Privacy policy
Who we are
Our website address is: https://www.connectingdevonandsomerset.co.uk/
How we use your information
The purpose of this web page is to inform members of the public about what to expect when Devon and Somerset County Councils collect personal data about them. We will collect personal data about different types of people including:
- visitors to our websites
- complainants and other individuals as part of complaints and requests for information
- people who use our services, such as social care clients or other service users
- people who contact us requesting either information or a service
- job applicants and our current and former employees.
Whenever we collect personal data from you we will ensure you are provided with a privacy notice which complies with data protection laws.
Visitors to our website
When someone visits our website, we collect certain information about these visitors, such as IP addresses and details of the pages which these people have visited. This information does not allow us to identify individuals but helps us to ensure our website is structured in the most effective and user-friendly way.
We will sometimes collect personal data via our website. In these circumstances, we will inform individuals why we wish to collect this information, what we will do with it and we will include details of who we will share this information with. This information will feature in a privacy notice which will be issued in accordance with our data protection policies.
Use of IP addresses
An IP address is a set of numbers that is automatically assigned to your computer whenever you log on to your internet service provider (or through your local area network (LAN). Web servers, the powerful computers that provide web pages for viewing, automatically identify your computer by the IP address assigned to it during your session online.
IP addresses may be collected for certain purposes (for example, to audit the use of our site). We do not link a user’s IP address to a person’s personal data, which means we will have a record of each user’s session but the user will remain anonymous to us.
Under certain circumstances, IP addresses and/or domain names may be linked to personally identifiable information, when this information is stored in databases managed by internet registrars or registries such as Network Solutions or ARIN.
Use of cookies
You can read more about how we use cookies on our Cookies page.
Search engines
Our website search is powered by Google. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either Devon and Somerset County Councils or any third party.
Network security
We operate secure data networks that are protected by a firewall. Both the Councils and their partners have security measures in place to attempt to protect our website against the loss, misuse and alteration of personal data that is under our control.
Information that you supply to us is restricted to only those staff that need access to this information for their jobs. We have a robust data protection policiesin place to help our staff to ensure all personal data is handled professionally and in accordance with the law. Our staff are also required to undertake data protection training every two years.
People who call our Customer Service Centre
When you call our Customer Service Centres we may collect personal data for the purposes of dealing with enquiries. Certain calls may be monitored and recorded for training purposes. We will inform you if your call is being recorded.
People who email us
Any email sent to us, including any attachments, may be monitored by Devon and Somerset County Councils. Email monitoring or blocking software may also be used to protect both Council’s ICT Infrastructure against viruses and other forms of malware. Both Councils have a robust Cyber Security policy in place to ensure that our network and the information assets managed as part of it are secured from cyber threats.
People who make a complaint to us
We handle numerous different types of complaints including those relating to:
- data protection breaches
- freedom of information responses
- service specific complaints
- social care complaints.
When we receive a complaint we will create a file containing the details of the complaint. This file may consist of paper and or electronic documents and will normally contain the identity of the complainant and any other individuals connected to the complaint.
Any personal data that we collect throughout the course of handling a complaint will be used to process the complaint and to check the level of service we provide. We may compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
Devon and Somerset County Councils may have to disclose the complainant’s identity to the service which is the subject of the complaint. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal data contained in complaint files for two years from the closure of the complaint. It will be retained in a secure environment and access to it will be restricted to those who are responsible for responding to complaints.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
People who use our Mobile Boost Scheme
When you apply for, or receive vouchers under our Mobile Boost Scheme (the ‘scheme‘), or participate as a supplier, we collect additional information as follows:
- Voucher applicants and beneficiaries: most of the personal information we collect and process is provided to us directly from you when you approach us to request a voucher (or your organisation if you are a SME beneficiary), when you complete our assurance questionnaire following an installation, via our website or otherwise. Any other information we hold may be provided by you, your organisation or your supplier (who has registered with us as part of the scheme). Such information includes personal identifiers and contact details such as your name and contact details (phone number, email address, postal address and postcode).
- Suppliers: personal information held about suppliers will be provided by the organisation that you work for or represent, via our website or otherwise. This will include personal identifiers and contact details such as your name and contact details (phone number, email address, postal address and postcode).
We use this information for a wide range of purposes, to enable us to carry out our functions as a local authority. This includes:
- Operating, managing and administering, the scheme effectively, through functions such as verifying the use of vouchers, determine eligibility for the scheme and assurance;
- to report on the effectiveness of the scheme to local and central government and relevant local or public bodies.
