What we do with your personal data
We provide a wide range of services to the people of Somerset. To provide those services, we process large amounts of your personal data.
We are registered as a data controller for the data we collect, process, and hold, and our Data Protection Notification (registration number Z5957592) includes generic information about the types of personal data we process, what we use it for, and who we share it with.
Contact details
Somerset County Council County Hall Taunton TA1 4DY
Phone: 0300 123 2224 Email: generalenquiries@somerset.gov.uk
Data protection officer (DPO) Rebecca Martin
You can contact the DPO by email on informationgovernance@somerset.gov.uk
For information about the data we collect and how we use it in relation to specific services, please see the links to service specific privacy notices under Service specific privacy notices.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Google Analytics Collects anonymous information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect anonymous information, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
Forms Our online forms use cookies to store and send information. They only use the information you choose to provide to us, which we will process in accordance with our data policies.
Most web browsers allow some control of most cookies through the browser settings.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
You can learn more about how we manage your data and your rights on our Privacy Notice.
Security Our security software tracks IP addresses and host information to prevent attacks from malicious sources. We do not collect any personal information using this software.
Siteimprove
Cookie name: nmstat
Cookie type: Persistent – expires after 1000 days
Domain: somerset.gov.uk
About: This cookie is used to help record the visitor’s use of the website. It is used to collect statistics about site usage such as when the visitor last visited the site. This information is then used to improve the user experience on the website. This Siteimprove Analytics cookie contains a randomly generated ID used to recognize the browser when a visitor reads a page. The cookie contains no personal information and is used only for web analytics.
Cookie name: siteimproveses
Cookie type: Session cookie
Domain: 2734886.global.siteimproveanalytics.io
About: This cookie is used purely to track the sequence of pages a visitor looks at during a visit to the site. This information can be used to reduce user journeys, and enable visitors to find relevant information quicker.
Cookie name: szcib
Cookie type: Persistent – expires after 400 days
About: This cookie is used to determine if the user has accepted or declined cookies. This is only set if you use the Siteimprove Cookie Info Banner solution
Cookie name: sz-feedback-should-hide
About: This cookie is used to hide/close a feedback widget for specific sessions (visits) on the Analytics Feedback feature. It is set when a user clicks a button in the feedback widget which indicates they don’t wish to see the widget again. The cookie contains no personal information and is used only for web analytics. It simply contains the text ‘true’ when it is set.
Cookie name: _cfduid
Cookie type: Persistent cookie
Domain: .siteimproveanalytics.com
About: The “__cfduid” cookie is set by the CloudFlare service to identify trusted web traffic. It does not correspond to any user id in the web application, nor does the cookie store any personally identifiable information. See: What does the CloudFlare cfduid cookie do?
Directorate – Adult’s Services
Privacy Notice
Data Controller – Somerset County Council – ICO Registration Z5957592
Data Protection Officer contact – informationgovernance@somerset.gov.uk
Purpose for processing
Legal basis for processing
By law – Adult’s Services is required by a number of UK laws and European Regulations and Directives to ensure the delivery of the services detailed above, the relevant legislation is listed in the service privacy notices listed on this web-page. In some cases, Adult’s Services may ask for your explicit consent to process your personal data, see below for more details. Legitimate interests – Adult’s Services uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
By law – Adult’s Services is required by a number of UK laws and European Regulations and Directives to ensure the delivery of the services detailed above, the relevant legislation is listed in the service privacy notices listed on this web-page. In some cases, Adult’s Services may ask for your explicit consent to process your personal data, see below for more details.
Legitimate interests – Adult’s Services uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
Data sharing – the personal data provided to Adult’s Services will be shared with a range of partners when providing services. When Adult’s Services is required to share your personal data, you will be informed of specific data sharing organisations at the point your data is collected.
Safeguarding – In cases where you or another member of the public may be at risk your personal information will be shared. Other statutory obligations – In cases where the Council is legally obliged to disclose your personal information in cases such as prevention or detection of crime or fraud your personal information will be shared.
