Due to maintenance, MyAccount and online forms will be unavailable between 8.15am and 9am on Wednesday 12 March 2025. We apologise for any inconvenience.
Visitor parking permits
We’ve had an unexpected delay delivering visitor parking permits. If you need visitor parking permits, we recommend you apply for them as soon as you can to make sure you get them in time. We’re working to resolve this as fast as possible. We apologise for any inconvenience.
Customer feedback service privacy notice
Read our privacy notice for information on how we collect, store and process your data.
The council is the data controller for purposes of the Data Protection Act (2018) and EU General Data Protection Regulation as of May 2018 and is registered as a data controller with the Information Commissioner’s Office (ICO) under registration number Z5840053.
Brighton & Hove City Council are committed to protecting your personal information. As a data controller, we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law.
Why we are processing your data
We are collecting your data for the purpose of resolving any complaints you have, answering any enquiries you might wish to raise or recording your compliments.
We have a legal basis for collecting this data as we have a legal obligation under Local Government Act 1974 to assist in any investigation conducted by the Local Government & Social Care Ombudsman and because is necessary for the performance of a public task by the Council which is carried out in the public interest.
We may need to process special categories of personal data (for example, race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, sex life, or sexual orientation), where we have identified a special condition applies under data protection legislation and that the processing is necessary. The basis which we rely on is that processing is necessary for one or more of the following reasons: to carry out certain obligations and rights, to establish, exercise or defend a legal claim, processing is in the substantial public interest or necessary to protect the vital interests of the data subject.
Your data may be shared with internal departments and external organisations for the purpose of resolving complaints and processing any enquiries you may have to make sure that it delivers its functions as efficiently as possible; this Council may share your information with one of its local authority partners, namely Surrey County Council, East Sussex County Council etc, with whom it operates a shared service arrangement.
How long we will hold your data (retention)
We will hold your data in accordance with our retention schedule and that is:
Corporate complaints for 5 years from the date of the last contact
Adult social care and children social care indefinitely
Compliments for 1 year
Comments and enquiries for 1 year
How your data will be stored
We use a system (iCasework) provided by a third-party supplier to capture, coordinate and manage your request for information, complaint, enquiry or comments
Your information will be stored electronically and on paper records.
We will only make them available to those who have a right to see them. Example of the security measures we used are:
We use Encryption meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code. The hidden information is said to then be ‘encrypted’.
Pseudonymisation meaning that we’ll use a different name so we can hide parts of your personal information from view. This means that someone outside of the Council could work on your information for us without ever knowing it was yours.
Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it.
Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong.
Regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches).
Will my data be transferred abroad?
No
Your information rights
Under GDPR you have certain rights concerning your information, namely:
The right to be informed - to be informed regarding why, where and how we use your information
The right of access– to request access to the information we hold about you.
The right to rectification– to have your information corrected if it is inaccurate or incomplete.
The right to erasure or the ‘right to be forgotten’– to ask for your information to be deleted or removed where there is no need for us to continue processing it, except when processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest.
The right to restriction of processing– to ask us to restrict the use of your information in certain circumstances.
Right to data portability, to ask us to copy or transfer your information from one data controller to another in a safe and secure way, without impacting the quality of the information.
The right to object to processing– to object to how your information is used in certain circumstances.
The data subject right not to be subject to a decision based solely on automated processing
We aim to resolve all complaints about how we handle personal information. You also have the right to make a complaint about data protection to the Information Commissioner's Office.
Contact them by post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or phone 0303 1231 113.
