In addition to the right to request access to your personal information by making a Subject Access Request the UK General Data Protection Regulation provides you with a number of other rights, as follows:
You can ask us to change information you think is inaccurate
If you disagree with something written on your file please let us know. We may not always be able to change or remove that information but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree.
You can ask us to erase information (right to be forgotten)
In some circumstances you can ask for your personal information to be erased (deleted), such as where:
- your personal information is no longer needed for the reason it was collected
- you have withdrawn your consent for us to use your information
- there is no legal reason for the use of your information
- deleting your information is a legal requirement
Sometimes we will not be able to delete your information, such as where we are required by law to keep it. If your personal information has been shared with others we will do what we can to make sure they also comply with your request for erasure.
You can ask us to restrict what we use your personal information for
You can ask us to restrict using your personal information in some circumstances, such as where:
- you have told us you think information about you is inaccurate whilst we verify this
- we have no legal reason to use that information but you have asked us to restrict what we use it for rather than erase it
- you have objected to us using your personal information, whilst we verify this
Whilst we are restricted from using your information we will not do anything with it other than to store it unless:
- We have your consent
- To establish, exercise or defend a legal claim
- To protect the rights of another person
- It is for reasons of important public interest.
You have the right to ask us to stop using your personal information for any council service, but if this request is approved this may cause delays or prevent us delivering a service to you.
If your personal information has been shared with others we will do what we can to make sure they are also aware of your request for restriction.
Where restriction of use has been granted, we’ll inform you before we carry on using your personal information. Sometimes we will refuse to comply with your request for restriction, such as where we are required by law to use your information.
You can ask us about data portability
You have the right to ask us for your personal information to be given back to you in a structured, commonly used machine readable format so that you can take it to another organisation. This applies only to information you have given us, that we using in an automated way (excluding paper format) and where we are using it either on the basis of consent or for the performance of a contract.
In some cases we do not have to comply with a request for Data Portability, such as where we are using your data for a legal reason.
You can object to us using your personal information
In some circumstances you can object to us using your personal information and you have the absolute right to object to the processing of their personal data if it is for direct marketing purposes.
You can also object if the processing is for:
- A task carried out in the public interest
- The exercise of official authority vested in you; or
- Your legitimate interests (or those of a third party)
Rights in relation to automated decision making and profiling
You also have rights where we are processing you personal information in an automated way without human involvement or where we are carrying out profiling. We identify on our Team Privacy Notices where this type of processing is taking place.
For further information please contact us.