Melbourne Parish Council: General Data Protection Regulation 2018
1. Introduction
All public authorities, however small, are required to implement these regulations, to take effect on 26 May 2018.
2. Operational Policy
This Parish Council will only use personal data which is:
A) Obtained lawfully, fairly and transparently
B) For specific, explicit and legitimate purposes
C) Adequate, relevant and limited to what is necessary
D) Accurate and up to date
E) Kept no longer than necessary
F) Kept securely
3. Lawful use of data
The Parish Council will use personal data if:
A) The individual has consented
B) It is necessary to comply with the law
C) It is necessary to perform the Council’s public duties
4. Privacy Notice
This document is a privacy notice, for those on the current contact list and generally for everyone. It is published on the Parish Council’s website.
In addition to the information given above, every individual has the following rights:
A) To be informed of any personal data kept by the Council
B) To have access to it
C) To have it rectified if necessary
D) To have it erased
E) To restrict any processing of it
F) To object to any part of it
Please contact the Clerk if you wish to exercise any of these rights.
5. Correct procedures
A) The only personal data stored consists of names and addresses on the Electoral Register and/or email addresses and/or telephone numbers of individuals who are freely in contact with the Council. No other data is stored. No data is otherwise processed. No data is sold on. Data will not be shared unless necessary to achieve a required outcome – eg with East Riding of Yorkshire Council.
B) Data will be kept, and where necessary published or issued, to abide by legal requirements (eg the Freedom of Information Act); and the requirements of the Transparency Code (ie contact details for the Councillors and the Clerk). Nothing else will be published unless an individual requests it (eg to advertise a local event or business).
C) All personal data is kept to a minimum, and will be subject to an audit each May. A list of all online and paper files is available.
D) All personal data is kept no longer than necessary: usually the current financial year and the three years preceding it.
E) Personal data kept online by the Clerk is stored in a safe and secure system, with its own username, password, email address and contact list. All paper data is kept in a safe place. Councillors will ensure that any data kept by them, which will only be a subset of data kept by the Clerk, is similarly protected.
Jane Stewart
Clerk
Melbourne Parish Council
14 May 2018