Find contact details of elected members.
Elected members are legally speaking data controllers in their own right and must ensure that any personal information they hold or use in their office as an elected member for council business is treated in line with GDPR and the Data Protection Act 2018.
However, given their close association with us, we arrange for registration of elected members as data controllers with the Information Commissioner and for annual renewal of their registration in accordance with legal requirements. Training on data protection issues is also available to elected members.
Purpose of processing
Elected members will wish to make use of personal data provided by their constituents and by us to enable them to provide their constituents with a response to complaints and enquiries.
The legal basis on which members rely in order to use the information which they collect about individuals for the purposes set out in this notice is:
- public task - processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Data that is held
Elected members may hold personal data. For example:
- email addresses
- phone numbers
- dates of birth
Elected members may also hold sensitive personal information (special category data) such as:
- ethnic origin
- political opinions
- religious beliefs
- trade union membership
- sex life
- sexual orientation
There is considered to be a substantial public interest in processing such data within the constraints set out in this notice.
Elected members will request personal information that is appropriate to enable them to carry out their functions on a 'need to know' basis. Processing of constituents' personal information will be undertaken in accordance with the principles of the data protection legislation.
Elected members are expected to keep all personal data secure in accordance with our data policies and procedures.
Sharing your information
Elected members will not normally need the consent of constituents in order to hold or share the personal data with our partner organisations such as the health service with which we already have data sharing agreements and which they reasonably could be expected to contact to progress the issue constituents have raised.
Constituent's personal data must only be used for the purpose stated in their enquiry. If there is any doubt about sharing personal data then advice should be sought from our data protection officer.
Particular care should be taken to ensure constituent's contact details are current to avoid correspondence being sent to the incorrect address.
If the personal data is to be used or shared in a way that the constituent would not reasonably envisage or with an agency that we do not normally deal with, then the elected member will inform the constituent what they're proposing to do with the data before using it or sharing it and seek their consent.
If the constituent has any concerns about sharing the data and they tell the elected member this then their wishes must be respected and the data must not be shared.
Where elected members have relied on constituents’ consent to use their data this needs to be carefully documented.
Elected members will normally process personal data until such time as they have resolved the issue and store electronic data and paper records for the minimum period that is necessary to do so and for no longer than their period of office. This is to allow them to build up case history and to return to records when further matters arise.
In the event of loss or inappropriate disclosure of personal data then elected members should follow our security incident procedures.
Enquires and complaints
Constituents are entitled to exercise the full range of their rights in relation to their personal data held by elected members as they are in relation to our data.
Your rights under GDPR and the Data Protection Act.
If elected members have any concerns or they receive any complaints relating to the use of personal data they should contact our Data Protection Officer, Jane Lakin: email: email@example.com.
If an elected member is unable to resolve a complaint to an individual's satisfaction, the constituent can make a complaint to the Information Commissioner's Office.