General Privacy Notice

Data Controller

North Lincolnshire Council is registered with the Information Commissioner (ICO) as a Data Controller.  This is a legal requirement.

Details of the council’s registration can be viewed on the ICO Website by searching under the following codes:

  • Z563337X – North Lincolnshire Council
  • Z7763429 – Electoral Registration Officer North Lincolnshire Council
  • Z7763477 – Superintendent Registrar of Births, Deaths & Marriages

North Lincolnshire Council in partnership with North East Lincolnshire Council deliver shared services under the name Northern Lincolnshire Business Connect.

Data Protection Officer

The UK General Data Protection Regulation (UK GDPR) details how organisations that process (use) personal information must protect it, how compliance must be demonstrated, what you as an individual should be told about how your personal information is being processed and what rights you have in relation to this information.

We are committed to protecting and respecting your privacy when you use our services and the following Privacy Notice explains how we use information about you and how we protect your privacy.  In addition and to be transparent we have produced Privacy Notices for some of our services that use personal information to provide additional information.

We have an Information Governance Framework that provides further detail.

We have  Data Protection Officer who helps us look after your personal information and who will answer your questions about how we look after this information.  Our Data Protection Officer is Phillipa Thornley and she can be contacted at informationgovernanceteam@northlincs.gov.uk or by calling 01724 296224 and asking for your query to be directed to her.

Key Definitions

Personal information – is any information relating to a natural person who can be identified, directly or indirectly, such as by name, an identification number, location data, an online identifier or genetic information.

Special Categories of Personal Data – relates to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Further definitions can be found in the Glossary on our Data Protection and Privacy page.

The lawful basis for processing your personal information

The lawful basis for processing your personal information must be identified under the UK GDPR.  Generally, the lawful basis for processing will be one of the conditions set out in Articles 6 of the UK GDPR and also Article 9 where special categories of personal data are being processed.  The lawful bases are as follows:

Article 6

  1. Performance of a contract
  2. Performance of a task or provision of a service in the public interest
  3. To comply with a legal obligation
  4. Protection of vital interests
  5. Consent
  6. Legitimate interests

Article 9

  1. Reasons of substantial public interest
  2. Preventative or occupational medicine
  3. Employment and Social Security
  4. Public interest in area of Public Health
  5. To establish, exercise or defend legal claims / courts acting in judicial capacity
  6. Personal data made public by the Data Subject
  7. Protection of vital interests
  8. Consent
  9. Archiving purposes, scientific or historical research or statistical purposes
  10. Legitimate activities in relation to not for profit organisations with a political, philosophical, religious or trade union aim

Further detail can be found on our Data Protection and Privacy page.

How we collect your personal information?

We may collect personal information from you in the following ways:

  • Paper, electronic or online forms
  • CCTV
  • Use of audio monitoring equipment
  • E-mail
  • Social Media
  • Telephone
  • Website
  • Face to face, with one of our employees, or one of our partners

