Data Protection Act

Data Protection legislation seeks to protect an individual’s privacy by regulating the way their personal data is processed.

We strive to ensure the personal information we collect, use and hold is processed securely and complies with data protection principles outlined in the General Data Protection Regulation (GDPR) and its associated legislation.

Data controller / data protection officer
For the purposes of GDPR and the Data Protection Act 2018 Tamworth Borough Council of Marmion House, Lichfield Street, Tamworth, Staffordshire, B79 7BZ, is a controller of your personal data. Our data protection officer can be contacted by writing to us at the above address, by calling us on 01827 709266 or by emailing data-protection@tamworth.gov.uk.

Your rights

Data Protection legislation provides the following rights for individuals:

The right to be informed
You have the right to be informed about the collection and use of your personal data. We will normally do this by way of privacy notices on forms or on our website.

The right of access 
You have the right to request access to the information we hold about you. The information requested will be provided free of charge, however, we may charge a reasonable fee if the request is considered 'manifestly unfounded' or 'excessive'. We may also charge a fee if you request further copies of information we have already provided to you.

The right to rectification
You have the right to request that inaccurate personal information be rectified and incomplete personal information updated.

The right to erasure
You have a right to ask us to erase information about you. This right will only apply where:

  • The personal data is no longer necessary for the purpose which we originally collected it for
  • We are relying on consent as the lawful basis for holding the data and you withdraw that consent
  • We are processing the data for direct marketing purposes and you object to that processing

The majority of processing we carry out is governed by legislation, which usually includes how long we have to keep your information. The right of erasure won’t apply where we have a lawful reason to process your data and it is kept in accordance with our retention schedule.

Where your information has been shared with others, we will endeavour to ensure they are aware of your request for erasure.

The right to restrict processing
You have the right to restrict the processing of your personal data where:

  • You contest the accuracy of your personal data and the council needs to verify its accuracy before further processing takes place
  • The data has been unlawfully processed and you oppose erasure of the data and request restriction of its use instead

The right to data portability
You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. This is called data portability. However, this only applies if we’re using your personal information with consent (not if we’re required to by law) and if decisions were made by a computer and not a human being.

It’s likely that data portability won’t apply to most of the services you receive from the council. You can ask to have any computer made decisions explained to you, and details of how we may have ‘risk profiled’ you.

The right to object
You have the right to object to the processing of your personal information. The right to object only applies in certain circumstances.

Where personal data might lawfully be processed because it's necessary for the performance of a task carried out in the public interest or in the exercise of official authority, a data subject should be entitled to object to the processing of any personal data relating to their particular situation. It should be for the council to demonstrate that its compelling legitimate interest overrides the interests or the fundamental rights and freedoms of the data subject.

Please note that the above rights are not absolute.

We can refuse your request. For full details of rights, grounds to exercise them and the exemptions available to the council, please see articles 12 to 23 of the GDPR.

Exercising your rights:
To request a copy of personal information we may hold, please complete this Right to Access form (doc) and email it to our data protection officer at: data-protection@tamworth.gov.uk. You can use the same email address to exercise any of your other rights under Data Protection rules.

Useful links:

Contact: Information Governance Team: Tel: 01827 709587 or email: Data-Protection@tamworth.gov.uk.

Complaints

If you are unhappy with the way the council has handled your personal data then please speak with the service area concerned, or our data protection officer so we can look into your concerns.

Following this, if you remain unhappy, the Information Commissioner's Office is responsible for upholding your rights, ensuring the council is open and protects people’s privacy. 

Other complaints
If you are not satisfied with the service you have received generally, you can contact us using the Council's Tell Us Policy.

Protecting public funds - data matching and the National Fraud Initiative

We are required by law to protect the public funds we administer. We may share information provided to us with other bodies responsible for auditing or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.

The Cabinet Office is responsible for carrying out data matching exercises.

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency that requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

We participate in the Cabinet Office's National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office as part of this. Find out more about the data sets here.

The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under the Data Protection Act 2018.

Data matching by the Cabinet Office is subject to a Code of Practice.

View further information on the Cabinet Office's legal powers and the reasons why it matches particular information.