Our privacy notices set out how we, Mid Sussex District Council, collect, store and handle your personal information and what your information rights are. Your rights will vary with the service being used. We provide a wide range of public services, so one notice for all services may not give you enough detail. You can also find links to further notices for each service area. There may be a service specific privacy notice for you to find out how your information is used and your rights.
Personal information may be collected on a paper or online form, by telephone, email, CCTV or by a member of our staff, or one of our partners.
Who we are
Mid Sussex District Council is registered with the Information Commissioner’s Office (ICO) as a 'data controller' under the Data Protection Act. We are a public authority and have a nominated Data Protection Officer. See our contact information below.
What personal information we obtain
We are registered with the Information Commissioner. You can view this at https://ico.org.uk/about-the-ico/what-we-do/register-of-fee-payers/ – see entry Z7389348.
Why we collect information about you
Our lawful basis for collecting information is public task.
We need to collect and hold information about you, in order to:
- deliver public services
- confirm your identity to provide some services
- contact you by post, email or telephone
- understand your needs to provide the services that you request
- understand what we can do for you and inform you of other relevant services and benefits
- obtain your opinion about our services
- update your customer record
- process financial transactions
- prevent and detect fraud and corruption in the use of public funds
- allow us to undertake statutory functions efficiently and effectively
- make sure we meet our statutory obligations including those related to diversity and equalities.
We may not be able to provide you with a product or service unless we have enough information, or your permission to use that information.
How we use your information
We will use the information you provide in a manner that conforms to the Data Protection legislation. We will endeavour to keep your information accurate and up to date and not keep it for longer than is necessary. In some instances the law sets the length of time information has to be kept.
In general, we process your information for the following purposes:
- for the service you requested, and to monitor and improve the council’s performance in responding to your request
- to allow us to be able to communicate and provide services and benefits appropriate to your needs
- to ensure that we meet our legal obligations
- where necessary for the law enforcement functions
- to prevent and detect fraud or crime
- to process financial transactions including grants, payments and benefits involving the council, or where we are acting on behalf of other government bodies, e.g. Department for Work and Pensions
- to collect monies owed to us
- where necessary to protect individuals from harm or injury
- to allow the statistical analysis of data so we can plan the provision of services.
We will not pass any personal data on to third parties, other than those who either process information on our behalf, or because of a legal requirement, and we will only do so, after we have ensured that sufficient steps have been taken to protect the personal data by the recipient. We do not sell your information to any organisation.
We do not process data outside of the European Economic Area.
We may need to pass your information to other people and organisations that provide the service. These providers are obliged to keep your details securely, and use them only to fulfil your request. If we wish to pass your sensitive or confidential information onto a third party, we will only do so once we have obtained your consent, unless we are legally required to do so.
We may disclose information to other partners where it is necessary, either to comply with a legal obligation, or where permitted under the Data Protection Act, e.g. where the disclosure is necessary for the purposes of the prevention and/or detection of crime.
Where we need to disclose sensitive or confidential information such as medical details to other partners, we will do so only with your prior explicit consent or where we are legally required to.
We may disclose information when necessary to prevent risk of harm to an individual.
At no time will your information be passed to organisations external to us and our partners, for marketing or sales purposes or for any commercial use without your prior express consent.
Communication with the Council
Telephone calls and Live chat
We will inform you if we record or monitor any telephone calls you make to us. Calls made direct to, or from, our Customer Contact Centre or to our Revenues & Benefits service are recorded and kept for 6 months from the date of the call. We do not record any financial card details if you then make payments by telephone. If the call is transferred to a member of staff outside the Customer Service Centre, the recording stops. Calls may be recorded if telephoning direct to other service teams on alternative numbers.
These records will be used, to increase your security, for our record keeping of the transaction and for our staff training purposes.
If you email us we may keep a record of your contact and your email address and the email for our record keeping of the transaction.
We suggest that you keep the amount of confidential information you send to us via email to a minimum and use email encryption, our secure online forms and services.
Where you receive emails direct from a service, you can withdraw consent and ask to be removed from the mailing list at any time by contacting the service.
Using our website
We may use information you provide via this site to:
- Improve content
- Communicate information to you - if you have requested it
We automatically monitor information such as:
- Pages visited
- Browsers used
- IP addresses
- Device type used
None of the above information will identify you personally. We only use it to help improve the website
This statement only covers the council websites maintained by us, and does not cover other websites linked from our site.
Use the button below if you want to opt in/out of our analytics software:
Third party scripts are parts of the website that are not designed by us.
Whilst Mid Sussex District Council makes every effort to keep the information on this web site accurate, we disclaim any warranty or representation, express or implied about its accuracy, completeness or appropriateness for a particular purpose.
Thus you assume full responsibility for using the information on this website, and you understand and agree that neither Mid Sussex District Council nor any of its employees or agents is responsible or liable for any claim, loss or damage resulting from its use.