We process your information on the basis that it is necessary for the performance of a task (i.e. the operation of the scheme) carried out in the public interest. Your personal data may be processed for statistical analysis that may be published on an anonymous basis, for example in the form of location maps (or other types of graphical or literary representation).
If you do not provide the required information, you will not be able to participate in the scheme.
We may share the information you provide us in relation to the scheme, as set out in the “Sharing your information” section below.
We will typically keep your personal information collected in relation to the scheme for seven years (as we are required to keep records about who benefits from vouchers and/or uses the scheme, for this period).
Sharing your information
We are responsible for the delivery of a wide range of services to members of the public. Many of these services are delivered by Devon and Somerset County Councils directly. Some of our services are delivered by contractors and providers on our behalf. Both Councils may need to share personal data with these contractors and providers, so they can deliver contracted services. We will undertake to only share information which is relevant and necessary for the provision of that service to you.
Devon and Somerset County Councils may share your personal data internally across services to help provide a service to you. This information will be restricted to only those staff members that need access to this information. We will not share your information with any third-party organisations unless you have provided your consent for this sharing, or the councils are required to share this information by law.
Circumstances when Devon and Somerset County Councils may be required to share your personal data without your consent may include instances where the information is required for the purposes of prevention or detection of crime, or the apprehension and prosecution of offenders. We may also be required to share your personal data for the purposes of safeguarding or protecting the welfare of yourself and others. In these circumstances we will only share information that is relevant for the intended purpose and information that is shared will be restricted to the minimum necessary.
In addition to the above, we may share the information you provide us in relation to the Mobile Boost Scheme:
- with registered suppliers and/or their subcontractors, relevant local or public bodies, local authorities (including without limitation with Somerset Council, Devon Country Council, Torbay Council and Plymouth City Council), other government departments, office or executive agencies, local and central government and other partner organisations;
- (if you are a registered supplier) with beneficiaries and potential beneficiaries of the scheme;
- with our professional advisors (including without limitation tax, audit, legal or other advisors who provide professional services to us), third party audit teams and the British Chambers of Commerce;
- with regulators (including without limitation Ofcom), law enforcement or fraud prevention agencies, courts, the police and any other authorised bodies, for the purposes of investigating any actual or suspected criminal activity or other regulatory, legal, commercial or public matters;
- with other third-party suppliers for business administration, beneficiary verification or IT purposes;
- in accordance with how information is shared when you use our website;
- where it required (or necessary for the performance of our functions) or allowed by law or is in the public interest to do so; and/or
- where you authorise us to do so.
If you believe that your personal data has been shared inappropriately, you have a right to complain about this. More information about how to make a complaint is available on our customer feedback page.
Reporting security incidents
We have a responsibility to monitor all incidents that may breach security and/or confidentiality of information. In the interest of maintaining strong security protocols, we encourage all staff and members of the public to bring to our attention, incidents involving the loss of personal or sensitive business information.
If you have lost or found such information, please complete our Security Incident Reporting Form. For further advice and assistance please email keepdevonsdatasafe@devon.gov.uk or phone 01392 383000 and ask for the Information Governance Team. Please include your name and contact details so that we can contact you again if necessary.
Any personal data that is collected via this process will be kept secure and will only be used for the purposes of investigating the specific concern raised.
Access to personal data
We are committed to openness and transparency when it comes to people gaining access to their personal data. Individuals can find out if we hold any personal data by making a subject access request under data protection legislation. If we do hold information about you we will:
- give you a description of it
- tell you why we are holding it
- tell you who it could be disclosed to
- let you have a copy of the information in an intelligible form.
To make a request for any personal data we may hold you need to complete our subject access request form or make a request in writing to; Information Governance Team, County Hall, Room 120, Topsham Road, Exeter, EX2 4QD. You can also email us at keepdevonsdatasafe@devon.gov.uk. You may be asked to provide proof of your identity and proof of your address as part of this process. For more information call us on 01392 383000 and ask for the Information Governance Team.
How to contact us
For more information about how we will process your personal data, or for information on how to access information from us, please email or write to us:
The Data Protection Officer
County Hall, Room 120
Topsham Road
Exeter
EX2 4QD
Email: keepdevonsdatasafe@devon.gov.uk