This privacy statement covers the official website of the Suffolk Building Control Group (hereafter, "the Group"), found at https://www.suffolkbuildingcontrolgroup.co.uk/
Your privacy is important to us.
We will treat your personal data lawfully and correctly. We regard this action as vital to maintaining your confidence in us, as well as the confidence of the many other people and organisations we deal with.
Any personal information you provide to us will only be used in accordance with principles found in the General Data Protection Regulation (EU) 2016/679.
If you provide personal information in order to use a service on this website, it will only be used for the reasons stated on the relevant webpage or application form.
Depending on the purpose for which we originally obtained your personal information, we may share this with other departments within Babergh and Mid Suffolk District Councils, to deliver services or share information with other local authorities or organisations such as suppliers or contractors, voluntary organisations or not for profit organisations, for the purposes of carrying out joint ventures or referring you to support services.
On occasions we use companies and partners to either store personal information or to manage it on our behalf. Where we have these arrangements there is always a contract, memorandum of understanding or information sharing protocol in place to ensure that the organisation complies with data protection law. Arrangements involving sensitive personal data will have been formally assessed in more detail for their compliance with the law.
In most other cases we will not disclose personal data without consent. However, there are situations where consent would not be required such as when we feel there is a good reason that is more important than protecting your confidentiality. This does not happen often, but we may share your information:
- For the detection and prevention of crime / fraudulent activity
- If there are serious risks to the public, our staff or to other professionals
- Where there is a risk to you and the risk is sufficiently serious that the need to disclose your information is more important than protecting your confidentiality
On occasions the Group will undertake research into various topics. When using personal data for research purposes, the data will usually be anonymised to avoid the identification of an individual, unless consent has been given for the use of the personal data.
Personal data will not otherwise be shared with any third party without your consent, unless required by law.
When we use your personal data, the Group is the data controller. As the data controller, we must:
- Only keep your data that we need to provide services and do what the law says we must
- Keep your records safe and accurate
- Only keep your data as long as we have to
- Collect, store and use your data in a way that does not break any data protection laws
Things you can do to help us include:
- Telling us when any of your details change
- Telling us if any of the information we hold on you is incorrect
What is personal data?
Personal data is information about a living person.
Examples of personal data are your name, address, telephone number, date of birth and bank details. This can include written letters, emails, photographs, audio recordings and video recordings.
There are also other types of personal data (called "special category data") which require additional safeguards. Special category data includes details of ethnic origin, religious beliefs, sexual orientation, trade union membership, health data, biometric (for example: fingerprints or facial recognition) and genetic (for example: DNA) data.
Why we collect and store personal data
For some of our services, we need to use your personal data so we can get in touch and provide services.
We can use your personal data under many different laws. The main ones for the Group are the Local Government Acts and the Localism Act 2011. In 2011, the Government put together a list of statutory duties of all local authorities. In many cases there is a law that says we can process your data without your consent or permission.
For some services we process your data under a contract. Where we do not directly provide a service, we may need to pass your personal data onto the organisations that do. These providers are under contract and have to keep your details safe and secure, and use them only to provide the service.
Using your personal data
We will use your data to:
- Carry out our role to provide services and anything else which we must do by law
- Listen to your ideas about our services
- Tell you about our services
The Group is required by law to protect public funds which it administers. The Group may therefore share information with other bodies responsible for auditing or administering public funds, in order to prevent and detect waste, fraud and errors.
No assumption is made as to whether there is waste, fraud or errors until an investigation is carried out.
Other legal requirements
We aim to have a secure website, and use appropriate security technology to protect any sensitive personal data we process.
But your use of the Internet in general, and this website in particular, is entirely at your own risk. We have no responsibility or liability for the security of personal information transmitted over the Internet, so please consider this before you submit personal or sensitive data.