The Personal Information we collect and how we use it and protect it

  • You can visit our website without telling us who you are, but please read the section on ‘cookies’ to understand how we may collect and use information about your visit to our website.
  • If you use one of our online services, including our self-service portal you are likely to need to provide us with personal details such as your name, address or email address, to allow us to deliver the service and monitor performance.  For those services that do require contact details you can choose to register with our self-service portal or you can provide your details each time you request a service, so that your details are not stored for future use in the portal.  It should be noted here that your details may still be passed to a service delivery team, who may need to store them to deliver the service.
  • Where necessary we take appropriate steps to verify your identity before delivering a service or providing information.  If these checks are not considered necessary we will assume all information is genuine.  If you have reason to think information held about you by the council is incorrect or that someone is using your identity please let us know and we will take the appropriate action.
  • You have the right to withdraw your consent or ask us at any time to amend, delete or stop using your personal information, as explained on our website and should direct any requests to the council by email as explained on our Data Protection and Privacy page.  Each request will be carefully considered an a case by case basis.
  • If you contact us we will securely record the personal information we need to fulfil your request.
  • If we are making an audio recording of your incoming or our outgoing telephone call we will inform you of this.  Any recording will stop when you start to make a payment by telephone and resume when you have finished making the payment.  This is so that your payment details are not recorded.  If we are making any other audio recording we will explain why and how before the recording starts.  We will only use audio recorded information as permitted by the UK GDPR, including for the training of staff.
  • We have installed CCTV cameras in public locations across North Lincolnshire and in and around some of our buildings.  CCTV cameras have also been installed on refuse collection vehicles.  Location information is available on our website for fixed cameras and signs are displayed where cameras are operating overtly (openly). Images captured will be handled as required by the UK GDPR.
  • We have installed Automatic Number Plate Recognition (ANPR) cameras at our Household Recycling Centres.  Location information is available on our website for these cameras and signs are displayed where cameras are operating.  Images captured will be handled as required by the UK GDPR.
  • Some of our Community Wardens use Body Worn Cameras that capture both images and sound.  When these are used they will be clearly visible.  Images and sound captured will be handled as required by GDPR.
  • The Regulation of Investigatory Powers Act 2000 (RIPA) covers covert (hidden) surveillance activities.  We would only undertake this type of activity if permitted under RIPA, which ensures we meet our obligations under the Human Rights Act 1998.
  • Our elected members and employees will be given access to and will process your personal information for the purposes of their official council duties, but only the personal information needed for that specific purpose.  They must not disclose your personal data to anyone else without your consent, unless they are legally obliged or empowered to do so.
  • Where permitted by the UK GDPR or other legislation we may share your information with another organisation.  In many circumstances we would not share your personal information without discussing this with you first and seeking your consent if required, but sometimes it may be necessary and permitted by law to do so without.  We will always obtain assurance that your personal information will be protected before sharing and where necessary we will put a sharing agreement in place.
  • We will not collect more information than is necessary for the purpose you are providing it and will not keep it for longer than is necessary, determined by rules set out in our Records Retention Schedule.
  • We will only collect information relevant and adequate to meet our purposes.  We have put in place rigorous procedures, supported by a set of Information Governance policies, and employee training and guidance, to ensure your information is handled and processed securely and appropriately in accordance with the UK GDPR.
  • We may use your personal information to monitor performance to ensure our processes are working as they should be and to enable us to improve our services.  We may match your personal information with other information to keep your information accurate and up to date, to comply with the UK GDPR.  This may include sharing information with third party organisations for the above purposes, but only if we are satisfied there are strict guidelines in place for them to adhere to and that they have equal security standards to our own with regards to compliance with the UK GDPR.
  • Data matching may be also be used to assist us and our partners to plan for and respond to emergencies or major accidents, such as the identification of individuals who may need additional support in the event of an emergency evacuation.
  • We will protect your personal information as set out by the UK GDPR, including:
    • Keeping your personal information safe and secure.
    • Ensuring our processes are fair and transparent.
    • Only using your personal information for the purpose you have provided it unless permitted otherwise by the UK GDPR.
    • Keeping your personal information accurate and up-to-date where possible and relevant.
    • Only sharing your personal information with internal departments or external organisations where the UK GDPR allows us to do so.  This includes but is not limited to allowing another council department or third party to deliver a service to you, the prevention and detection of crime or to allow us to improve our services.
    • Not using your personal information for direct marketing without your consent, unless permitted by the UK GDPR and associated Privacy Communications legislation.
    • Not retaining your personal information for longer than is necessary.
    • Ensuring all employees handling your personal information have appropriate training and guidance, and that we have processes in place to monitor, identify and deal with misuse of information.

Public Health Function

All Local Authorities have a duty to improve the health of the population they serve.  To help with this, we use data and information from a range of source data, including data collected at the registration of a birth or death, to understand more about the heath and care needs in the area.

Your Rights

You have various rights under the GDPR, one of which is being able to ask for a copy of your personal information by making a Subject Access Request.  This is known as the right of access.

You also have the following rights in relation to your personal information:

  • The right to be informed
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

See our Data Protection and Privacy page for further details of these rights and how to exercise them.

