This information should be read in conjunction with Milton Keynes Council’s Corporate Privacy Notice
Everything we do with information about people, such as how we collect it and who we share it with, has to comply with the Data Protection Act and the General Data Protection Regulation (GDPR). A key part of this is being open about how we use information and what rights you have in respect of information we hold about you.
This notice sets out how Milton Keynes Council’s Customer Service Team uses your information.
If anything in this notice is not clear, or if you have further queries, please get in contact with the Customer Service Team or Data Protection Officer using the details at the end.
What information do we hold
We collect information about people who live in Milton Keynes as well as people outside the county who use services that we provide.
Most of the information we hold starts as a result of:
- An individual directly contacting us wanting to use one of our services
- A third party such as a Local Councillor or MP, making a referral to us, generally on the individual’s behalf and with their knowledge
What information we collect varies according to the services people receive but may include:
- Name
- Address
- Date of Birth
- Ethnicity
- Contact details
- Information recorded as part of your contact with our services
- Details about third parties involved in supporting you
The information we collect is recorded on our databases and in electronic folders on Milton Keynes Council’s secure network where it is accessible only to staff who need to see it to do their jobs.
Why do we have it and what do we use it for
Much of what we do is a result of legislation set nationally that requires us to provide various public services in Milton Keynes and this includes Complaints, Comments and Compliments. In such cases, if you access a council service then the law that requires us to provide that service will be our legal basis for collecting and using your personal data, as we can’t provide you with the service without it.
Whenever we use information, we always limit this to only the details that are needed and we ensure that it is used safely and securely. We require anyone we share information with, or who uses it on our behalf, to do so too. All staff receive training on data protection and information security.
Who we share information with and why
We may be required to share information with a range of different types of people and organisations depending on the service being provided or the statutory requirement that we have to comply with. The types of recipients include:
- Our contractors: organisations that we commission to provide goods and services
- Law enforcement agencies, such as Thames Valley Police
- Health and social care organisations and professionals (NHS bodies such as GPs, Milton Keynes Clinical Commissioning Group, Milton Keynes University Hospital)
- Education establishments such as schools, colleges and early years settings
- Regulatory bodies, investigators and ombudsman (for example Ofsted, CQC, Local Govt Ombudsman)
- Courts, tribunals and prisons
- Legal representatives
- Fraud prevention agencies
- Councillors and political parties
- Housing associations and landlords
All information sharing is done with reference to the principles set out in the Milton Keynes Information Sharing Framework. We require anyone we share information with, or who uses it on our behalf, to adhere to Data Protection law.
In certain circumstances your personal information may need to be shared against your wishes if there is a legal requirement for us to do so. The council must give information to courts if there are legal proceedings or a court order, to prevent crime, or if there is a risk of harm to you or another person.
How long we keep hold of information for
We only keep information for as long as it is needed.
- All records relating to service requests and dealt with as business as usual will be held for 3 years from when the record was created
- All records relating to complaints will be held for 6 years from when the case was closed
- All records relating to complaints referred to the Local Government Ombudsman will be held for 10 years from when the case was closed
What rights you have
You have various rights around the data we hold about you.
- Right of access (to receive a copy of your personal data)
- Right to rectification (to request data is corrected inaccurate)
- Right to erasure (to request that data is deleted)
- Right to restrict processing (to request we don’t use your data in a certain way)
- Right to data portability (in some cases, you can ask to receive a copy of your data in a commonly-used electronic format so that it can be given to someone else)
- Right to object (generally to make a complaint about any aspect of our use of your data)
- Right to have explained if there will be any automated decision-making, including profiling, based on your data and for the logic behind this to be explained to you.
Any such request can be submitted to the Data Protection Officer. Whether we can agree to your request will depend on the specific circumstances and if we cannot then we will explain the reasons why.
If you have any questions about the information above please contact us
If you are unhappy with any aspect of how your information has been collected and/or used, you can make a complaint to the Data Protection Officer. You can also report concerns to the national regulator, the Information Commissioner’s Office. Their details can be found on their website