Introduction

Somerset Council is registered with the Information Commissioner’s Office (ICO) as a Data Controller (registration number Z5957592).

We manage your personal information in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) and ensure that you have access to our information through the Freedom of Information Act 2000 (FOIA) and the Environmental Information Regulation 2004 (EIR).

The GDPR requires us to process personal data in a manner that is lawful, fair and transparent. The ways in which we process your data are explained at the point of collection and in the privacy notices on this website.

Our privacy notices explain:

• why do we hold your information
• the lawful basis for doing so
• what type of information do we hold
• who we may share the information with
• how long we will keep it for

The UK GDPR gives you a number of rights in relation to your personal information including the right to see the information we hold about you (known as a Data Subject Access Request). For more information about your rights and to apply to see your personal information, please refer to our Your rights on the information we hold about you page.

The FOIA requires the council to provide a Publication Scheme.  The purpose of the publication scheme is to make as much information as possible freely available and easy to access. However, if you are not able to find the information you require, you can request information directly from the council under the FOIA or EIR.  Please see our Information Requests page for details.