Privacy Notice

Risk and Resilience Practitioners Privacy Notice

Here at Wakefield Council, we take your privacy seriously and will only use your personal information for the purpose(s) listed in section 2 below. This notice provides details of how the Council collects and uses information (data) about you.

We will keep your information (data) secure at all times.

1. Who we are.

a) The Controller for the information we hold is Wakefield Council.

Contact details:

Telephone: 01924 306112
Email: dataprotection@wakefield.gov.uk

b) The Council’s Data Protection Officer is the Corporate Information Governance Team Manager.

Contact details:

Telephone: 01924 306112
Email: dpo@wakefield.gov.uk

c) The Data Processor is Indigo Multimedia

Contact Details:

Email: info@indigomultimedia.com

2. How we use your data:

In order to manage the Risk and Resilience website, Wakefield Council accesses the following information about you on the Risk and Resilience website, which is developed by Indigo Multimedia. Wakefield Council also receives an email from the website, providing us with your details. You are asked to provide this information when you sign up to be a practitioner on the Risk and Resilience website (The Wakefield Risk and Resilience Framework):

  • First Name
  • Last Name
  • Username
  • Email Address
  • Job Title
  • Organisation

We will not share this data with any third parties.

We use this information to:

  • Activate your account.
  • Support your access to the website, including resetting user accounts.
  • Inform you about website issues.
  • Inform you about training opportunities and new resources.

In addition, your data may be accessed by Internal Audit and the Counter-Fraud Team as they are required to hold, or have access to, information from systems and processes across the Council so that we can:

  • Fulfil legal (Accounts and Audit Regulations 2015, and Local Government Act 1972) and mandatory professional requirements (Public Sector Internal Audit Standards) to provide an internal audit function.
  • Investigate referrals made under the Council’s Counter-Fraud Framework, including the Whistleblowing Policy.
  • Participate in national and local counter-fraud schemes, such as the National Fraud Initiative, to help protect the public purse.
  • Maintain the central register of applications for RIPA (Regulation of Investigatory Powers Act 2000)
  • Ensure the effectiveness of the Council’s governance, risk management, and control processes. This forms part of the Head of Internal Audit Annual Assurance Opinion, which is incorporated into the Annual Governance Statement.
  • Facilitate the prevention, deterrence and detection of bribery, corruption, fraud and money-laundering committed against the Council.

Should you decide not to provide any of the information we request from you then your ability to utilise the Risk and Resilience website will be limited.

3. What authority does the Council have to collect and use this information?

The law says that we cannot process your personal data unless we comply with at least one condition in Article 6 of the UK GDPR. The Article 6 lawful basis we rely upon for processing your information is:

Article 6 1 (b) – processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

4. How long will we keep your data?

We will keep your personal information collected for the purpose(s) detailed in section 2 for a period of your account being registered with the Risk and Resilience website after which time it will be deleted from our systems. The reason for keeping information for this period of time is to provide you with access to the Risk and Resilience website.

If your account is inactive for a period of 3 years you will receive a reminder email, if your account remains inactive, then it will automatically be deleted and any data will be removed from the system.

5. Your rights and your personal data

Under the GDPR you have the following rights:

Right of Access

You have a right of access to the personal information that the Council holds about you, and/or the right to be given a copy of the data undergoing processing.

Right to Rectification

You have the right to request that the Council corrects any personal data if it is found to be inaccurate, incomplete or out of date.

Right to Restriction of Processing

You have the right, where there is a dispute in relation to accuracy or lawfulness of processing of your personal data, to request that a restriction is placed on further processing.

Right to Portability

You have the right to request the Council provide you with your personal data and where possible, to transmit that data directly to another data controller. However, this only applies to data that you have provided to us and not to all the information that the Council holds about you.

Right of Complaint

You have a right to lodge a complaint with the Information Commissioner, please find contact details below.

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

To exercise any of your rights, you should contact the Data Controller’s representative as shown in section 1b.

6. Further processing

If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, then we will provide you with a new Privacy Notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

7. Changes to this Notice

We will review this notice regularly, and no later than every 2 years, to ensure it remains accurate and relevant, unless legislative changes require this sooner.

