Data Protection - Print version

Coventry City Council processes a considerable amount of information, including personal data about the citizens it serves, to allow it to provide services effectively.  The Council recognises that this information is important to their citizens and that it has a responsibility to these citizens regarding the information it holds about them  As such, it takes seriously its responsibilities to ensure that any personal information it collects and uses is done so proportionately, correctly and safely.

How we use your personal data and who it may be shared with can be found in the Council's Privacy Policy [https://www.coventry.gov.uk/privacypolicy].

The Data Protection Act 2018 and General Data Protection Regulations sets out rules for processing personal information which Coventry City Council has to keep to when using your personal information.

1. Processed lawfully, fairly and in a transparent manner
2. Purpose limitation, collected for specified, explicit and legitimate purposes.
3. Data minimisation, ensure personal data is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
4. Accurate and where necessary kept up to date
5. Storage limitation, kept for no longer than necessary for the purposes for which the personal data are processed
6. Integrity and confidentiality, processed in a manner that ensures appropriate security of the personal data.

We are still required to have a registration with the Information Commissioner regarding the types of personal information we process and the purposes it is used for and who we share it with. You can see what is recorded on our Data Protection Notification entry if you search for Coventry City Council on the Information Commissioner's [https://ico.org.uk/esdwebpages/search] website.

Our Data Protection Policy [https://www.coventry.gov.uk/downloads/file/25356/data-protection-policy] outlines our approach to compliance with the Act.

Your Rights

The Data Protection Act 2018 gives individuals a number of rights:

1. The right to be informed of what information is held about them, what it is used for and to whom it may be shared
2. The right of access to the information held
3. The right to rectification - to have information corrected or destroyed
4. The right to erasure or to be 'forgotten'
5. The right to restrict processing (unless it is a mandatory function of the Council)
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling.

Individuals have the right to request their personal information [http://www.coventry.gov.uk/info/11/strategies_plans_and_policies/828/requesting_personal_information] we hold about them by making a subject access request.

What is information governance?

Information Governance can mean different things to different people. Within Coventry City Council, it is a term that is used to describe the way we manage our obligations for: Freedom of Information; Environmental Information Regulations; Re-use of Public Sector Information; Records Management; Regulation of Investigatory Powers; Data Protection; Information Sharing and IT Security.

It allows both the Council and its employees to ensure that both business and personal information is dealt with legally, securely, efficiently and effectively, in order to deliver the best possible services.

The legislations and guidance you can request information about are:

• Data Protection Act 2018 enables an applicant to access information of which they are the subject, e.g. someone's own education/social care records, employee files etc. The Data Protection Act is not restricted to information held by/on behalf of public authorities or those bodies carrying out public function nor is its purpose limited to the right of access to information.
• Regulation of Investigatory Powers Act 2000 are corporate procedures relating to the authorisation of Covert Surveillance activities and requests for data from communications providers, in accordance with RIPA (Regulations of Investigatory Powers Act) legislation.
• Environmental Information Regulations 2004 enables an applicant to access environmental information. They are restricted to information held by/on behalf of public authorities and those bodies carrying out a public function.
• Freedom of Information Act 2000 enables an applicant access to information which is held by/on behalf of public authorities and those bodies carrying out a public function, and, which does not fall under either of the access regimes listed above i.e. personal information or environmental information.
• Re-use of Public Sector Information Regulations 2015 establishes the UK framework for the re-use of public sector information. Accessible information which is produced, held or disseminated by the public sector body must be made available for re-use (unless it is otherwise restricted or excluded). The default is to set charges at marginal cost. 
• Records Management is about making sure that public authorities such as Coventry City Council manages its information so that employees can readily locate the correct information they need, at the time they need it.