Privacy notice: UK SPF local priorities questionnaire
The Isle of Anglesey County Council (IACC) is registered as a data controller with the Information Commissioner’s Office (ICO). Full details of the registration are available via the ICO register of data controllers. The Council is the data controller for the personal data you supply.
In accordance with data protection legislation, this notice gives you information about the data we hold about you, how we use it, your rights in relation to it and the safeguards that are in place to protect it.
The right to privacy is very important to us and we appreciate that you trust us to act in a responsible manner when you give us personal information. Personal data, or personal information, means any information about an individual from which that person can be identified.
The categories of information that we process
- personal identifiers and contact details (such as name, email address)
Why we collect and use the information
The purpose of IACC processing your personal data is to establish the key priorities for interventions relating to the UK Government Shared Prosperity Fund. In order to access the allocation assigned to Isle of Anglesey, the Lead Local Authority in the region must produce, in collaboration with the other Local Authorities, and submit a single Regional Investment Plan covering the period until March 2025, based upon the priorities outlines in the UK Shared Prosperity Fund prospectus. The information gathered by IACC from this survey will be used to inform us of the priorities of local people, groups and businesses on the Island.
You do not have to complete the “about you” section of the questionnaire or provide an email address, however, should you choose not to provide this information we will be unable to contact you regarding any intervention you may propose. By choosing to provide information relating to who you are responding on behalf of, we aim to better understand the needs of the target recipients of the fund. The information will not be used for purposes that are not compatible with why it is gathered in the first instance, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Please note that we may process personal data without your knowledge or consent, where this is required or permitted by law.
We collect and use personal information because we have the following legal basis for processing:
- to perform a public interest task under Article 6(1)(e) of the UK GDPR
How we store data
Personal data is stored in line with our Council’s Data Protection Policy.
Your data will be held by Isle of Anglesey County Council for statistical purposes for 6 years after the date the survey is completed, at which point retention will be reviewed. If the data are no longer in use at this point, they will be deleted; if they are still in use, they will be retained, but their retention will (from then on) be reviewed on an annual basis. Your data may be held after this point for archiving purposes in the public interest and for monitoring and evaluation.
Your information will be processed via Smart Survey platform in line with their Privacy Notice. The information you choose to provide will be shared with the other Local Authorities within the Region (Conwy County Borough Council, Denbighshire County Council, Flintshire County Council, Gwynedd Council and Wrexham County Borough Council), and also with relevant regional and local partners including but not limited to Ambition North Wales, North Wales Regional Skills Partnership, Grŵp Llandrillo Menai, Welsh Government, Business Wales and other legitimate stakeholders. The Regional Investment Plan will be submitted to UK Government.
We may disclose your data in compliance with a Freedom of Information request or in response to a court order or other legal obligation where it would not breach your data protection rights to do so.
We are also required by law to protect the public funds we administer and may share information provided to us with other bodies responsible for auditing or administering public funds in order to prevent and detect fraud and irregularity.
How we look after your information
Under data protection legislation, we must protect any information that we collect from you. We have put in place appropriate security measures and applied security standards and controls to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
Information which you have provided will be stored securely. In addition, we limit access to personal data to those employees, contractors and other third parties who need to have access to it. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Your data protection rights
Under data protection law, you have rights as a data subject. The rights are not absolute and they may only apply under certain circumstances. Your data subject rights include:
Your right to obtain confirmation that information about you is being used.
Your right of access - you have the right to ask us for copies of your personal information (please see ‘requesting access to your personal data’ below for more details).
Your right to rectification - you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to restriction of processing - you have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - you have the right to object to the processing of your personal data in certain circumstances. You have the right to object to processing of personal data that is likely to cause, or is causing, damage or distress.
In certain circumstances, you also have the following rights to:
- prevent processing for the purpose of direct marketing
- object to decisions being taken by automated means
- seek redress, either through the ICO, or through the courts
Requesting access to your personal data
Under data protection legislation, individuals have the right to request access to information about them that we hold. This is commonly known as a 'data subject access request'. This enables you to receive a copy of the personal data we hold about you and to check that we are processing it lawfully.
To make a request for your personal information, contact the Council offices directly.
The following are details of the data controller:
Council Data Protection Officer
Address: Isle of Anglesey County Council, Council Offices, Llangefni, Anglesey, LL77 7TW
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO) who is the independent regulator for data protection. If you have a concern or complaint about the way we are collecting or using your personal data, you should raise your concern with us in the first instance, so that we can try to resolve any issues.
Information Commissioner’s Office (ICO)
Telephone: 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Advice and guidance is available via their website www.ico.org.uk
Changes to our privacy notice
We keep our Privacy Notice under regular review and will publish any revisions.