Sometimes a restriction or an exemption will apply that means you might not be able to exercise one or more of your rights.  This will be explained where necessary.

Online payments

We will use your personal information only for the purposes of the payment transaction.

All online card payments are protected by Secure Socket Layer (SSL).  Your payment card details are directly processed by the Payment Management Division of Capita Software Services, a leading provider of secure online payments services to local government, and are not collected by nor accessible by the council.

Capita Software Services’ online payment management solutions are independently and rigorously security assessed and are certified by Visa and MasterCard.  Further information about this payment card security standard can be found at https://www.pcisecuritystandards.org/document_library


A cookie is a piece of information that is stored on your computer’s hard drive by your web browser.  Most browsers accept cookies automatically, but usually you can alter the settings of your browser to prevent automatic acceptance.  If you continue without changing your settings, we’ll assume that you are happy to receive all cookies our websites set.  If you choose not to receive cookies, you may still use most of the features of this website.  The features using cookies on this site are:

Google Analytics – web statistics software tracks visits to our site completely anonymously. No personal details are stored.

Forms – our electronic forms use cookies to enable you to move between sections in the forms. Forms with more than one page will not function if cookies are blocked.

Maps – our mapping system uses cookies to store previously used location searches or the unique property reference number (UPRN) information. If you stop cookies from being stored on your computer in the browser settings, you can still use the mapping system, but your searches will not carry across tabs in the system, nor will it remember searches you’ve done during previous visits.

Council Advertising privacy policy counciladvertising.net/can-privacy-policy.html

External sites that we link to may be using cookies.

Be aware that certain functions on our site will not work, or will only partially work if cookies are blocked.

Instructions for blocking cookies from being placed on your computer in your web browser:

To find out exactly how you can manage cookies on your computer please visit All About Cookies

Your rights

You have various rights under the GDPR, one of which is being able to ask for a copy of your personal information by making a Subject Access Request.  See our Data Protection and Privacy page for details.

Website adverts

The Council Advertising Network is responsible for delivering advertising on the North Lincolnshire Council website.  Please take a moment to read their privacy policy which includes cookie information and details on how to opt out: https://can-digital.net/can-privacy-policy/

External links

Please note that external links and adverts from this website may include material produced by people and organisations not connected to North Lincolnshire Council and material of a political nature.  While reasonable care was taken when selecting it, North Lincolnshire Council takes no responsibility for information contained on external links from this website and no guarantee or warrant can be given as to its accuracy or appropriateness.


Submitting an event for inclusion in the events database does not guarantee that the event information will be published, nor does it mean North Lincolnshire Council is endorsing the event.  The Events Calendar may link to external websites.

The council accepts no liability relating to the event arising out of errors or omissions in the calendar.

North Lincolnshire Council reserves the right to refuse to promote events without explanation.  Organisers of public events need to be aware that a great deal of planning and organisation is required to run an event successfully, safely and in compliance with a wide range of legislation.  Organisers must remember that, at all times, they are responsible for all aspects of the event.  Responsibility can include seeking advice from a relevant authority or agency, risk assessment and the identification of those measures which will maintain the duty of care for both organisers and attendees.  For some events substantial resources may be necessary to fulfil traffic regulations, fire safety, medical cover and the maintenance of public orders.


Roadworks Information provided by Onenetwork https://one.network.  Roadworks Information may contain NTCC Traffic Data copyright © Highways Agency.  Roadworks Information may contain TfL Transport Data copyright © Transport for London. Roadworks Information may contain Ordnance Survey data and database rights © Crown copyright.  Provision of Roadworks Information is made without any warranty as to the content or accuracy of the data.

Make an enquiry

If you have any queries concerning the information we hold about you or this Privacy Notice, or any questions on our use of your information please contact the Information Governance Team.

The Information Governance Team by email to informationgovernanceteam@northlincs.gov.uk or by telephone on 01724 296224.


The council’s Privacy Notice is regularly reviewed – the last review was May 2021.