Mid Sussex District Council is also not responsible for the contents or reliability of linked websites and does not necessarily endorse the views expressed within them.
Listing shall not be taken as endorsement of any kind.
We cannot guarantee that these links will work all of the time and we have no control over availability of the linked pages.
The views expressed on this website are not necessarily those of Mid Sussex District Council.
My account – self service
We use a range of different systems, requiring a different account username and password to sign in. We make sure these are kept secure in our systems but you are responsible for maintaining the confidentiality of your account and password and for restricting access to your computers and other applicable devices, and you agree to accept responsibility for all activities that occur under your account or password.
We have installed CCTV systems in some of our premises used by members of the public, for the purposes of public and staff safety and crime prevention and detection. CCTV is also installed on the outside of some of our buildings for the purposes of monitoring building security and crime prevention and detection.
Images captured by CCTV will not be kept for longer than necessary. However, on occasions there may be a need to keep images for longer, for example where a crime is being investigated.
You have the right to see CCTV images of yourself and be provided with a copy of the images. Please see https://www.midsussex.gov.uk/about-us/your-data/ for further details.
Body Worn Cameras incorporating audio recording are being used by Civil Parking Enforcement Officers when necessary for operational purposes.
The aim of the technology is to:
- promote the safety of the Officers
- reduce the potential number of confrontational situations experienced by Officers
- reduce potential escalation of incidents
- augment opportunities for evidence capture
You have the right to see images/audio recording of yourself in accordance with the Data Protection Act and be provided with a copy of the images.
We will only disclose images and audio to other authorised bodies who intend to use it for the purposes stated above. Images and audio will not be released to the media for entertainment purposes or placed on the internet for public viewing.
We operate CCTV and disclose in accordance with the codes of practice issued by the Information Commissioner and the Home Office.
How long your information will be held
We will not keep your information any longer than needed to provide the services you require. We may keep your data longer if we need to retain it for legal, regulatory or best practice reasons. We will tell you in our service specific privacy notices of the retention period that applies.
How we protect your information
The information you provide will be subject to rigorous measures and procedures to make sure it can’t be seen, accessed or disclosed to anyone who shouldn’t be allowed to see it.
We have a comprehensive set of Information and Security policies. These define our commitments and responsibilities to your privacy and cover a range of information and technology security areas. We provide training to staff who handle personal information and treat it as a disciplinary matter if they misuse or do not look after your personal information properly.
We conduct assessments of privacy when making changes to processes or systems that hold your personal data. We assess the technical security of our systems and supplier systems.
We will dispose of paper records or delete any electronic personal information in a secure way.
We will investigate data incidents where we have found that your personal information may have or has been disclosed inappropriately and attempt to recover any data. We will inform you unless we decide it would present a risk to you and inform the authorities such as Police, or Information Commissioner where required.
Your information rights
In general, you have the right to request that Mid Sussex District:
- provide a copy of your personal information
- correct any errors in your personal information and restrict processing until completed
- object to the processing, depending on the service and legal basis
- erase personal information, depending on the service and legal basis
- withdraw consent and have your data deleted, if consent is used as the legal basis for the service
- to be informed of automated decision making, including profiling for the service
Where possible we will seek to comply with your request but we may be required to hold, retain or process information to comply with a legal obligation or as a public task.
We try to ensure that any information we hold about you is correct. There may be situations where you find the information we hold is no longer accurate and you have the right to have this corrected. Please contact the Council service/team holding your information in the first instance.
You are legally entitled to request access to any information about you that we hold, and a copy. See https://www.midsussex.gov.uk/about-us/your-data/ for options on how to request a copy of your personal information.
If you have any concerns or comments please contact the Council’s Data Protection Officer directly:
Data Protection Officer
Digital & Technology
Mid Sussex District Council,
Haywards Heath, RH16 1SS
How to complain
If you wish to complain about your personal data privacy or information rights please contact the service in the first instance or at: https://www.midsussex.gov.uk/about-us/your-feedback/
If you wish to raise the matter directly with the Data Protection Officer, use the contact details above.
You have the right to complain to the supervisory authority – the Information Commissioner’s Office (ICO). The ICO is an independent body set up to uphold information rights in the UK. They can also provide advice and guidance and can be contacted through their website: www.ico.org.uk, or their helpline on 0303 123 1113, or in writing to:
Information Commissioner’s Office
Changes to this privacy notice
We will continually review and update this privacy notice to reflect changes in our services and feedback from service users, as well as to comply with changes in the law. When such changes occur, we will revise the 'last updated' date of this notice.
Service Area Privacy Notices
Please note: Information will only be kept in accordance with the General Data Protection Regulation and the Data Protection Act 2018. Mid Sussex District Council will not supply information to any other organisation or individual except to the extent permitted by law in carrying out any of its functions.