Regulatory services customer feedback privacy notice

Who is the Data Controller for this processing?

We are the Data Controller for this processing.

The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment.

What personal information do we hold?

We only collect and use the minimum amount of personal information required when delivering a service to you. Wherever possible we use non-identifiable personal information.

The service may use some or all of the personal information provided, which could include your name, email address or telephone number.

How do we use your personal information?

We use your information to:

• deliver the service, or handle your query
• plan and improve the services we offer
• ask you to tell us in more detail the reasons for the feedback you have given

Who else might we share your personal information with?

We do not share your information.

What is the legal basis for our use of your personal information?

Most of the personal information we process is provided to us directly by you, under the General Data Protection Regulation (GDPR), the lawful bases we rely on for using your personal information are:

• you gave us your consent (GDPR Article 6 (a) - you are able to remove your consent at any time by contacting RegulatoryServices@cheshirewestandchester.gov.uk

Where will we store your information?

Your information will be securely stored on our network.

How long will we keep your personal information?

We will only use your personal information whilst delivering the service to you and to deal with any questions or complaints that we may receive about this, unless the law requires us to keep it for a longer period. In practice, this means that your information will be kept for up to six months then deleted.

If we need to use your information for research or reports, your information will be anonymised and any information taken from notes (hand written or typed) during any consultation sessions will be securely destroyed. The information will continue to be used in a summarised and anonymised form in any research reports or papers that are published. The anonymised information in the papers may be of historic interest and may be held in public archives indefinitely.

Your rights

Under data protection law, you have rights including:

• your right of access - you have the right to ask us for copies of your personal information
• your right to rectification - you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
• your right to erasure - you have the right to ask us to erase your personal information in certain circumstances
• your right to restriction of processing - you have the right to ask us to restrict the processing of your information in certain circumstances
• your right to data portability - you have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

To make a request follow the instructions on our Data Protection for you page.

How to complain if you are unhappy about how your data is used

You can complain directly to our Data Protection team online or by post.

• Online: Contact the DPO
• By post: Data Protection Officer, The Portal, Wellington Road, Ellesmere Port, CH65 0BA

You also have the right to complain to the Information Commissioner’s Office using the following details:

• Information Commissioner's Office (ICO) website
• By post: The Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
• Telephone: 0303 123 1113

Will my personal information be accessible outside the UK?

Should the transfer of personal information outside of the UK become necessary, it will only take place if permitted by law, and then only where there are appropriate safeguards in place to protect the personal information.

Your information is stored within the UK.