Corporate Support Privacy Notices

The Corporate Support Sevice Privacy Notices: 

 

Data

Purpose

Device ticket

Unique long term code which is created as you login. Used so you don’t have to login every time you use the app. The Device Token is used to create an Access Token.

Access Token

(JSON Web Token format which includes session number and unique user number)

Short term token that is used to connect to council services so that they know which account is being used. e.g. when you make a request for a service.

Property Unique Reference Number

Used to remember an address you selected in ‘Where I Live’.

Device number

Used to send notifications to your device

Notification choice

Used to remember which notifications you have chosen to accept on your device.

Cookies

Some parts of the app use cookies like the ones on the Council’s website. Further information about cookies. 

Who else will receive your information

We will share your information with other Services across the Council and some external bodies, in order to provide you with a service.  We won’t share your information with other bodies unless we have to.

As a public authority, Gwynedd Council is required by law to protect the public funds it administers. We may share information provided to us with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.

Visitors to our website
When you visit www.gwynedd.llyw.cymru we use 3rd party services, SiteImprove and Google Analytics to collect information about visitor behaviour patterns on the website. This allows us to find out how many visitors go to various part of the site, and helps us improve the visitor experience for the customer.   


Cookies
You can read about our use of cookies on the Privacy notices and cookies page.   


Website satisfaction questionnaire 

We encourage visitors to our website to provide a score (1* to 5*) on their satisfaction with our website. If the visitor provides their email address with their score, the email address will be kept for a maximum of 1 year. Unless an email address is provided we are unable to identify the individual who gave the score. 

Online payments
When you use debit cards to make payments through our website – to pay council tax etc, the card number will be encrypted, as well as many other safety measures.  


YouTube
Videos are embedded on some of the pages on our website. When you click on a link that opens the video it will take you to the YouTube website, and your data will be handled in accordance with their privacy notices. 

External websites
We have a number of external links from our website. Gwynedd Council is not in any way responsible for the content of these websites.  


Consultations
The Council will occasionally hold consultations so that residents can have their say on the services that we provide. Every survey will include a privacy notice letting you know for how long the data will be kept and what we do with the information you provide. 


Who else will receive your information
We will share your information with other Services across the Council and some external bodies, in order to provide you with a service.  We won’t share your information with other bodies unless we have to.

As a public authority, Gwynedd Council is required by law to protect the public funds it administers. We may share information provided to us with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.

We collect information about your device, browser and operating system to develop online services and the website. Your IP address is needed for security reasons.

We keep a copy of the call for staff training and to help improve services.

 

Legal basis  
We collect this information under Article 6(1)(f)  of the General Data Protection Regulations, as it is necessary for our lawful interests.  


Sharing data
The data will not be shared with anyone else (except for the company named below), nor will it be transferred abroad. However, as a public authority, Gwynedd Council is required by law to protect the public funds it administers. We may share information provided to us with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.

We use an external company called Click 4 Assistance to help us provide this information.    

 

Detention periods 
The company holds the information for the following periods:

Webchat detention periods

 Chat details

1 year 

 Summary information

 1 year

 Offline/smartContract/ Click2Call Request Details

 3 months

 Website Visitor Details

 4 days or 100,000 sessions

 Client Audit/Availability/ Conversion Details

 31 days



Why do we need your information

Galw Gwynedd and Siopau Gwynedd collects your information in order to provide you with a service.  We won’t collect your information unless there is a specific, explicit and legitimate purpose for doing this.

 

Justification for using your information.

For some services, for example the collection of refuse, the processing of information is necessary in order for us to to perform a task in the public interest or in the exercise of official authority.

For some services, for example applications for a blue badge or the payment of council tax, the processing is necessary to comply with a legal obligation. 

We will not use your data  for profiling or to make automatic decisions.

By completing our customer satisfaction questionnaire, you give your consent for us to process your personal data, for the specific purpose of service improvement.



Who else will receive your information

We will share your information with other Services across the Council and some external bodies, in order to provide you with a service.  We won’t share your information with other bodies unless we have to.