Safeguarding – In cases where you or another member of the public may be at risk your personal information will be shared.
Other statutory obligations – In cases where the Council is legally obliged to disclose your personal information in cases such as prevention or detection of crime or fraud your personal information will be shared.
Transfers abroad – your data will not be transferred abroad unless you are specifically informed at the point your data is collected.
Data retention – this data will be retained for a period determined by UK law and regulations, or in some cases to meet specific requirements of the service being provided. You will be informed of this at the point your data is collected.
Your rights – You have the right to ask Somerset County Council for a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the Council has no other legal obligation concerning that data.
You also have the right to complain to the regulator, ico.org.uk/
Consequences: In some case if you do not supply your information to us, we will not be able to provide you with the services we are obliged to provide by law or any supplementary service you have asked for.
Explicit consent
If the legal basis for processing is explicit consent we will need to ensure you are provided with a:
a) Clear explanation of exactly what is being consented to b) Clear “opt-in” c) A clear option to withdraw your consent later by use of an “opt-out”
Privacy of Electronic Communications Regulations (PECR)
To meet the requirements of the Privacy of Electronic Communications Regulations (PECR) we will ensure that we give you clear options on the information you receive, and how you can receive it.
If we are using your contact details to distribute further information, we will provide you with OPT-IN options so you can choose the method of communication, such as post, email, or phone, and to choose what you will receive, such as newsletters, invitations to events, and service updates. We will also offer you a clear option to unsubscribe to any communications sent with your consent.
Purpose for processing – We will process personal information about you and your family in order to provide you with appropriate services and to protect children and young people.
Business area – Contact and Referral Purpose for processing – To assess and identify appropriate services for children and young people.
Business area – Early Support (Children with Disabilities) Purpose for processing – To assess and identify appropriate support services for children and young people with Disabilities.
Business area – CIN (Children in Need) Purpose for processing – To assess and identify appropriate services, and to undertake direct work to support improved outcomes for Children in Need.
Business area – Child Protection Purpose for processing – To assess and identify appropriate services, and to undertake direct work to protect children at risk of harm and to support improved outcomes for Children in Need.
Business area – CLA (Children Looked After) Purpose for processing – To assess and identify appropriate services, and to undertake direct work to support improved outcomes for children who cannot live at home.
Business area – Leaving Care Purpose for processing – To assess and identify appropriate services, and to undertake direct work to support improved outcomes for young people who have been Looked After.
Business area – Adoption Purpose for processing – To assess and identify appropriate services, and to undertake direct work to support improved outcomes for children who are being adopted.
Legal basis for processing – by law
The relevant laws and regulations that provide the legal basis for processing personal data for the purposes defined above.
Contact and Referral
Early Support (Children with Disabilities)
CIN
Child Protection
CLA
Leaving Care
Adoption
Legitimate interests – Somerset County Council will also use your data for the purposes of monitoring quality, audit, and for dealing with any enquiries or complaints.
Data sharing – the personal data provided will be shared with Somerset County Council colleagues and professionals from partner organisations, including Children’s Social Care, Education, Adults Social Care, Health, Housing and Police, in order to provide you with appropriate services and to protect children. This may include: your GP, schools and school nurses, mental health professionals, health visitors and midwives, probation officers, youth justice workers, educational psychologists, psychiatrists, psychologists, housing providers, Department of Work and Pensions, drug and alcohol workers, early years and getset providers.
Where appropriate, this will be done under the Child Health Information Service procedures or as part of the Education, Health & Care Plan.
Transfers abroad – Your personal information will normally remain within the UK / European Union. If your information needs to be sent abroad you will be informed prior to any transfer.
