Data Protection Policy

South Holland District Council is committed to protecting the rights and privacy of all people with regard to the processing of personal data. During the course of our activities, we will collect, store and process personal information about our staff, customers, suppliers and other third parties.  We recognise the need to treat personal data in an appropriate and lawful manner and all processing will be conducted in accordance with this policy, the Data Protection Act 2018, the General Data Protection Regulation and any subsequent or amending legislation.

This Policy applies to all employees and members of South Holland District Council.  Any breach of this policy will be taken seriously and serious or persistent Personal Data Breaches may be considered to be a breach of the Member's Code of Conduct or result in disciplinary action.  As a matter of good practice, other agencies and individuals working with the Council, who have access to personal information, will be expected to read and comply with this Policy.

Our Privacy Policy is open to all internal and external stakeholders.

Users of this policy are encouraged to view further guidance that has been issued by the Information Commissioner's Office ("ICO"). Guidance is available in many discrete areas (such as CCTV, data sharing and subject access rights). Guidance notes can be accessed from the Information Commissioner's Office website about Data Protection, Privacy and Electronic Communications advice (opens new window) (opens new tab).

The ICO also has a guide specifically about the new General Data Protection Regulation (GDPR) (opens new window) (opens new tab).

1.1 Definitions
5.1 Lawfulness and Fairness, 5.2 Consent, 5.3 Transparency (notifying data subjects)
10.1 Protecting Personal Data, 10.2 Reporting a Personal Data Breach
13.1 Data Controller, 13.2 Record keeping, 13.3 Training and audit, 13.4 Privacy by Design and Data Protection Impact Assessment (DPIA), 13.5 Automated processing (including profiling) and Automated Decision- Making, 13.6 Direct marketing, 13.7 Sharing Personal Data