Barkby & Barkby Thorpe Parish Council

Serving the people of Barkby & Barkby Thorpe

Clerk: Carla Cunningham-Atkins
The Old Chapel, 18 Brookside
Barkby, Leicester LE7 3QD

Tel: 0116 2698307

The Council is preparing for the new General Data Protection Regulation (GDPR) legislation that comes into effect on 25th May.

It replaces the existing law on data protection (the Data Protection Act 1998) and gives individuals more rights and protection regarding how their personal data is used. The GDPR applies to Barkby & Barkby Thorpe Parish Council as a public authority.

The GDPR's main concepts and principles are very similar to those contained in the current Data Protection Act 1998 and the Information Commissioner's Office remains the regulator in charge of data protection and privacy issues.

The GDPR has a number of underlying principles. These include that personal data:

(a) Must be processed lawfully, fairly and transparently.

(b) Is only used for a specific processing purpose that the data subject has been made aware of and no other, without further consent.

(c) Should be adequate, relevant and limited i.e. only the minimum amount of data should be kept for specific processing.

(d) Must be accurate and where necessary kept up to date.

(e) Should not be stored for longer than is necessary, and that storage is safe and secure.

(f) Should be processed in a manner that ensures appropriate security and protection.

Please find details of Barkby & Barkby Thorpe Parish Councils policies:-

  • ICO Registration Certificate (PDF, 104 Kb)

    Information Commissioner Office - ICO Registration document

    The Data Protection Act 1998 requires every data controller (eg organisation, sole trader) who is processing personal information to register with the ICO, unless they are exempt.

    A copy of Barkby & Barkby Thorpe Parish Councils Registration details are here.

Data Breach Policy

A personal data breach is one that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data. Currently, data breaches do not have to be routinely notified to the ICO or others.

A copy of Barkby & Barkby Thorpe Parish Councils Data Breach Policy is below.

General Privacy Notice

The transparency requirements under the GDPR require councils to provide individuals with extensive information about how their personal data is collected, stored and used. This information must be easily accessible, transparent and presented using clear and plain language. In practice, this means that councils will need to include more information in their privacy policies, as well as retaining more detailed records of their data processing activities in relation to their staff, customers and third parties.

A copy of Barkby & Barkby Thorpe Parish Councils General Privacy Notice is below.

Staff Privacy Notice

A copy of Barkby & Barkby Thorpe Parish Councils staff Privacy Notice is below.

Subject Access Request Policy

To legally process data under the GDPR the Council must have a 'lawful basis' to do so. This is included in the Council's ICO registration (see above). Individuals have the right to know what data the Council holds on them, why the data is being processed and whether it will be given to any third party. They have the right to be given this information in a permanent form, known as a 'subject access request'.

Under the GDPR the right of data subjects to request information about the personal data processed by councils remains largely the same.

The time limit to comply with a Subject Access Request ("SAR") has been reduced from 40 calendar days to one calendar month. The ability to charge £10 per SAR has been removed so all SARs are free of charge from 25th May 2018.

A copy of Barkby & Barkby Thorpe Parish Councils SAR policy is below.

The below document has been approved by the Parish Council and are available upon request:-

  • Data Audit