Please see our full Privacy Notice
Updated: 08 February 2023
Reviewed: 08 February 2023
West Lindsey District Council's Freedom of Information (FOI) Department is committed to protecting the privacy and security of personal information. This privacy notice describes how we collect and use personal information in accordance with data protection law.
The reasons we use your data
We process your personal information in order to answer requests for information made under the Freedom of Information Act (FOIA) and Data Protection Act 2018 (The UK's implementation of the General Data Protection Regulation [GDPR])
The information you provide will be processed by our FOI team in order to fulfil our regulatory duties when responding to your enquiry when you have made a request for information under any of the acts or regulations:
- to process Subject Access Requests
- to process Freedom of Information Requests
- to Process Environmental Information Regulations
- to create and implement policies under the GDPR
- to create and implement policies under the FOIA
- to manage Third Party Data Subject Requests
- to contact you regarding your request and provide a response
Why we are allowed to use your data
The legal basis for processing your personal data is that it is necessary:
- to perform a task in the public interest – UK GDPR Art.6(1)(e)
- in the exercise of our functions as a government department – UK GDPR Art.6(1)(c)
We may hve to process sensitive personal data in order to action requests for data, the FOI department will only process sensitive personal data when strictly necessary to respond to requests, the legal basis we rely on for this are:
- reasons of substantial public interest – UK GDPR Art.9(2)(g)
- statutory government purposes – Data Protection Act 2018 Part 2, Schedule 1, paragraph 6
Purpose
The purposes for which we are processing your personal data are to:
- record and respond to freedom of information requests and data subject requests received by the department
- provide cross government advice, support and co-ordination in responding to freedom of information requests
What data we collect
We collect, store and use certain categories of personal information about you, such as:
- your name
- address
- email address
- your request
We may also process other personal data if you volunteer it.
In responding to subject access requests (SARs), we may process any data on you held by the department.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Where we collect your data from
We collect personal information directly from you in circumstances such as:
- when a request is made for information under the Freedom of Information Act or Environmental Information Regulations
- when a subject access request is made under the Data Protection Act 2018 and UK GDPR
We will also collect your personal information directly from third parties such as:
- other government departments and public authorities
- publicly available sources
- overseas information, where relevant and necessary
The information you provide will be processed by our FOI team in order to fulfil our regulatory duties when responding to your enquiry when you have made an FOI, EIR request or SAR.
Who we can share your data with
We can share your data with:
- internal departments
- other government departments when required in order to respond to your request
- agencies
- public bodies
- elected members
When computers make any decisions about you
Not applicable
When your data gets sent to other countries
Not applicable
How long do we keep your personal information?
Information held by the department in regards to individual rights and requests under any of the Acts or Regulations will be retained for two years from the date of the last communication relevant to the request.
Where ID is requested to confirm the identity of the requester this is not retained by the department.
Please see our full Privacy Notice