Data retention – Somerset County Council will retain your information while it is providing you with a service and in accordance with Somerset County Council retention policies and associated statutory guidance, taking into account any legal injunction preventing the destruction of records. Statutory retention periods are based on the level of service provided: should we need to share your information for safeguarding purposes, the investigation of crimes, or because a child is looked after or adopted, the highest tariff will apply to all information held by Somerset County Council.
Please note that due to the current independent inquiry into child sexual abuse (IICSA) all records will be retained until further notice. Once the Inquiry is complete and the legal hold lifted the retention will return to the retention listed below.
Business area – Contact and Referral Retention category – 3 years
Business area – early Support (Children with Disabilities) Retention category – 3 years
Business area – CIN Retention category – up to 21 years
Business area – Section 47 (no outcome of Child Protection) Retention category – 35 years
Business area – Child Protection Retention category – 75 years
Business area – CLA Retention category – 75 years from 18th birthday
Business area – Leaving Care Retention category – 75 years from 18th birthday
Business area – Adoption Retention category – 100 years
Your rights – You have the right to ask Somerset County Council to a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the Council has no other legal obligation concerning that data. You also have the right to complain to the regulator, ico.org.uk/
Directorate – Children’s Services
Purposes for processing
By law – Children’s Services is required by a number of UK laws and European Regulations and Directives to ensure the delivery of the services detailed above, the relevant legislation is listed in the service privacy notices listed on this web-page. In some cases, Children’s Services may ask for your explicit consent to process your personal data, see below for more details. Legitimate interests – Children’s Services uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
By law – Children’s Services is required by a number of UK laws and European Regulations and Directives to ensure the delivery of the services detailed above, the relevant legislation is listed in the service privacy notices listed on this web-page. In some cases, Children’s Services may ask for your explicit consent to process your personal data, see below for more details.
Legitimate interests – Children’s Services uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
Data sharing – the personal data provided to Children’s Services will be shared with a range of partners when providing services. When Children’s Services is required to share your personal data, you will be informed of specific data sharing organisations at the point your data is collected.
Safeguarding – In cases where you or another member of the public may be at risk your personal information will be shared Other statutory obligations – In cases where the Council is legally obliged to disclose your personal information in cases such as prevention or detection of crime or fraud your personal information will be shared.
Safeguarding – In cases where you or another member of the public may be at risk your personal information will be shared
Your rights – You have the right to ask Somerset County Council for: a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the Council has no other legal obligation concerning that data.
Public task – Corporate Affairs is required to act in the public interest to perform public duties to ensure the delivery of the services detailed above. In some cases, Corporate Affairs may ask for your explicit consent to process your personal data, see below for more details.
Legitimate interests – Corporate Affairs uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
Data sharing – the personal data provided to Corporate Affairs will be shared with a range of partners when providing services including National Government Departments, the NHS, the Police and other Local Authorities. When Corporate Affairs is required to share your personal data, you will be informed at the point your data is collected.
Your rights – You have the right to ask Somerset County Council for a copy of your data, the right to rectify or erase your personal data, and the right to object to processing.
However, these rights are only applicable if the Council has no other legal obligation concerning that data. For more information about your rights and details of how to exercise them see https://www.somerset.gov.uk/our-information/your-rights-on-the-information-we-hold-about-you/
By law – ECI is required by a number of UK laws and European Regulations and Directives to ensure the delivery of the services detailed above, the specific legislation is listed in the service privacy notices listed on this web-page. In some cases ECI may ask for your explicit consent to process your personal data, see below for more details. Legitimate interests – ECI uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
By law – ECI is required by a number of UK laws and European Regulations and Directives to ensure the delivery of the services detailed above, the specific legislation is listed in the service privacy notices listed on this web-page. In some cases ECI may ask for your explicit consent to process your personal data, see below for more details.
Legitimate interests – ECI uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
Data sharing – the personal data provided to ECI will be shared with a range of partners when providing services. When ECI is required to share your personal data, you will be informed at the point your data is collected.
