Privacy Policy

This outlines how Cllr Daniel Nelson processes and manages personal data. It:

1)identifies our data controller;

2)provides our lawful basis for processing personal data;

3)outlines the scope of personal data we hold and process;

4)outlines the scope of the special category personal data we hold and process;

5)describes and justifies our data retention policy;

6)shows how we intend to respond to Subject Access Requests; and

7)Contains a copy of our privacy notice.

The policies outlined within this document come into full effect on Friday 25th May 2018.

1.Data Controller

The Data Controller is Cllr Daniel Nelson.

2.Lawful basis for processing

i.Casework is processed primarily under the lawful basis of public task, with exceptional cases processed under the lawful basis of consent.

ii.Personal data contained in the non-political Cllr Daniel Nelson Mailing List is processed under the lawful basis of public task. It does not fall within the definition of direct marketing.

iii.We undertake to always act within the reasonable expectations of our constituents and any other individuals about whom we hold personal data.

3.Data we hold

I operate a paperless office. Personal data is stored electronically and securely on our computer systems.

Casework

I use ecasework to help with the management of constituent casework records. This information predominantly includes but is not limited to:

•Names, addresses and email addresses.

•Telephone numbers

 

Data Protection Policy v.1.4 – 30th April 2018

•Special category data, outlined in point 4.

 

Policy

Policy casework is stored ecasework

This information predominantly includes but is not limited to:

•Names, addresses and email addresses.

•Telephone numbers.

• Special category data on political beliefs.

 

Mailing lists

I do not have mailing lists

Special category data I hold

I may also hold special category data for a smaller number of data subjects. This data will be processed under the lawful basis indicated in point two, as is permitted in clauses 23 and 24 of schedule 1 of the Data Protection Act. The data may include:

•Political opinions

•Religious beliefs

•Trade union activities

•Sexual orientation

•Race and ethnic origin

•Details of criminal offenses

•Physical and mental health

 

4.Data retention policy

I will hold personal data for no longer than 6 years from completion of any case. From 25th May 2018, Casework and policy queries are often revisited to provide the best service and representation for constituents, from whom we may continue to receive correspondence. Therefore, we feel it is reasonable for an elected representative to hold personal data for the duration of a parliamentary term.

Following an election, I will retain personal data for three months, during which time constituents can contact me to ask that we retain their data.

Data Protection Policy v.1.4 – 30th April 2018

5.Subject Access Requests

I will comply with Subject Access Requests in line with the guidance given by the Information Commissioners Office (ICO).

i.I will respond as quickly as possible, within 30 calendar days.

ii.I will request verification of the identity of any individual making a request, and ask for further clarification and details if needed.

iii.Data subjects have the right to the following:

a)To be told whether any personal data is being processed

b)To be given a description of the personal data, the reasons it is being processed and whether it will be given to another organisations or people.

c)To be given a copy of the information comprising the data, and given details of the source of the data where this is available.

 

6. Privacy notice

I will undertake to ensure all constituents sharing their personal data can have the opportunity to read our privacy notice. I will:

i.Publish my privacy notice on my website, www.dannelson.co.uk

ii.Add a link to our privacy notice to my email signature

iii.Direct constituents who contact us via letter and telephone to our privacy notice online, of supply them with a paper copy if needed.

Draft Privacy Notice

This privacy notice relates to the personal data processed by Daniel Nelson, Councillor for Southchurch Ward, in relation to casework and policy queries.

Who is the Data Controller?

The Data Controller is Daniel Nelson, Councillor for Southchurch Ward

How do I process data?

I processe constituents’ data under the lawful basis of public task. In instances where this lawful basis is not sufficient and explicit consent is required, a member of the office will contact you to establish your consent.

Data Protection Policy v.1.4 – 30th April 2018

I am committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.

Will I share your data with anyone else?

If you have contacted me about a personal or policy issue, I may pass your personal data on to a third-party in the course of dealing with you, such as local authorities, government agencies, public bodies, health trusts, regulators, and so on. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only for the basis upon which they were originally intended. When they no longer need your data to fulfil this service, they will dispose of the details in line with my procedures.

In any case, I will not use your personal data in a way that goes beyond your reasonable expectations in contacting me.

 

For how long will you keep my personal data?

Unless specifically requested by you, our office will hold your personal data for no longer than 6 years after completion of a case or three months after an election if I lose my seat, whichever is shorter.

Casework and policy queries are often revisited to provide the best service and representation for constituents, from whom I may continue to receive correspondence. Therefore, I feel it is reasonable for an elected representative to hold personal data for the duration of a parliamentary term.

Following an election where I lose my seat, I will retain personal data for a further three months, during which time constituents can contact me to ask that we retain their data.

What rights do I have to my personal data?

At any point while I am in possession of or processing your personal data, you, the data subject, have the following rights:

•Right of access – you have the right to request a copy of the information that I hold about you.

•Right of rectification – you have a right to correct data that I hold about you that is inaccurate or incomplete.

•Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.

•Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.

•Right of portability – you have the right to have the data we hold about you transferred to another organisation.

•Right to object – you have the right to object to certain types of processing, such as direct marketing.

  • Data Protection Policy v.1.4 – 30th April 2018

 

•Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.

•Right to judicial review: if our office refuses your request under rights of access, we will provide you with a reason why. You have the right to complain.

Print Print | Sitemap
© Daniel Nelson