Finance Privacy Notice

Under the General Data Protection Regulation 2016 (GDPR) and Data Protection Act 2018 (DPA) Bassetlaw District Council, Queen’s Building, Potter Street, Worksop, Notts, S80 2AH is a Data Controller for the information it holds about you. The Council’s Finance department has a legal obligation to carry out many of its functions and it has a duty to carry out tasks that are in the interest of the public. Whilst we may also process your personal information if you enter into a contract with us, which means it is necessary for us to collect and process your personal information.

Information we collect about you

We MAY collect the following information to fulfil our Finance obligations:

  • Name
  • Address (including previous addresses in some cases)
  • Email
  • Telephone number
  • Any other contact details that you provide
  • Payment/Banking details
  • Date of Birth
  • National Insurance Number
  • Employment Information
  • Rent details
  • Insurance related legal documents
  • Health Information

Use of your personal data

We are collecting your personal data for the following purposes:

  • To send out invoices, pay invoices, and recover debts.
  • To allow access to our services and carry out transactions.
  • To signpost you to relevant agencies if we are unable to assist you directly
  • To set budgets and to monitor them
  • To provide financial reporting and analyst (including statutory reporting to the government)
  • To manage insurance claims
  • To meet our statutory obligations.
  • For the prevention and detection of crime or fraud

We are required by the following laws to process your personal data appropriately:

  • Data Protection Act 2018
  • Local Government Finance Act 1992
  • Local Government Act 1972
  • Localism Act 2011

The above list is not exhaustive. 

Sharing of your personal data

We MAY share your information with the following third parties for the reasons detailed above:

  • Other Council Departments
  • Central Government
  • Police
  • HM Revenues and Customs
  • DWP
  • Courts
  • Credit Reference Agencies
  • Insurance companies
  • Experian
  • Auditors

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

Keeping your personal data

We will keep your personal data in accordance with our retention schedule, unless you explicitly request it to be removed under GDPR information rights. This right to have your data removed is not an absolute right, for example, we will need to retain your data if this information forms part of a legal requirement, public registry or an existing contract.

We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.

View the most recent copy of the Retention Schedule. The Retention Schedule is a Live Document and as such, is updated regularly. Read our policy and guidelines that govern how we manage our Retention Schedule.

Protecting your personal data

We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the personal information that we hold.

We do not currently transfer your data to any third country or international organisation.

Research and statistics

Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.

Your rights

There are a number of rights that you may exercise depending on the legal basis for processing your personal data. In most cases, these rights are not absolute and there may be compelling or overriding legal reasons why we cannot meet these rights in full. This will be explained to you in more detail should you contact us for any of the reasons detailed below:

  • Request a copy of the personal information the council holds about you
  • To have any inaccuracies corrected
  • To have your personal data erased
  • To place a restriction on the council’s processing of your data
  • To object to processing and
  • To request your data to be ported (data portability)
  • To object to any automated decision-making including profiling and the right to ask for any automated decision-making to be reviewed by a human

Where the processing of your personal data is based on your consent, in most circumstances, you have the right to withdraw that consent at any time and we will act on your instructions.

For more information about how the Council may use your data and to learn more about your rights please see the Council’s Privacy Statement.

If you have any concerns or questions about how your personal data is processed, please contact the Council’s Data Protection Officer at the above address or by email to DataProtectionOfficer@bassetlaw.gov.uk. If you are dissatisfied, you can then make a complaint to the Chief Executive under stage 1 of the Council’s complaints procedure.  Should you wish to pursue this further, please send your reasons in writing to the Council’s Chief Executive Officer here at Queen’s Buildings. If you remain dissatisfied with the Council’s response, you can complain to the Information Commissioner's Office in writing to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone 0303 123 1113 (local rate) or 01625 545 745.


Last Updated on Wednesday, May 8, 2024