Directorate – Finance, Legal and Governance
By law – Finance, Legal and Governance is required to in response to a number of laws and statutory instruments to ensure the delivery of the services detailed above. In some cases, Finance, Legal and Governance may ask for your explicit consent to process your personal data, see below for more details.
Legitimate interests – Finance, Legal and Governance uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
Data sharing – the personal data provided to Finance, Legal and Governance will be shared with a range of partners when providing services including National Government Departments, the NHS, the Police and other Local Authorities. When Finance, Legal and Governance is required to share your personal data, you will be informed at the point your data is collected.
a) Clear explanation of exactly what is being consented to b) Clear “opt-in” c) Clear option to withdraw your consent later by use of an “opt-out”
Business area – Application to be a Foster Carer / Stepping Stones provider
Approved Foster Carer / Stepping Stones provider
Legitimate interests – for monitoring quality, audit, and for dealing with any enquiries or complaints.
Data sharing – personal data provided will be shared with professionals from partner organisations, including Health and Police, and some private individuals in order to assess suitability to protect and care for looked after children / care leavers. Where appropriate, this will be done under the Child Health Information Service procedures.
Transfers abroad – this data will not be transferred abroad.
Data retention – personal data relating to the assessment and support of foster carers will be retained in accordance with the Somerset County Council retention policies and associated statutory guidance, taking into account any legal injunction preventing the destruction of records. Some of your personal information will also be retained on the case records of individual looked after children / care leavers, and in some cases shared with them, even after you have ceased to be a foster carer / stepping stones provider.
Business area – Application to be a Foster Carer / Stepping Stones provider Legal basis for processing – 10 years
Business area – Approved Foster Carer / Stepping Stones provider Legal basis for processing – 75 years
Business area – Approved Foster Carers / Stepping Stones provider information on individual case records of looked after children / care leavers Legal basis for processing – 75 years from child’s 18th birthday
Your rights – You have the right to ask Somerset County Council for a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the Council has no other legal obligation concerning that data. You also have the right to complain to the regulator, ico.org.uk/
Notification regarding the processing of any personal data supplied on this form
Somerset County Council will act as the ‘data controller’ for any personal data that you provide to us. As such, we will ensure that the data you give to us is processed in line with our organisation’s Data Protection Policies and in line with your rights under the EU General Data Protection Regulation and associated data protection laws currently applicable in the UK.
You can contact the Council’s Data Protection Officer (DPO) at the following email address informationgovernance@somerset.gov.uk
Purpose for processing – To enable the Insurance Team to investigate thoroughly your allegation against the Council.
Legal basis for processing – The processing is required for compliance with a legal obligation which is in the exercise or defence of legal claims (GDPR Article 6 (c) and Article 9(f))
By law – Claims are processed inline with the current Ministry of Justice Civil Procedure Rules: www.justice.gov.uk/courts/procedure-rules
Legitimate interests – Somerset CC may also process your data for the purposes of audit, quality control, training and in order to deal with enquiries and complaints.
Data sharing – The information which you provide on this form will be held by Somerset County Council and may be shared with but is not limited to the Council’s contractors, solicitors, insurers Claims Underwriting Exchange (CUE) run by Insurance Database Ltd (I.D.S L) if necessary. This information will be used for the purpose of investigating your claim. This information may also be disclosed to parties mentioned above for the purpose of investigating and making a decision on your claim.
Transfers abroad – this data will not be transferred abroad
Data retention – For data received on or after 1 April 2018; we intend to keep the information you provide for a period of 6 years in line with the Limitation Act 1980 after the closure of the claim.
Your rights – You have the right to ask Somerset County Council to a copy of your data, the right to rectify or erase your personal data, and the right to object to processing.
However, these rights are only applicable if the Council has no other legal obligation concerning that data. You also have the right to complain to the regulator, ico.org.uk/
Consequences: If you do not supply this information to us, we will not be able to process your claim.
Equalities statement
Whilst we try to make our documents as accessible as possible, we understand that this may not always be the case.
