Data Protection Privacy Statement

 

In order to deliver services to the citizens and communities in Bedford Borough, it is necessary for the council to collect, gather and process personal data about staff and other individuals. Bedford Borough Council is committed to protecting your personal data when you use its services and/or correspond with it.

The Council has registered as a Data Controller with the Information Commissioner’s Office. This registration can be viewed on the ICO website Registration Number Z5916725. As a Data Controller, the Council sets out the purposes and methods for processing information and ensures safeguards over any personal and special category information it processes.

Bedford Borough Council is a DBS umbrella body and undertakes checks for the Council and other organisations. 

Bedford Borough Council use an online system for Disclosure and Barring Service (DBS) checks provided by Cantium Business Solutions Ltd. Cantium are a Local Authority Trading Company owned by Kent County Council delivering HR, Finance, IT and Professional services. Cantium collects uses and is responsible for certain personal information about you. When we do so we are regulated under the under the UK Data Protection Act 2018 (DPA 2018) and the EU General Data Protection Regulation which applies across the European Union (including in the United Kingdom).

The personal data we may collect at the application stage includes, but not exclusively, the following:

  • Your personal details including your name, address, date of birth, email address, phone numbers
  • Gender
  • Previous names
  • Applicants post title
  • Address history covering at least 5 years
  • Information regarding your nationality and documentation relating to your proof of identity
  • Driving license
  • National insurance number
  • Type of DBS check requested (Enhanced, Barred List)

 

The Council needs to process data to, assess and confirm a candidate's suitability for employment, decide to whom to offer a job or decide if employment can continue in a job role.

 

In other cases, the Council has to process data based on their legitimate interest and/or for the performance of a task carried out in the public interest during the recruitment process and for keeping records of the process. Processing data from job applicants allows the organisation to manage the recruitment process, assess and confirm a candidate's suitability for employment and decide to whom to offer a job. The Council may also need to process data from job applicants to respond to and defend against legal claims.

 

The Council will only collect criminal conviction data appropriate to the nature of your role and where legally permitted. This data will usually be collected at the recruitment stage, however, may also be collected during your employment. This information is sought because it is necessary for the Council to carry out its legal obligations and to exercise specific rights in relation to employment.

 

Once a recruitment (or other relevant) decision has been made, we do not keep certificate information for any longer than is necessary. This is generally for a period of up to six months, to allow for the consideration and resolution of any disputes or complaints.

 

If, in exceptional circumstances, it is considered necessary to keep Disclosure information for longer than six months, the Council will consult the DBS about this and will give full consideration to the Data Protection and Human Rights of the individual before doing so. Throughout this time the usual conditions regarding safe storage and strictly controlled access will apply. 

 

Once the retention period has elapsed, the Council will ensure that any Disclosure information is immediately destroyed by secure means.  Documents awaiting destruction will be kept in secure storage.

 

Confirmation of the outcome of a Disclosure will be kept on the personal file and on the Council’s Disclosure database.  This will include the name of the subject, the date of the Disclosure, the position for which the Disclosure was requested, the unique reference number of the Disclosure and the details of any associated recruitment decision taken e.g. employed or not employed.

 

The reason for processing your data is to allow us to carry out an effective recruitment process. Whilst you are under no obligation to provide us with your data, we may not be able to process, or continue with (as appropriate), your application.

We may process personal data for Freedom of Information requests. However, personal data is not shared as the data is anonymised.

We have a range of measures to protect the personal data you provide. These include: cyber security; physical security of the Council’s buildings and training on Data Protection for staff.

Bedford Borough Council is the Data Controller processing your information, who can be contacted as follows:

Information Governance

Bedford Borough Council

Borough Hall

Cauldwell Street

Bedford

MK42 9AP

Email: dpo@bedford.gov.uk

Telephone: 01234 267422

 

If you wish to enquire about your rights as a data subject, whether you wish to request a copy of your own information that Bedford Borough Council holds, request for data portability; rectification or erasure of your data for any reason or objection to any processing, please contact the Council’s GDPR Data Protection Officer at the above address or by email: dpo@bedford.gov.uk

Alternatively if you are unhappy in the way Bedford Borough Council has handled the processing of your information in any way, you have the right to contact the UK’s Supervisory Authority: The Information Commissioner’s Office who can be contacted:

By web form: https://ico.org.uk/global/contact-us/email/

By email: casework@ico.org.uk

Confirm Deletion?

Are you sure you wish to delete this item?

Warning

Warning