Polebrook Parish Council

Serving the Parishioners of Polebrook

Clerk: Mrs Emma Morehen
19 Nene View , Islip
Kettering, Northamptonshire
NN14 3LD

Tel: 07960 036894

Image of Laptop with EU GPDR logo

General Data Protection Regulations 2018

What is the GDPR?

The General Data Protection Regulation (GDPR) is a Europe-wide law that replaces the Data Protection Act 1998 in the UK. It includes the Data Protection Act 2018 (DPA 2018). The GDPR sets out requirements for how organisations like Parish Councils need to handle personal data. The Regulations came into force on 25 May 2018.

Under the GDPR, the Parish Council is both a Data Controller and a Data Processor. As a Data Controller, we must provide Privacy Notices explaining to individuals how their data will be used and what rights they have.

The Parish Council has also adopted several policy statements with regard to the collection, storage and use of personal data.

Data Protection Officer

Section 7(3) of the DPA 2018 says that Parish Councils are not public authorities for the purposes of the GDPR. As we are not a public authority for the purposes of the GDPR then we do not need to appoint a Data Protection Officer (DPO). We are still subject to data protection legislation however and we must ensure that we have sufficient staff and resources to discharge our obligations under the GDPR.

Parish Council is currently supported for GDPR and to act as the Council's DPO as required through Northants County Association of Local Councils (NCALC) via an annual subscription.

The Data Protection Officer and NCALC can be contacted as follows:-

dpo@northantscalc.com

Northants CALC

6 Litchborough Business Park

Northampton Road

Litchborough, Northants., NN12 8JB

01327 831482

Information Commissioner's Office (ICO)

The Parish Council is registered as a Data Controller with the ICO. Our reference number is ZA535132. Our details can be seen on the public register.

Security under the GDPR

The GDPR requires personal data to be processed in a manner that ensures its security. This includes protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.

The Parish Council has completed an assessment of personal data held. The assessment details what data, how and why it is collected and how the data is protected. To complement this log of personal data, we have also completed a GDPR risk assessment to identify how any risk to the security of personal data is managed. These documents are regularly reviewed.