Please confirm by return if you need this form to be translated into a different language and/or the form amended, changed to a braille, audio descriptive format based on your level of vision, and we will try to accommodate this as best as possible.
Purpose for processing To enable the Council to encouraging learners aged 16 to 18 and, 19 to 25 with a learning difficulty, to participate in education and training in accordance with the Council’s statutory duty.
Legal basis for processing The data is processed in accordance with the General Data Protection Regulation (GDPR):
Article 6(1)(e) – processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Article 9(2)(g) – for reasons of substantial public interest, on the basis of Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.
Data sharing – the personal data relating to this function is supplied to the Council by the Department for Education under a data sharing agreement. The Council will only share this data with external organisations where there is a legitimate business reason and lawful basis for doing so. Organisations will include (but are not limited to) the Department for Education, Careers South West and providers of further or higher education.
Transfers abroad – your data will not be transferred abroad unless you are specifically informed at the point your data is collected and received.
Directorate – Public Health
Reducing health inequalities, increasing life expectancy. The priorities are to:
For more information about the work of Public Health please see:
www.nhs.uk/smokefree
www.nhs.uk/oneyou/how-are-you-quiz/
www.healthysomerset.co.uk/smokefree/
www.healthysomerset.co.uk
www.healthysomerset.co.uk/weight/
www.somersethealthchecks.co.uk/
By law – Public Health is required by a number of UK laws and European Regulations and Directives to ensure the delivery of the priorities detailed above (details of specific legislation are shown below). In some cases, Public Health may ask for your explicit consent to process your personal data, see below for more details.
Legitimate interests – Public Health uses your personal data to support its legitimate interests to audit financial transactions, to ensure the quality of services, to correspond with customers, to answer enquiries, and to deal with complaints.
Data sharing – the personal data provided to Public Health will be shared with a range of partners when providing services including the NHS. When Public Health is required to share your personal data, you will be informed at the point your data is collected.
Data Controller – Somerset County Council
Purpose for processing – to run recruitment processes
Legal bases for processing – right to work, safer recruitment.
By law – Immigration, Asylum and Nationality Act 2006, Safeguarding Vulnerable Groups Act 2006 as amended by the Protection of Freedoms Act 2012.
Data sharing – the personal data provided will be shared internally to Somerset County Council. This information may be disclosed to Government Departments where there is a legal obligation to do so. If you are applying for an Apprenticeship the personal data provided will be shared with the Learning Provider attached to the employment.
Transfers abroad – Personal data in our e-recruitment system is kept within the EEA by Lumesse.
Data retention – If you become an employee the data will be kept for the duration of the employment plus 6 years. If you do not become an employee the data will be kept for 12 months, right to work information of unsuccessful candidates is destroyed after interview.
Your rights – You have the right to ask Somerset County Council to a copy of your data, the right to rectify or erase your personal data and the right to object to processing. However, these rights are only applicable if the Council has no other legal obligation concerning that data. You also have the right to complain to the regulator ico.org.uk/
Consequences – If you do not supply the information requested on this application form we will not be able to process your application.
For more information see http://extranet.somerset.gov.uk/hr/employment-information/data-protection/
This summary policy explains how the information this service collects about you for registration purposes is used, and your rights in relation to that information. This service falls within the Economic and Community Infrastructure group.
Personal information collected from you to register an event is required by law. The main legislation which governs the collection of registration information is the Births and Deaths Registration Act 1953, the Marriage Act 1949 and the Civil Partnership Act 2004. You may be legally obliged by these acts, and other pieces of legislation, to provide certain pieces of information. If you fail to provide information you are required to give us you may, among other things, be liable to a fine.
Personal information may also be collected from you if you make an application to this office, for example for a certificate or to correct information contained in a register entry.
The information you provide will be held and processed by registration officers for this registration district. Registration information is retained indefinitely as required by law.
