1. Data Protection
We have an obligation to comply with the Data Protection Act 2018 and the General Data Protection Regulation. When you provide us with information by which you can be identified, it will only be used for the purpose for which it was originally collected and any other lawful purpose which we must comply with.
The Royal Borough of Windsor and Maidenhead is a Data Controller for all the personal data processing it engages in. We continue to have responsibility for the personal data processing activities of third parties we engage to undertake processing on our behalf.
The Information Commissioners Office maintains a register of Data Controllers, this can be found at ico.gov.uk.
Data Subject Rights
The Data Protection Act provides you with rights in relation to the personal data we hold about you, including:
- to be informed of the processing to be undertaken
- to be provided with a copy of your personal data (subject access request)
- to prevent processing likely to cause damage or distress.
- to prevent processing for the purposes of direct marketing.
- to request a manual review of automated decisions.
- compensation if damage results from any breach of the Act by the council.
- to request action to rectify, block, erase or destroy inaccurate data
- right to be forgotten
- right to data portability.
Subject Access Right
You are entitled to receive a copy of your information within one calendar month of making a request providing that:
- your request is in writing - an email is acceptable submitted to the Information Government Team
- your request contains the details we require to enable us to locate your information
- you present yourself to us with adequate information from which we can identify you (e.g. photo-id (driving licence) and a current utility bill).