Data protection and privacy
Wye with Hinxhill Parish Council is registered as a data controller with the Information Commissioner's Office (ICO) under the Data Protection Act 2018 (DPA 2018) Registered Number Z3458715
The Parish Council collects, holds and processes personal data in compliance with the Data Protection Act 2018, and the General Data Protection Regulation (GDPR).
Data protection principles
Under the Data Protection Act 2018, any personal information held by the Parish Council is:
1. used fairly, lawfully and transparently;
2. used for specified, explicit purposes;
3. used in a way that is adequate, relevant and limited to only what is necessary;
4. accurate and, where necessary, kept up to date;
5. kept for no longer than is necessary;
6. handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage.
Lawful basis for processing data
The Parish Council has a lawful basis to collect information (data) about residents and the people it serves and deals with as a public body. In essence, the Parish Council needs this data in order to discharge its duties and functions, and to provide its services. This information (data) may include the name, address, email address, date of birth, private and confidential information, and in exceptional situations, sensitive information.
What is personal data?
The Parish Council will protect any personally identifiable data (PII) that you (the 'data subject') provide. The Parish Council stores and processes this personal data in compliance with the Act, and the General Data Protection Regulation (GDPR). First and foremost, the Parish Council protects your privacy against misuse, theft, or unlawful disclosure of personal data, simply by collecting as little of it as possible.
The Parish Council WILL NOT share your details with any third party without your prior consent, unless required to do so by law. Data is either stored locally, or on secure servers within the UK.
Double opt-in requirement
The General Data Protection Regulation (GDPR) sets a high standard for consent. Part of this is the double opt-in consent requirement to join the e-newsletter mailing list. Consequently, before we can send you your first e-newsletter, the initial request acknowledgement email will invite you to confirm that you wish to 'opt-in' to join. (All you will need to do is press a button on the acknowledgement email to confirm your consent).
Privacy notice, regulations and policy
Wye with Hinxhill Parish Council is a public authority registered with the Information Commissioner (Registration number Z3458715) The Parish Clerk is the registered Data Controller. This page only provides a summary of the subject, the Parish Council's full Privacy Notice is available via a link at the foot of every web page, and every parish e-newsletter footer.