South Somerset District Council (SSDC) is the Data Controller,
under the Data Protection Act 1998 (DPA), for personal
information. As the Data Controller SSDC is responsible for
ensuring that it meets the DPA's requirements in the ways in which
it processes your personal data.
This Privacy Notice covers personal
information which is entered on any SSDC website that links to this
Privacy Notice. It explains how SSDC will use your personal
information and the ways in which we will protect your privacy when
provided through the above routes. Separate privacy notices
apply to personal information provided through other routes and
this Privacy Notice does not override the Privacy Notices provided
by specific services or for specific forms etc. but does give
general guidance on how SSDC handles your personal data.
The Information Commissioner (ICO)
is responsible for enforcing the DPA and the ICO's website has a lot of useful
information about the DPA and your rights.
If you require more information
about how we process your data please contact us.
Why do we use personal information?
Depending upon the personal
information provided and your reasons for providing it, we may need
your personal information:
In the performance of a
contract that we have with you;
To fulfil a legal obligation that
we may have;
To protect your vital
To protect our legitimate
interests for example to help with research and planning of new
services; to help train our staff; or to help manage our
Where SSDC proposes to use your
personal information for any other uses we will ensure that we
notify you first unless there's a valid exemption. For example
where a person is under investigation for fraud and by bringing
this to their attention it may prejudice or impede the
Where we rely solely on your consent to process your personal
information, you can withhold or withdraw your consent at any
When you contact SSDC by phone we may record telephone calls for
training and monitoring purposes and when you visit an SSDC officer
CCTV is operation for security purposes.
How do we keep information secure?
We will take appropriate steps to make sure that the
records we process about you through the SSDC websites are secure.
Our security measures include
- Encryption - when making an application using our website, the
information that you submit is encrypted so only you and the
Council's server can see it. This is indicated in the address bar
where you will see it says 'HTTPS'.
- Access controls on systems - all of our computer systems are
password protected and the Council's servers are kept in a secure
room with restricted access.
- Security training for all staff
With whom will your personal information be shared?
We may share your information across the Council's
services, within SSDC and other partner organisations, where this
is necessary, e.g. to provide a service; to counter fraud
Where we share your information with third parties, in most
cases we will seek to gain your consent first. However, we may
share personal information without your consent when it is lawful
and reasonable to do so This does not happen often but we may share
- for the detection and prevention of crime/ fraudulent activity;
- money laundering regulations 2007
- if there are serious risks to the public, our staff or to other
- to protect a child; or
- to protect adults who are thought to be at risk, for example if
they are frail, confused or cannot understand what is happening to
Sometimes SSDC uses third parties to process your information on
our behalf, for example to provide services or analysis. SSDC
requires those third parties to comply with its instructions and
they are forbidden to use your information for their own business
Will I be contacted for marketing purposes?
We do not make your personal details available to 3rd parties
for marketing purposes SSDC will only send you marketing emails and
otherwise contact you for marketing purposes if you sign up to a
mailing list, for example, to the Octagon Theatre so you could be
kept informed of forthcoming shows, or otherwise asked to be kept
If you wish to have your name removed from a mailing list or
have any questions please contact us.
National Fraud Initiative (NFI)
SSDC is required by law to protect the public funds we
administer. Therefore, we may share information that you provide
with other bodies responsible for auditing or administering public
funds, in order to prevent and detect fraud.
This sometimes includes data matching exercises which involves
comparing computer records that we hold against other computer
records that we of another body hold to see how far they match.
This is usually personal information. Computerised data matching
allows potentially fraudulent claims and benefits to be identified.
For more information please see our fraud page.
How can you access the information we hold about you?
SSDC tries to be as open as it possibly can in regards to giving
people access to their personal information. If you wish to
apply to see what personal information
we hold about you please click here.
How can you request correction of inaccurate
If you disagree with something written on your file then please
let us know We may not always be able to change or remove the
information e.g. if we are required by law to retain it but we will
correct factual inaccuracies where possible. If we do not
agree that the record is inaccurate we will at least include your
comments in the record to indicate your disagreement.
If you would like to inform us of any inaccuracies please contact
How long will we keep your personal information?
Generally we will hold your information for as long as it is
necessary for the purpose for which you provided it. The
Council's Retention Schedule gives general guidance on how long
each type of record is held. The length of time may be set by law,
for example, financial transactions are kept 7 years, or it may
have arisen from common practice within Local Government.
Alternatively SSDC may decide to retain certain records for a
period deemed appropriate for that particular type of case.
If you would like any further information about the
Council's retention policy please contact us.
We want to make our online services as easy, useful and reliable
as we can. Therefore, like most other websites we use 'cookies' to
collect anonymous statistics about how people use our site. For
Links to other websites
SSDC websites contain hyperlinks to websites owned and operated
by third parties. This privacy notice does not cover the links
contained on this site which takes you to another website. These
third party websites have their own privacy policies and you are
encouraged to read the privacy statements on the other websites
that you visit.
SSDC is only responsible for the content it inputs on its own
website and social media and we do not accept any responsibility or
liability for any other content including links to third party
websites. Your use of such websites is at your own risk.
Social networking sites
We may monitor and respond to comments or opinions on social
networking sites, for example Facebook and Twitter.
Changes to this privacy notice
We keep our privacy notice under review and if this privacy
notice changes in any way, an updated version will be placed on
this page. If you think there are any errors or you have any other
comments or queries on the content of this Privacy Notice please let us know.
How to contact us
If you are not happy with the way in which we have processed and
dealt with your personal information then you can make a
complaint using the Council's complaint procedure.
If, after following the complaints process, you are still
unhappy then you can make a complaint to the Information
Last Updated 10th February 2017