Data Privacy Policy

Miton Abbott Grouped Parish Council is committed to keeping your personal data safe and secure. As part of this commitment, we’ve updated our Privacy Policy to meet the high standards of the new European data protection law, known as the General Data Protection Regulation (GDPR).

This Privacy Policy sets out how we collect, use, store and protect your personal data. Our Privacy Policy also sets out clear information about your rights in relation to your personal data. Milton Abbot Grouped Parish Council is the Data Controller for personal data about individuals.

1.0 Key Definitions

Data processing: Data processing is any activity that involves the use of personal data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transmitting or transferring personal data to third parties.

Personal data: Personal data is any information identifying a data subject (a living person to whom the data relates). It includes information relating to a data subject that can be identified (directly or indirectly) from that data alone or in combination with other identifiers Milton Abbot Grouped Parish Council possesses or can reasonably access. Personal data can be factual (for example, a name, email address, location or date of birth) or an opinion about that person’s actions or behaviour.

2.0 How we process your personal information

We do not trade personal data for commercial purposes and will only disclose it if required by law, if it is necessary to arrange a service you have asked us for, or if it is with your consent. We will not use your information for automated decision making or profiling. Milton Abbot Grouped Parish Council uses providers (processors) based in the European Economic Area to process associate data.

3.0 Information you give to us

This is information about you that you give us by filling in forms on our site or by corresponding with us by phone, email or otherwise. It includes information you provide when you:

  • Use our website
  • Order any services or products offered by us or register for our promotional events
  • Register to receive downloadable information, newsletters or other information
  • Send us a request to contact you or when you report a problem with our product or services

The information you give us may include your name, position, address & post code, email address and phone number.

We will use this information to:

  • send you information you have requested
  • process orders for products and services
  • inform our marketing and sales activities
  • provide you with news and information which we think may be of interest to you and with information about our products and services

If you no longer wish us to use your data in this way, please let us know by clicking the unsubscribe button on our communications or emailing us on clerk@magpc.co.uk.

4.0 Information we collect about you

With regard to each of your visits to our website we will automatically collect the following information:

Information about your visit, including items you viewed or searched for; page response times; length of visits to certain pages.

We will use this information:

  • to administer our site so that it works well when you visit (we may also ask you for your opinion to help us do that) and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes
  • to improve our site to ensure that content is presented in the most effective manner for you and for your computer
  • to allow you to participate in interactive features of our services, when you choose to do so as part of our efforts to keep our site secure

5.0 Information we receive from other sources

This is the information we receive about you:

From our third party service providers (including, for example, sub-contractors in technical and delivery services, search information providers).

6.0 Legal basis for processing your information

We process your personal information lawfully and fairly in accordance with data protection laws. We may process your personal information where we are:

  • performing our business functions and activities generally
  • providing services to you
  • in receipt of your consent to our processing of your personal information
  • presented with a legal obligation to do so or we have a legitimate interest to do so, for

example on a business sale or for fraud prevention purposes

7.0 Sharing your information

We may disclose your personal information to third parties, including:

  • Our professional advisers and services providers with whom we work collaboratively to bring you services and information you have requested. In all circumstances this will be made clear
    at the time of collecting your data.
  • If Milton Abbot Grouped Parish Council or substantially all of its assets are acquired by a third party, in which case personal data held by us about you will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal information in order to comply with any legal obligation or in order to enforce or apply our Terms & Conditions. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

8.0 Where we store your personal data

All email information you provide to us is stored in our databases on a secure server located within the EEA (European Economic Area).

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

9.0 Retention of your personal data

We will only keep your personal data within the time-frames allowed by law and for so long as is necessary to comply with our legal obligations.

10.0 Your rights under the GDPR

10.1 Access to personal information

Individuals who are the subject of personal data held by Milton Abbot Grouped Parish Council are entitled to:

  • Ask what information the company holds about them and why
  • Ask how to gain access to it
  • Be informed how to keep it up to date
  • Be informed how the company is meeting its data protection obligations

If an individual contacts the company requesting this information, this is called a subject access request or SAR. Subject access requests from individuals should be made by email, addressed to clerk@magpc.co.uk

We will respond to Subject Access Requests within one month as is the requirement under GDPR. We will always verify the identity of anyone making a subject access request before handing over any information.

10.2 Correcting personal information

Individuals may ask us to correct any personal information about them that is inaccurate, incomplete or out of date.

10.3 Deletion of personal information

Individuals have the right to ask us to delete personal information about them where:

  • You consider that we no longer require the information for the purposes for which it was
    obtained
  • We are using that information with your consent and that consent has been withdrawn
  • You have validly objected to our use of their personal information
  • Our use of your personal information is contrary to law or our other legal obligations

10.4 Objecting to how we may use personal information

Individuals have the right at any time to require us to stop using their personal information for direct marketing purposes.

10.5 Restricting how we may use personal information

In some cases, individuals may ask us to restrict how we use their personal information. This right might apply, for example, where we are checking the accuracy of personal information that we hold or assessing the validity of any objection made by an individual to our use of their information. The right might also apply where there is no longer a basis for using an individual’s personal information but they don’t want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with the individual’s consent, for legal claims or where there are other public interest grounds to do so.

10.6 Withdrawing consent to using personal information

Where we use personal information with individual consent the individual may withdraw that consent at any time and we will stop using that personal information for the purpose(s) for which consent was given.

For queries as to whether the GDPR applies to the processing of your personal information or, if the GDPR does apply, and you wish to exercise any of these rights then please contact us. Please use the Contact information on our website.

11.0 Changes to our privacy policy

We keep this privacy policy under regular review and will place any updates on this website. This policy was updated in June 2018 to show that we are adhering to the new General Data Protection Regulation (GDPR), which came into force in May 2018.

12.0 Complaints

We seek to resolve directly all complaints about how we handle personal information but you also have the right to lodge a complaint with the ICO (Information Commissioner’s Office) who are the regulators of data protection laws in the UK. They can be contacted via their website https://ico.org.uk/make-a-complaint/.