Brighton & Hove City Council collects, holds and processes a considerable amount of information, including personal and sensitive information. We need this information to provide our services.
We know this information is important to our residents and we take our responsibilities under the Data Protection Act seriously. We make sure that any personal information collected and processed is done so appropriately, correctly and safely.
This page tells you how Brighton & Hove City Council uses your personal information.
For full details of our policies, guidelines and your information rights, and to make a request for information, please check our data protection page.
Requesting your data
If you wish to request your own personal data via a Subject Access Request (SAR) please visit our data protection page. You will need to complete our Subject Access Request Form and provide assisting documentation as stated on our page.
Further information on Subject Access Requests may be found on the Information Commissioner's Office (ICO) Website.
Your personal data
Brighton & Hove City Council is the data controller for purposes of the Data Protection Act (2018) and is registered as a data controller with the Information Commissioner’s Office (ICO) under registration number Z5840053.
The council has an approved Data Protection Policy which provides the high level principles we operate to. This privacy notice describes how we translate those principles into practice and explains what we will, and will not, do with personal information.
We do not sell personal details to any external organisations. External contractors may process information on behalf of the council. We require all these contractors to make sure they keep the personal information safe and prohibiting them from doing anything other than following our instructions.
What is personal data?
Personal data includes basic details such as name, address, telephone number, date of birth, and notes and comments made about a person. The information may be held in paper files, electronically or both.
This may include, but is not limited to:
- computer entries
- written correspondence
- video recordings
Sensitive personal data includes information on:
- race or ethnicity
- political opinions
- religious beliefs
- trade union membership
- physical or mental health
- sexual life
- any criminal offences or prosecutions.
We will always tell you why and how the information will be used as we will normally ask for consent to hold sensitive data.
For most purposes, we will only process your information with your consent. We will presume that by providing us with your details you are consenting for us to use them to provide the services you are using. We will explain the purpose for processing your information and how we will use it as early as possible.
We will not use your personal details for any other purpose without obtaining your consent or unless we have a lawful reason to do so. You may have been asked to provide this consent at the time when you originally contacted us, for example as part of the application form.
The main exception to this is the prevention of fraud. The council must safeguard public funds and we reserve the right to check the information you have provided for accuracy and to detect fraud. We may match data we hold to identify unusual matches or discrepancies; this may include matching council data with external data sources such as information held by credit reference agencies. As a result, we will use the information you provide to make sure all amounts we are owed are paid on time and ensuring any benefits you receive are appropriate.
We may share your information with Debt Management agencies and the Courts to help collect any outstanding debts. We may also share your information for the same purposes with other public organisations, including neighbouring councils that handle public funds and with police forces. We may also provide forwarding address of council tenants to utility companies that are collecting outstanding debts.
We take part in the National Fraud Initiative’s anti-fraud data matching exercise.
We do our own data matching, using names, dates of birth and address. We will compare computer records held by one department, against others held by the same or other departments, to check they match. This is to make sure our information is correct and to create a customer index which can be used to help identify customers via a single customer record.
Data matching is carried out on information held by the following services:
- Council Tax
- Housing Benefits
- Parking Permits including Blue Badge
Other uses of data
All local authorities have a duty to improve the health of the population they serve. To help with this, we use data and information from a range of source data, including hospitals and data collected at the registration of a birth or death to understand more about the health and care needs in the area.
You have the right to opt out of Brighton & Hove City Council Public Health receiving or holding your personally identifiable information. There are occasions where service providers will have a legal duty to share personal data, for example for safeguarding or criminal issues. The process for opting out will depend on what the specific data is and what programme it relates to. For further information on how to withdraw consent please contact the the Data Protection Team, on 01273 295959 or firstname.lastname@example.org.
For some regulated services your application may be published and potentially discussed in open committee. This will always be made clear on any relevant application forms and supporting documentation.
We have to share information with certain other public bodies such as the Department for Work and Pensions (DWP), HM Revenues and Customs (HMRC), courts, tribunals, other formal bodies dealing with legal processes or external regulatory bodies. We also have to assist in the prevention and detection of crime and we will therefore generally supply specific information requested by the police or other crime detection agencies, if we are satisfied that the disclosure would be lawful and appropriate.
Where a team or service area ask you for personal information through an online form, this information will only be used for the purpose indicated on the form and it will be held securely.
You have the right to opt out of Brighton & Hove City Council Public Health receiving or holding your personally identifiable information. There are occasions where service providers will have a legal duty to share personal data, for example for safeguarding or criminal issues. The process for opting out will depend on what the specific data is and what programme it relates to.
For further information on how to withdraw consent please contact the the Data Protection Team, on 01273 295959 or email@example.com
CCTV (Closed Circuit Television)
Closed Circuit Television (CCTV) is operated in and around council properties (including customer service centres, offices, libraries, and council housing communal areas). The purpose of the CCTV is for staff safety and crime prevention and detection. The footage is normally held for 30 days and may be shared with the police for crime prevention and detection purposes.
Most CCTV cameras located around the cities highways and public spaces are operated and controlled by Sussex Police.
The Electoral Register for Brighton & Hove is a separate legal entity from the council and is separately notified with the Information Commissioner as a data controller as Electoral Registration Officer, Brighton & Hove City Council, registration number ZA324581.
Depending on the legal basis for processing your information you may have the following rights:
- a right to a copy of data held about you, an explanation for its processing and who it has been shared with - this right applies to data processed under any lawful basis
- a right to rectification (correction) of data which is demonstrably wrong - this right applies to data processed under any legal basis
- a right to restrict processing - this right does not apply where the Council is under a legal duty to process your data, but can be used where you dispute that there is a legal basis to process your data until the Council can demonstrate what basis exists
- a right to erasure - this applies where is no longer a legal basis to retain your data
- a right to portability of your data (having it moved to another organisation) - this right applies only where the legal basis was either consent or performance of a contract but data will usually be transferred to another local authority if a child in care moves to a new location
- a right to object to automated decision making - this right is application under all lawful bases for processing