Corporate Privacy Notice

Who we are and what we do

Gateshead Council is a data controller under the Data Protection Act. We collect personal information to provide services and to meet our statutory obligations. This could be when you apply for or receive our services, live in or visit the borough, use our website or conduct business with the council.

Gateshead Council commits to protecting and respecting your privacy. This Privacy Notice explains the following:

Each service that we provide or you engage with also has its own Privacy Notice. These explain in detail how services use your information and the legal basis for this use.

We may change this Privacy Notice from time to time. Please keep checking this page to ensure that you're happy with any changes.

Please send your questions about our privacy practices by email to:

DPOcouncil@gateshead.gov.uk

You can also write to:

Data Protection Officer
Civic Centre
Regent Street
Gateshead
NE8 1HH

What type of information is collected about you

The council collects various types of your personal data. This depends on the services you receive and your contact with the council. Information collected can include:

business activities
contact details, including name, address, email address, telephone number
date of birth
employment details (when you apply for jobs)
financial details for purposes of receiving or making payments
housing information relating to your council tenancy
information about your family
IP address and information about what pages you access and when
licences or permits held
lifestyle, social and personal circumstances
national identifiers such as NHS number and NI numbers
proof of identity
services you receive
visual images, personal appearance and behaviour

We may also collect sensitive personal data that may include:

criminal offences, proceedings, outcomes and sentences
gender and sexual orientation
offences (including alleged offences)
physical or mental health details
political affiliation and opinions
racial or ethnic origin
religious or other beliefs of a similar nature
trade union membership

We may also record and monitor calls to our contact centre for quality and training purposes.

Cookies

We use cookies to collect information about website usage.

You can see more information on how we collection web usage information on our cookies page.

Why we need your information

We need personal information for council services you apply for or agree to receive. In the case of some services, we have to use this information to meet our statutory obligations. We will only collect personal data when necessary. This collecting will conform with Data Protection legislation and our other statutory obligations.

We process your information for the following services and purposes:

adults and children's social care services
analysing council performance and service improvement and development
bins, recycling and waste collection
births, marriages and deaths
blue badges
building control applications
business rates
Council Tax
crime and public safety
employment
health and wellbeing
housing benefits
information requests under Freedom of Information legislation, the Environmental Information Regulations, the General Data Protection Regulation and Data Protection Act
landlord licensing
licensing
parking permits
planning applications
school admissions and education services
social housing needs
voting and elections
youth services

We also may use your information for the purposes of protecting council assets such as equipment, buildings or staff.

The lawful basis for the collection of personal information can be found in the service specific privacy notice. Most processing carried out for the purposes of the council's functions such as business administration or service development is processed on the basis of legitimate interest.

Who your information may be shared with

We have statutory obligations to collect, process and share personal or sensitive information. We can send information without consent to the following partners:

central government, including DWP, HMRC, Home Office, Department of Education, Department of Health
Disclosure and Barring Service
housing associations
HM Courts and Tribunals Service
law enforcement agencies, including the Police and Crown Prosecution Service
NHS (GPs, Hospital, Mental Health, ICBs)
Office for National Statistics
other councils
schools
voluntary sector

We send this information for the following purposes:

assessment of any tax or duty
collection of debt
criminal or civil prosecution of offender
delivering national government programmes and initiatives such as the Troubled Families programme
health and wellbeing and public health
improving services we deliver, or providing the services you agreed to receive
national security
prevention and detection of crime
prevention of fraud
protection, administration and management of public funds and public grant schemes
protecting you or other individuals from serious harm
public safety and law enforcement
safeguarding of vulnerable adults and children
supporting the national fraud initiative
when required to do so by any court of law

We will do so where there is a lawful basis under the conditions set out in Data Protection legislation.

We also share your information with third-party service providers working on our behalf. These include data processors such as IT specialists, software and communications providers.

We only disclose personal information to third-party providers if necessary to service delivery. Our contracts ensure they keep your information secure and do not use it for any other purposes. This conforms to the Data Protection Act 2018 and General Data Protection Regulation (UK GDPR).

We never disclose personal information to third parties for marketing purposes without permission.

How we process and use your personal information

Business intelligence

We may analyse personal information to improve services and for the following purposes:

analysing our performance at delivering services to you
analysing our service costs, to ensure better and more efficient use of public funds
evaluating the health of Gateshead's population and so protecting and improving public health
understanding what we can do for you and informing you of other relevant services and benefits
understanding your needs and planning services accordingly
undertaking statutory functions efficiently and effectively

Gateshead Council commits to use pseudonymised or anonymised information where practical. In most cases this is the default position.

Pseudonymisation replaces fields within personal data with one or more artificial identifiers. There can be a pseudonym for a collection of replaced fields or one per replaced field.

Anonymisation removes details (especially from medical test results) for statistical or other purposes.

Profiling and automated decision-making

Profiling is the processing of personal data to analyse or predict certain characteristics. For example, a person's economic and health situation, reliability, personal preferences or interests.

Automated decision-making is profiling carried out without any element of human review. For example, carrying out credit checks and searches to detect and reduce fraud.

We may use information from different services you engage with to create a single profile of you. This will help us understand your specific needs and ensure we provide correct and efficient services. This accurate record of personal data across all council services can include:

name
date of birth
address
email address
changes in circumstances

We will use profiling only when necessary and where the law allows. This will be to provide the service you have agreed to receive or where there is a statutory obligation. However, we will notify you about profiling and where required we will seek your consent.

Marketing and e-newsletters

Your choices direct the method and type of communications from Gateshead Council. When you sign up for one of our newsletters, we will send emails informing you of our activities, news and events.

