Privacy notice

This page details our privacy policy including how we use or share your information.

If you are a member of the public and decide to access the Council’s website, please be assured that we do not capture and/or store any personal information about you but merely log your internet enabler’s IP address because this is automatically recognised by the Council’s web server. IP addresses are not linked to any personal data, so unless you are formally contacting us by email or completing an online form you will retain your anonymity.

When you email us or complete one of our online forms we will record your email address and any other information you provide voluntarily to us. Your data is treated confidentially and will be used only for the purpose or purposes for which you have provided it.

Unless the Council are required to disclose it by law or are permitted to do so, your data will not be passed to any third parties or shared with other departments for the Council for any other purposes unless you have indicated or have previously indicated that you have no objection to us doing so. See more about this on our organisations we share data with webpage.

Please be aware that if you post offensive, inappropriate or objectionable content information on the Council’s website we may use your personal information to stop such behaviour continuing. If we reasonably believe that you are or may be in breach of the law, we may use your personal information to inform relevant third parties about your behaviour and the content you have posted. If you are 16 or under you will need to get your parent’s or guardian’s consent before providing personal information to us.

Any personal information you provide will be retained by the Council only for as long as it is reasonably necessary for the relevant purpose for which you provided it or for as long as is necessary and reasonable in the circumstances and also to enable the Council fulfil any statutory or regulatory requirements.

This statement may be updated from time to time.

Data controller

When we use your personal data, Bedford Borough Council is what we call the data controller.

As the data controller, we must:

• only keep your data that we need to provide services and do what the law says we must
• keep your records safe and accurate
• only keep your data as long as we have to
• collect, store and use your data in a way that does not break any data protection laws.

Things you can do to help us:

• tell us when any of your details change
• tell us if any of the information we hold on you is wrong

What is personal data?

Personal data is information about a living person that means we can work out who they are such as name, address, telephone number, date of birth or bank details. This can include written letters, emails, photographs, audio recordings and video recordings.

Some data is called special category data which is more sensitive, and we have to look after it more carefully. This includes details of ethnic origin, religious beliefs, sexual orientation, trade union membership, health data, and biometric (for example; fingerprints, facial recognition) and genetic (for example DNA) data. 

Why we collect and store personal data

For some of our services, we need to use your personal data so we can get in touch, or provide the service. We can use your personal data under many different laws. The main ones for the Council are the Local Government Acts and the Localism Act 2011, but there are hundreds more. The Government put together a list of all of these in 2011 which can be found on the following website: 

• Statutory duties of local authorities available on DATA.GOV.UK 

Some of these laws may have been updated since then, and new ones added. You can see more details for each service area below.

In many cases there is a law that says we must or we can process your data and we can do so without your consent or permission.

For some services we process your data under a contract, like your leisure centre membership, concert ticket sales. Where we do not directly provide the service, we may need to pass your personal data onto the organisations that do. These providers are under contract and have to keep your details safe and secure, and use them only to provide the service. You can find our list of contracts that shows the companies we deal with here:

• View the Contracts Register.

Using your personal data

We will use your data to:

• provide Council services and anything we must do by law
• carry out our regulatory, licensing and enforcement roles which we have to do by law
• make payments, grants and benefits and spot fraud
• listen to your ideas about council services
• tell you about Council services

 You can see lots more detail about how our services use your data and why, on our GDPR privacy statement for Council services webpage.

Joined-up services

We share your data between services within the council so that we can keep our information on you as up-to-date as possible and so that we can improve our services to you. For example, if you tell the housing team you have moved, they will pass this information on to other parts of the council such as the council tax team. Staff can only see your data if they need it to do their job.

Google Analytics

Bedford Borough Council uses Google Analytics to see how visitors use our website so that we can make the site more focused on their needs. See our Cookies webpage for more information.

Data Protection Policy Statement

Our overall Data Protection Policy Statement sets out our approach to, and intention to, manage personal data we hold in a way that is compliant with the UK General Data Protection Regulations (UK GDPR) and the Data Protection Act 2018.