Menu
Home Finance, performance and legal How we store and share your information

How we store and share your information

Storing and sharing your information

Introduction

There are people and organisations we sometimes need to share your information with.

Your personal information is shared within the council to provide you with personal services, deal with your complaints and to make sure we commission the most effective and efficient services.

Sharing externally

We sometimes need to share information with people we process information about. To meet our responsibilities as laid out by law, we will share your information with other organisations. Where this is needed, we must follow all aspects of the current data protection legislation.

Examples of legally based partnerships are:

  • Sharing with the NHS to meet social care duties
  • Supporting Families Programme
  • Somerset Waste Partnership

We also share information with private sector suppliers because we have contracted them to provide our service to you. This includes, but is not limited to:

  • adoption and fostering agencies
  • advocacy services
  • learning disability service
  • nursing homes
  • residential homes
  • volunteer transport

All these contractors have to go through a strict procurement and vetting process to make sure they keep your data secure.

We do not sell or share your personal information with any other organisations, private or public, unless we are required by law, under contract or with your explicit consent.

The list below shows the categories of the organisations that we may share your information with where we are required to by law, or under contract, or with your explicit consent:

  • Advocates or representatives of the person concerned
  • Council registration service
  • Credit reference agencies
  • Current, past and prospective employers and examining bodies
  • Customs and Excise
  • Debt collection and tracing agencies
  • Department for Work and Pensions
  • Disclosure and barring service (DBS)
  • Educators and examining bodies, such as schools and academies
  • Families of the person concerned
  • Financial organisations
  • Healthcare professionals, social and welfare organisations, such as the NHS
  • Housing providers, associations and landlords
  • International law enforcement agencies and bodies
  • Legal representatives and solicitors of the person concerned
  • Licensing authorities
  • Local and central government
  • Local and national police forces, non-Home Office police forces
  • Local Government Ombudsman, Information Commissioner’s Office and other regulatory authorities
  • Ministry of Justice, courts, tribunals, prisons and probation service
  • MPs and councillors
  • Police Complaints Authority
  • Political organisations
  • Press and the media
  • Private investigators
  • Professional advisors and consultants
  • Professional bodies
  • Providers of services, contractors and data processors
  • Religious organisations
  • Security companies
  • Social enterprises
  • Students and pupils, including their relatives, guardians, carers or representatives
  • Survey and research organisations
  • Trades unions
  • Voluntary and charitable bodies
  • You and anyone you agree we can share with

You should be aware that information about you, held on our systems, may be used to prevent and detect fraud. Somerset Council has a duty under the Crime and Disorder Act 1988 to share information with other organisations, which handle public funds. Such arrangements form part of the annual audit required by the Audit Commission and will normally involve matching data from various databases held by participating authorities. Once an exercise has been completed, all data generated will be destroyed.

Are we relying on legitimate interests and if so, what are they?

If we use your information because we have a legitimate interest we will tell you what the legitimate interest is. An example of a legitimate interest is employee monitoring for safety and management purposes.

Will we transfer your information to a third country, and if we will what safeguards have we put into place?

We may need to transfer your information to a country that is defined as a third country. A third country is a country that is not in the European Union. If we need to do this you will be told that it is happening.

Any transfers made will be in full compliance with all aspects of data protection legislation.

How long will we keep your information for?

When we collect information from you, we will tell you how long your information is to be kept, and the criteria used to decide the time frame.
Each service will have different requirements placed on it to keep your information for a defined time frame, and is established by:

  • Law
  • Best practice
  • Business requirements

We will only keep your information for as long as it is needed, and it will be securely destroyed when we no longer need it.

Last reviewed: February 6, 2024 by Ian

Next review due: August 6, 2024

Back to top