Capability and ambition fund service privacy notice

About this privacy notice

The council is the data controller for purposes of the Data Protection Act (2018) and The General Data Protection Regulation (EU) 2016/679 ("GDPR") and is registered as a data controller with the Information Commissioner’s Office (ICO). 

Brighton & Hove City Council are committed to protecting your personal information. As a data controller we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law. 

The primary laws which govern how Brighton & Hove City Council collects and use personal information (known as “Data”) about you are: 

• General Data Protection Regulation (GDPR) 
• Data Protection Act (DPA) (2018) 

However City Transport is also subject to specific other laws which define when and for what purposes it can use your personal data. 

Why we are processing your data

The engagement process will help inform detailed design and levels of support for changes to A23 North. 

We are collecting your data to monitor:

• geographic response levels 
• multiple submissions by individuals

We have a lawful basis for processing your data: 

• GDPR Art.6 (1) (c) compliance with a legal obligation under S.3 Local Government Act 1999 
• GDPR Art.9 (2) (g) substantial public interest under Data protection Act 2018 schedule 1 Part 2 (8) (1) equality of opportunity or treatment and under Section 1 (1) Equality Act 2010

What data we may collect

We may collect personal data or special category data. 

The type of personal information collected from you is:

• personal data contact details including:
  • name
  • address
  • email address
  • IP address 

The type of special category of personal data collected may include: 

• physical or mental health details 
• racial or ethnic origin 
• gender 
• sexual orientation 

Who we'll share your data with

Your information will not be shared with any other third party unless we are under a legal obligation to do. 

How long we'll hold your data (retention) 

We will hold your data until detailed design has been finalised, which we anticipate will take no longer than a year. 

Comments will be retained but anonymised. 

However the principles we will use to determine how long your data will be kept include: 

• what type of services you received 
• whether you are still receiving them 
• whether we're still under a legal obligation either to you or under UK Law Any standards and guidance set out by the various regulators for our functions 
• whether you have expressed a preference that your data be retained, such as exercising a right to restrict processing

How your data will be stored 

Your information will be stored on electronic databases, document management systems and/or on paper records. 

Who can access your data

We will only make your information available to those who have a need to know in order to perform their council role. 

How we protect your data

Examples of the security measures we use are: 

• training for our staff making them aware of how to handle information securely 
• how and when to report when something goes wrong
• encryption when data is being sent, meaning that information is scrambled so that it cannot be read without access to an unlock key - the hidden information is said to then be ‘encrypted’
• pseudonymised data where possible, meaning that your identity will be removed so that work can be done without your identity being known by the people doing that work
• control access to systems and networks to allow us to stop people who are not allowed to view your personal information from getting access to it
• regular testing of our technology and ways of working including keeping up to date on the latest security updates - commonly called patches

Automated decision making and profiling 

We will tell you if we make an automated decision, including profiling, with your personal information. If we do this you have the right to ask us to make this decision manually instead.