We may use tools to improve the effectiveness of our communications with you. This includes tracking if you open the emails we send and which links within a message you click. We can then refine future campaigns to ensure our emails are as relevant and useful as possible.

You can choose if you wish to receive information from us or not. If you no longer want to receive e-newsletters, there is an 'unsubscribe' link at the bottom of our emails. You can find out more on our e-newsletters page.

Website usage

Upon visiting our websites, we will use third party service providers to collect technical information from your device including standard internet log information such as the Internet Protocol (IP) address, your browser type and version, and certain page interaction information.

We use Hotjar (opens new window) to better understand our users' needs and to optimise the website. Hotjar is a technology service that helps us understand our users' experience. For example, how much time they spend on which pages, which links they select, what users do and don't like. This enables us to build and maintain our service with user feedback.

Hotjar uses cookies and other technologies to collect data on user behaviour and devices. This includes:

browser information
ndevice IP address (captured and stored only in anonymised form)
device screen size
device type (unique device identifiers)
geographic location (country only)
preferred language used to display our website

Hotjar stores this information in a pseudonymised user profile. Neither Hotjar nor we will ever use it to identify individual users or to match it with other individual user data. For further details, please see Hotjar's privacy policy. (opens new window)

You can opt out of user profile creation, Hotjar's storing of data about your usage of our site and Hotjar's use of tracking cookies on other websites. Follow this opt-out link. (opens new window)

How we hold and keep personal information secure

How long we keep your information

We review our retention periods of the information we hold about you on a regular basis. We must hold some types of personal information to fulfil our statutory obligations.

We will hold your personal information on our systems as long as is necessary for the activity or service provided, or as required by law. See individual services' Privacy Notices to learn how long they hold your information.

How we protect your personal information

Any information held by the council about individuals is held securely and in compliance with the Data Protection Act 2018 and GDPR. Information is held electronically on secure servers and cloud storage solutions. Paper records are stored securely in accordance with council policies and procedures.

Gateshead Council is committed to protecting its service users' personal data. Our data measures ensure best practice for staff, service providers, partners and suppliers. Measures are lawful and follow rules and practices known as Information Governance (IG).

The information security measures we've put in place include:

encrypting all our electronic devices and sensitive information that is transmitted
following good IG practice and the law for collecting, handling and giving access to information
holding information for no longer than required and disposing of it securely
permitting access to your information only to those who need to know and where it is necessary
putting processes in place to ensure good IG practices for information we collect, hold or handle in both manual and electronic forms
training staff in their data protection responsibilities

Your information rights

The UK GDPR provides the following rights for individuals:

1. The right to be informed

You have the right to be informed about the collection and use of your personal data. This is a key transparency requirement under the UK GDPR. This includes our purposes for processing your personal data, our data retention periods, and who we share it with. We must provide privacy information to you at the time we collect your personal data.

2. The right of access

You have the right to access and receive a copy of your personal data, and other supplementary information. This is commonly referred to as a subject access request or 'SAR'. Individuals can make SARs verbally or in writing.

3. The right to rectification

You have the right to have inaccurate personal data rectified, or completed if incomplete. You can make a request for rectification verbally or in writing. In certain circumstances we can refuse a request for rectification. This right is closely linked to the controller's obligations under the accuracy principle of the UK GDPR (Article (5)(1)(d)).

4. The right to erasure

You have the right to have personal data erased. This is also known as 'the right to be forgotten'. The right is not absolute and only applies in certain circumstances. Individuals can make a request for erasure verbally or in writing.

5. The right to restrict processing

You have the right to request the restriction or suppression of your personal data. This is not an absolute right and only applies in certain circumstances. When processing is restricted, we are permitted to store the personal data, but not use it. An individual can make a request for restriction verbally or in writing.

6. The right to data portability

You have the right to obtain and reuse your personal data for your own purposes. It allows you to move, copy or transfer personal data. Safe and secure transfer from one IT environment to another enables use of other applications and services. For example, to find you a better deal or help you understand your spending habits. The right only applies to information an individual has provided to a controller.

7. The right to object

You have the right to refuse the processing of your personal data in certain circumstances. You have an absolute right to stop use of your data for direct marketing. You can make an objection verbally or in writing. You may not be able to object to the holding, using or sharing of your information under certain circumstances. Examples include:

where we have a duty to safeguard a vulnerable adult or a child
where data is required for the prevention and detection of crime
where we are required to fulfil our statutory obligations

8. Rights in relation to automated decision-making and profiling

The UK GDPR also has provisions on:

automated decision-making - decisions made solely by automated means without any human involvement
profiling - automated processing of personal data to evaluate certain things about an individual (can be part of an automated decision-making process)

Article 22 of the UK GDPR also has rules protecting you from legal or significant effects of solely automated decision-making.

If you would like to exercise your information rights or need any more information about them, please contact:

Data Protection Officer
Civic Centre
Regent Street
Gateshead
NE8 1HH

DPOcouncil@gateshead.gov.uk 0191 433 3000

Information Commissioner's Office

The Information Commissioner is the UK's independent body set up to uphold information rights.

To find out more about your rights under Data Protection law, and what to expect from us, visit the Information Commissioner's website. (opens new window)

For privacy practices or data protection rights concerns, contact the Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

0303 123 1113 or 01625 545 745

casework@ico.org.uk

How you can update your information

Our delivery of relevant and efficient services depends on the accuracy of your information.

please inform the service you are accessing of any changes to the following:

postal address
email address
personal circumstances
any of the other information we hold

Changes to our privacy policy

The terms of this Privacy Notice may change, so please recheck periodically.

Last modified September 2023

This website uses cookies