The superintendent registrar is a data controller for birth, marriage and death registrations and can be contacted at somersetregistrations@somerset.gov.uk. The local authority is a data controller for civil partnership registrations and you can email informationgovernance@somerset.gov.uk or phone 01823 359359 for more information.
The Registrar General for England and Wales is a joint data controller for birth, marriage, death and civil partnership registrations and can be contacted at – The General Register Office, Trafalgar Road, Southport, PR8 2HH.
A certified copy of any register entry will be provided by this office in accordance with the law to any applicant, providing they supply enough information to identify the entry concerned and pay the appropriate fee. An application for a certificate may also be made to the General Register Office.
Indexes for events registered at this office are publicly available to help members of the public identify the registration record they might need. Indexes are available to view by appointment only. Appointments can be made by contacting – Somerset Register Office, The Old Municipal Buildings, Corporation Street, Taunton TA1 4AQ – phone 01823 282251 or email somersetregistrations@somerset.gov.uk in the first instance.
A copy of the information collected by a registration officer will also be sent to the Registrar General for England and Wales so that a central record of all registrations can be maintained. Registration information held at this office may be shared with other organisations in the course of carrying out our functions, or to enable others to perform theirs.
You have the right to request access to the personal information we hold about you, to be informed about the collection and use of your personal information, for incorrect information to be corrected (where the law permits) and to request us to restrict the processing of your personal information. In certain circumstances you have the right to object to the processing of your personal information. Your information will not be subjected to automated decision-making.
You have the right to complain to the Information Commissioner’s Office about the way we are handling your personal information. Details on how you can do this can be found at ico.org.uk.
Data Controller: Somerset County Council – ICO Registration Z5957592
Data Protection Officer Contact: informationgovernance@somerset.gov.uk
Purpose for processing:
By law
Under 16
If you are under 16 and become a volunteer we must have the consent of your parents or guardian to become a volunteer.
Legitimate interest:
Where your information is not processed in accordance with the law we will use your personal data in order to deliver a service to you, including your profile, provide you with recommendations of volunteering opportunities, and recruitment process and training, depending on the volunteer role you apply for. We will use your email address (where provided) to contact you about changes to our service and important information about your role.
When you enquire about our volunteer services we will process your enquiry, and provide you with the information that you have asked for.
When you apply to become a volunteer for Somerset County Council, you willingly enter a voluntary agreement, formed between you and Somerset County Council. In order to carry out our obligations under that agreement we must process the information you give us, as set out in the purpose for processing.
Where you have given us your explicit consent, we will use your information in the way that you have asked us to such as provision of a newsletter or sharing your information with partner organisations to provide you with information about further volunteering opportunities.
Data sharing
Your personal data will be shared with relevant Somerset County Council Services and partner organisations who you may be supporting.
Transfers abroad
This data will not be transferred abroad
Data retention
This data will be retained for a period determined by UK law and regulations, or in some cases to meet specific requirements of the service being provided.
This data will be retained on file for the duration of the volunteer’s involvement with the Council as a volunteer, and for a further 6 years in order to support any follow up enquiries, unless your role is supporting children and it will then be held to meet any requirements resulting from the IICSA Enquiry. Information held about unsuccessful applicants is destroyed after 12 months.
Your rights
You have the right to ask Somerset County Council for a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the Council has no other legal obligation concerning that data.
Consequences
If you do not supply this information to us, we will not be able to place you into a volunteer role.
Insurance
Feedback - was this information helpful?
We will use your feedback to improve this website. Please tell us if we have got something wrong, if there is something missing or if something isn't working.
What do you want to tell us about? ---Information on pageA problem with the websiteA Council service
You can tell us about this on the complaints, comments and compliments page.
Tell us about the problem ---Not correct/out of dateNot clearNot working
Describe the problem
Adoption is one of the most rewarding ways of making a difference in a Child's life. If you decide to take up the challenge, we'll be there to support you every step of the way.
