary to perform its tasks:

  • Identity Data — name, username or similar identifier and photograph.
  • Contact Data — address, email address, telephone number.
  • Financial Data and Transaction Data — Including financial identifiers and bank account details when Data users submit Community Grant applications.
  • Transaction Data — Including details about payments to and from the Data Subject and other details of services the Data Subject has purchased and grants provided to the Data Subject.
  • Profile Data — Including preferences, feedback and survey responses.

Personal data may include sensitive or other special category data which is described in the UK GDPR as “Special categories of data” and require higher levels of protection. Further justification is required for collecting, storing and using this type of personal data.

The Council does not process sensitive data.

4.  Legal Basis For Processing Your Personal Data

Personal data may only be processed where there is a legal basis to do so. The Council processes personal data:

  • which is necessary in the public interest, or in the exercise of official authority the Council has, but there is no legal requirement to do it, for example, answering general correspondence.
  • to comply with its legal obligations, including the discharge of the Council’s functions and powers, for example, for processing Co-option Candidate Qualification forms.
  • where you have made a fully informed decision and have given consent, for example by signing up to the newsletter on the website or giving permission for your photograph being used in a newsletter article.

5.  How We Use Your Data

We use your personal data for some or all of the following purposes:

  • To contact you by post, email, telephone, or using social media (only in the event that we need to contact you and have attempted all other methods).
  • To confirm your identity to provide some services.
  • To process financial transactions including grants and payments for services supplied by the Council.
  • To enable us to meet all legal and statutory obligations.
  • To notify you of changes to our services, events and Councillors, employees or other role holders.
  • To report issues or provide information to other local authorities.
  • To promote the interests of the Council.
  • To maintain our own accounts and records.
  • To seek your views, opinions or comments.
  • To send you communications which you have requested and that may be of interest to you. These may include information about news, events, campaigns, new projects or initiatives.
  • To prevent and detect fraud.

6.  Data Sharing

The Council may need to share your personal data with third parties, however we will only do so when necessary. Third parties we share your data with have an obligation to put in place appropriate security measures and will be responsible to you directly for the manner in which they process and protect your personal data.

If we and the other data controllers listed below are processing your data jointly for the same purposes, then the Council and the other data controllers may be “joint data controllers” which mean we are all collectively responsible to you for your data.

Where each of the parties listed below is processing your data for their own independent purposes, then each of us will be independently responsible to you, and if you have any questions, wish to exercise any of your rights (see below) or wish to raise a complaint, you should do so directly to the relevant data controller.

It is likely that we will need to share your data with some or all of the following (but only where necessary):

  • Other data controllers:
    • Local Authorities, such as Peterborough City Council and other Parish Councils
    • Local Publications
    • Unity Trust Bank
  • Our agents, suppliers and contractors. For example:
    • a commercial provider who publishes a newsletter or flyer on our behalf
    • A contractor who is instructed to carry out works in relation to Council assets.
  • Local authorities or not-for-profit bodies with which we are carrying out joint ventures, e.g. in relation to facilities or community events.

7.  Your Rights

When exercising any of the rights listed below, in order to process your request, we may need to verify your identity for your security.  In such cases, we will need you to respond with proof of your identity before you can exercise these rights.

You have the following rights with respect to your personal data:

  • At any point, you can contact us to request the personal data we hold on you, as well as why we have that personal data, who has access to the personal data and where we obtained the personal data from.  Once we have received your request, we will respond within one month.
  • There are no fees or charges for the first request, but additional requests for the same personal data or requests which are manifestly unfounded or excessive may be subject to an administrative fee.

1. The right to access the personal data we hold on you.

2. The right to correct and update the personal data we hold on you:

  • If the data we hold on you is out of date, incomplete or incorrect, you can inform us and your data will be updated.

3. The right to have your personal data erased:

  • If you feel that we should no longer be using your personal data or that we are unlawfully using your personal data, you can request that we erase the personal data we hold.
  • When we receive your request, we will confirm whether the personal data has been deleted or the reason why it cannot be deleted (for example, because we need it to comply with a legal obligation).

4. The right to object to the processing of your personal data or to restrict it to certain purposes only:

  • You have the right to request that we stop processing your personal data or ask us to restrict processing. Upon receiving the request, we will contact you and let you know if we are able to comply or if we have a legal obligation to continue to process your data.

5. The right to data portability:

  • You have the right to request that we transfer some of your data to another controller. We will comply with your request, where it is feasible to do so, within one month of receiving your request.

6. The right to withdraw your consent to the processing at any time for any processing of data to which consent was obtained.

  • You can withdraw your consent easily by contacting us at the details shown below.

You can contact Information Commissioner’s Office at https://ico.org.uk/ or The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5A, or on 0303 123 1113.

8.  Sharing information outside the UK

Where necessary, we may transfer personal information outside of the UK. When doing so, we comply with the UK GDPR, making sure appropriate safeguards are in place. Please contact us for more information.

9.  Further processing

If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.  Where and whenever necessary, we will seek your prior consent to the new processing.

10.  Security

Data security is of great importance to the Council, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your collected data.

We take security measures to protect your information, including:

  • Securely storing and limiting access to Council files, records and documents.
  • Implementing access controls to our information technology.
  • Using appropriate procedures and technical security measures (including encryption) to safeguard your information across the Council’s information technology system, network and website.
  • Implementing of policies, procedures and training for all members and employees.
  • Regular reviews of security procedures.

11.  Contact details

If you have any questions about this Privacy Notice or the personal data we hold about you, or to exercise all relevant rights, queries or complaints at please use the contact form or contact the Clerk at:

clerk@deepinggate-pc.gov.uk

07713 194173

The postal address is available on request.

 

This Privacy notice was updated on 2nd March 2026.

Next review: March 2027