Risk and Resilience Website Parent Privacy Notice

Here at Wakefield Council, we take your privacy seriously and will only use your personal information for the purpose(s) listed in section 2 below. This notice provides details of how the Council collects and uses information (data) about you.

We will keep your information (data) secure at all times.

1. Who we are.

a) The Controller for the information we hold is Wakefield Council.

Contact details:

Telephone: 01924 306112
Email: dataprotection@wakefield.gov.uk

b) The Council’s Data Protection Officer is the Corporate Information Governance Team Manager.

Contact details:

Telephone: 01924 306112
Email: dpo@wakefield.gov.uk

c) The Data Processor is Indigo Multimedia

Contact Details:

Email: info@indigomultimedia.com

2. How we use your data:

In order to manage the Risk and Resilience website, Wakefield Council accesses the following information about you on the Risk and Resilience website, which is developed by Indigo Multimedia. You are asked to provide this information when you sign up to be a parent on the Risk and Resilience website (The Wakefield Risk and Resilience Framework):

  • Email Address
  • Locality (first part of the postcode)
  • Age group of your child/ren
  • If you home educate
  • Whether you have previously attended R&R training

We will not share this data with any third parties.

We use this information to:

  • Activate your account.
  • Support your access to the website, including resetting user accounts.
  • Inform you about website issues.
  • Inform you about training opportunities and new resources.

We use other information you provide anonymously:

  • For statistical purposes to help improve service provision

In addition, your data may be accessed by Internal Audit and the Counter-Fraud Team as they are required to hold, or have access to, information from systems and processes across the Council so that we can:

  • Fulfil legal (Accounts and Audit Regulations 2015, and Local Government Act 1972) and mandatory professional requirements (Public Sector Internal Audit Standards) to provide an internal audit function.
  • Investigate referrals made under the Council’s Counter-Fraud Framework, including the Whistleblowing Policy.
  • Participate in national and local counter-fraud schemes, such as the National Fraud Initiative, to help protect the public purse.
  • Maintain the central register of applications for RIPA (Regulation of Investigatory Powers Act 2000)
  • Ensure the effectiveness of the Council’s governance, risk management, and control processes. This forms part of the Head of Internal Audit Annual Assurance Opinion, which is incorporated into the Annual Governance Statement.
  • Facilitate the prevention, deterrence and detection of bribery, corruption, fraud and money-laundering committed against the Council.

Should you decide not to provide any of the information we request from you then your ability to utilise the Risk and Resilience website will be limited.

3. What authority does the Council have to collect and use this information?

The law says that we cannot process your personal data unless we comply with at least one condition in Article 6 of the UK GDPR. The Article 6 lawful basis we rely upon for processing your information is:

Article 6 1 (a) – Your consent

4. How long will we keep your data?

We will keep your personal information collected for the purpose(s) detailed in section 2 as long as you are registered with the Risk and Resilience website after which time it will be deleted from our systems. The reason for keeping information for this period of time is to provide you with access to the Risk and Resilience website.

If your account is inactive for a period of 3 years you will receive a reminder email, if your account remains inactive, then it will automatically be deleted and any data will be removed from the system.

5. Your rights and your personal data

Under the GDPR you have the following rights:

Right of Access

You have a right of access to the personal information that the Council holds about you, and/or the right to be given a copy of the data undergoing processing.

Right to Rectification

You have the right to request that the Council corrects any personal data if it is found to be inaccurate, incomplete or out of date.

Right to Restriction of Processing

You have the right, where there is a dispute in relation to accuracy or lawfulness of processing of your personal data, to request that a restriction is placed on further processing.

Right to Portability

You have the right to request the Council provide you with your personal data and where possible, to transmit that data directly to another data controller. However, this only applies to data that you have provided to us and not to all the information that the Council holds about you.

Right of Complaint

You have a right to lodge a complaint with the Information Commissioner, please find contact details below.

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

To exercise any of your rights, you should contact the Data Controller’s representative as shown in section 1b.

6. Further processing

If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, then we will provide you with a new Privacy Notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

7. Changes to this Notice

We will review this notice regularly, and no later than every 2 years, to ensure it remains accurate and relevant, unless legislative changes require this sooner.