As a public authority, Gwynedd Council is required by law to protect the public funds it administers. We may share information provided to us with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.

 

For how long will we keep your information?

We keep your information in our computer system for 7 years, and if you send us an e-mail we will keep it for 12 months.

CCTV recordings (in Siop Gwynedd Pwllheli, Dolgellau and Caernarfon) will be kept for a duration for 2 months.

More information about your rights, and contact details:  Data Protection Officer 

 

Accessing your data

You can see your data by request, to do this, contact the Data Protection Officer . 

 

The information we collect about you

The information that we collect, process, hold and share include:

  • Full name

  • Date of birth

  • Current address

  • Place of birth

  • National Insurance Number (NINO)

  • Details of benefits you receive associated with your mobility

  • Proof of your identity

  • Medical information you provide in support of your claim

  • Your photograph

  • Contact details you have provided including telephone numbers, email addresses used for contact about your application to ask for more information, update you on progress and for sending the decision to you and the Blue Badge if you are eligible.

Why we collect and use this information

We store and use your Blue Badge application data to:

  • assess eligibility for a Blue Badge

  • produce and distribute the badge

  • monitor usage

Why we are allowed to use your information

We collect and use this information on the basis of the Council’s public task and the legislation underpinning this is:

Section 21 of the Chronically Sick and Disabled Persons Act 1970

Any special category (sensitive) information (ie health related information) is processed under the substantial public interest condition (Article 9(2)(g) of the General data Protection Regulation. 

How long we will keep your personal information

Information will be kept for a period of 4 years (from the date of application)

Who we share this information with

We will share information with the Department for Transport who are responsible for the scheme.

Your details will be shared with Valtech Limited as they host the national Blue Badge system.

If you are eligible for a badge, your details will also be shared with APS as they produce and post out the badges.

If you decide that you wish to receive updates on the progress of your application, your details will also be shared with the Government Notify service.

On occasion we will share your details with Able 2 Occupational Therapy Services who undertake the Independent Mobility Assessments where it is felt you will need to be assessed to determine your eligibility.

We will contact the Department for Work and Pensions to check you are receiving the benefits you have declared in connection with your mobility if you have not supplied evidence of this.

Parking Services enforcement officers have access to details on Blue Badges for enforcement and fraud detection.

Other local authorities may access the information for the purpose of preventing fraud.

National Fraud Initiative

As a public authority the Council is required by law to protect the public funds it administers. We may share information provided to us with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud. Please refer to the full NFI privacy notice for more details.

Will your information be used to make automated decisions?

There is no automatic decision making or profiling.

 

Your rights

 For information about your rights and details of the Council’s Data Protection Officer, please go to Privacy notice . 

Purpose and legal basis for processing

Our purpose for processing your personal data is so that we can respond to your information request.

The legal basis for this is article 6(1)(c) of the GDPR, which relates to processing necessary to comply with a legal obligation to which we are subject.

If any of the information you provide us in relation to information request contains special category data, such as health information, the legal basis we rely on to process it is article 9(2)(g) of the GDPR, which also relates to our public task and Schedule 1 part 2(6) of the DPA2018 which relates to statutory and government purposes.

What we need and why we need it

We need information from you to respond to you and to locate the information you are looking for. This enables us to comply with our legal obligations under the following legislation:

  • General Data Protection Regulation (2016)

  • Data Protection Act (2018)

  • Freedom of Information Act (2000)

  • Environmental Information Regulations (2004)

What we do with it

When we receive a request from you, we’ll set up an electronic case file containing the details of your request. This normally includes your contact details and any other information you have given us. We’ll also store on this case file a copy of the information that falls within the scope of your request.

If you are making a request about your personal data, or are acting on behalf of someone making such a request, then we may ask for information to satisfy us of your identity. If it’s relevant, we’ll also ask for information to show you have authority to act on someone else’s behalf.

How long we keep it

For information about how long we hold personal data, please contact our Data Protection Officer

What are your rights

For more information on your rights, please see Your rights  on the corporate privacy notice.