Privacy policy

Who we are

Our website address is: https://www.connectingdevonandsomerset.co.uk/

How we use your information

The purpose of this web page is to inform members of the public about what to expect when Devon and Somerset County Councils collect personal data about them. We will collect personal data about different types of people including:

  • visitors to our websites
  • complainants and other individuals as part of complaints and requests for information
  • people who use our services, such as social care clients or other service users
  • people who contact us requesting either information or a service
  • job applicants and our current and former employees.

Whenever we collect personal data from you we will ensure you are provided with a privacy notice which complies with data protection laws.

Visitors to our website

When someone visits our website, we collect certain information about these visitors, such as IP addresses and details of the pages which these people have visited. This information does not allow us to identify individuals but helps us to ensure our website is structured in the most effective and user-friendly way.

We will sometimes collect personal data via our website. In these circumstances, we will inform individuals why we wish to collect this information, what we will do with it and we will include details of who we will share this information with. This information will feature in a privacy notice which will be issued in accordance with our data protection policies.

Use of IP addresses

An IP address is a set of numbers that is automatically assigned to your computer whenever you log on to your internet service provider (or through your local area network (LAN). Web servers, the powerful computers that provide web pages for viewing, automatically identify your computer by the IP address assigned to it during your session online.

IP addresses may be collected for certain purposes (for example, to audit the use of our site). We do not link a user’s IP address to a person’s personal data, which means we will have a record of each user’s session but the user will remain anonymous to us.

Under certain circumstances, IP addresses and/or domain names may be linked to personally identifiable information, when this information is stored in databases managed by internet registrars or registries such as Network Solutions or ARIN.

Use of cookies

You can read more about how we use cookies on our Cookies page.

Search engines

Our website search is powered by Google. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either Devon and Somerset County Councils or any third party.

Network security

We operate secure data networks that are protected by a firewall. Both the Councils and their partners have security measures in place to attempt to protect our website against the loss, misuse and alteration of personal data that is under our control.

Information that you supply to us is restricted to only those staff that need access to this information for their jobs. We have a robust data protection policiesin place to help our staff to ensure all personal data is handled professionally and in accordance with the law. Our staff are also required to undertake data protection training every two years.

People who call our Customer Service Centre

When you call our Customer Service Centres we may collect personal data for the purposes of dealing with enquiries. Certain calls may be monitored and recorded for training purposes. We will inform you if your call is being recorded.

People who email us

Any email sent to us, including any attachments, may be monitored by Devon and Somerset County Councils. Email monitoring or blocking software may also be used to protect both Council’s ICT Infrastructure against viruses and other forms of malware. Both Councils have a robust Cyber Security policy in place to ensure that our network and the information assets managed as part of it are secured from cyber threats.

People who make a complaint to us

We handle numerous different types of complaints including those relating to:

  • data protection breaches
  • freedom of information responses
  • service specific complaints
  • social care complaints.

When we receive a complaint we will create a file containing the details of the complaint. This file may consist of paper and or electronic documents and will normally contain the identity of the complainant and any other individuals connected to the complaint.

Any personal data that we collect throughout the course of handling a complaint will be used to process the complaint and to check the level of service we provide. We may compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.

Devon and Somerset County Councils may have to disclose the complainant’s identity to the service which is the subject of the complaint. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.

We will keep personal data contained in complaint files for two years from the closure of the complaint. It will be retained in a secure environment and access to it will be restricted to those who are responsible for responding to complaints.

Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.

Sharing your information

We are responsible for the delivery of a wide range of services to members of the public. Many of these services are delivered by Devon and Somerset County Councils directly. Some of our services are delivered by contractors and providers on our behalf. Both Councils may need to share personal data with these contractors and providers, so they can deliver contracted services. We will undertake to only share information which is relevant and necessary for the provision of that service to you.

Devon and Somerset County Councils may share your personal data internally across services to help provide a service to you. This information will be restricted to only those staff members that need access to this information. We will not share your information with any third-party organisations unless you have provided your consent for this sharing, or the councils are required to share this information by law.

Circumstances when Devon and Somerset County Councils may be required to share your personal data without your consent may include instances where the information is required for the purposes of prevention or detection of crime, or the apprehension and prosecution of offenders. We may also be required to share your personal data for the purposes of safeguarding or protecting the welfare of yourself and others. In these circumstances we will only share information that is relevant for the intended purpose and information that is shared will be restricted to the minimum necessary.

If you believe that your personal data has been shared inappropriately, you have a right to complain about this. More information about how to make a complaint is available on our customer feedback page.

Reporting security incidents

We have a responsibility to monitor all incidents that may breach security and/or confidentiality of information. In the interest of maintaining strong security protocols, we encourage all staff and members of the public to bring to our attention, incidents involving the loss of personal or sensitive business information.

If you have lost or found such information, please complete our Security Incident Reporting Form. For further advice and assistance please email keepdevonsdatasafe@devon.gov.uk or phone 01392 383000 and ask for the Information Governance Team. Please include your name and contact details so that we can contact you again if necessary.

Any personal data that is collected via this process will be kept secure and will only be used for the purposes of investigating the specific concern raised.

Access to personal data

We are committed to openness and transparency when it comes to people gaining access to their personal data. Individuals can find out if we hold any personal data by making a subject access request under data protection legislation. If we do hold information about you we will:

  • give you a description of it
  • tell you why we are holding it
  • tell you who it could be disclosed to
  • let you have a copy of the information in an intelligible form.

To make a request for any personal data we may hold you need to complete our subject access request form or make a request in writing to; Information Governance Team, County Hall, Room 120, Topsham Road, Exeter, EX2 4QD. You can also email us at keepdevonsdatasafe@devon.gov.uk. You may be asked to provide proof of your identity and proof of your address as part of this process. For more information call us on 01392 383000 and ask for the Information Governance Team.

How to contact us

For more information about how we will process your personal data, or for information on how to access information from us, please email or write to us:

The Data Protection Officer
County Hall, Room 120
Topsham Road
Exeter
EX2 4QD

Email: keepdevonsdatasafe@devon.gov.uk


Top