We comply with the European Union’s General Data Protection Regulation (‘GDPR’) and the Data Protection Act 2018.
We’ve endeavoured to ensure that our use and collection of your data is clear and as transparent as possible, but in the interests of keeping this policy concise it’s not possible to list every circumstance in which we will use your data.
2. Types of personal information
The personal information we collect may include the following:
any other information provided by you to us via this website or our online presence, or otherwise required by us or provided by you; and
your device identity and type, IP address and standard web log information.
3. How we collect information
We may collect personal information either directly from you, or from third parties, including where you:
contact us through our website;
communicate with us via email, telephone, SMS, social applications (such as LinkedIn, Facebook or Twitter) or otherwise; and
interact with our website, social applications, services, content and advertising.
We may also collect personal information from you when you use or access our website or our social media pages. This may be done through use of web analytics tools, 'cookies' or other similar tracking technologies that allow us to track and analyse usage of our website. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites.
If you do not wish information to be stored as a cookie, you can disable cookies in your web browser.
4. Use of your personal information
We collect and use personal information for the following purposes:
to provide services or information to you;
for record keeping and administrative purposes;
to provide information about you to our contractors, employees, consultants, agents or other third parties for the purpose of providing services to you;
to improve and optimise our service offering and customer experience;
to comply with our legal obligations, resolve disputes or enforce our agreements with third parties; and
to send you administrative messages, reminders, notices, updates, security alerts, and other information requested by you.
We may disclose your personal information to cloud providers, contractors and other third parties located in international jurisdictions. If we do so, we will take reasonable steps to ensure that any overseas recipient deals with such personal information in a manner consistent with how we deal with it.
We take reasonable steps to ensure your personal information is secure and protected from misuse or unauthorised access. The information management practices and supporting technology systems used to produce and manage this website are ISO 27001 certified which is the global standard for information security. However, we cannot guarantee the security of your personal information.
Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using them.
7. Requesting access or correcting your personal information
If you wish to request access to the personal information we hold about you, please contact us using the contact details set out below including your name and contact details. We may need to verify your identity before providing you with your personal information. In some cases, we may be unable to provide you with access to all your personal information and where this occurs, we will explain why. We will deal with all requests for access to personal information within a reasonable timeframe.
Where you are a resident of the European Union and the GDPR applies to your personal information, you have the right to ask for ‘subject access request’ or ‘SAR’ being a copy of your personal data held by us. Where we do hold such data about you we will provide you with a copy of the data we hold about you. This will be in a commonly used machine-readable file where you request us to e-mail the information to you. We will also give you a description of the data, tell you why we are holding it and tell you who we could have disclosed it to.
If you think that any personal information we hold about you is inaccurate, please contact us using the contact details set out below and we will take reasonable steps to ensure that it is corrected. We will also stop processing data on your request and you may also request that we delete the data held about you.
If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us using the contact details set out in the ‘Contact Us’ section below.
We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the GDPR.
8. Transfers outside the European Economic Area (EEA)
Information that we collect in the EEA may from time to time be stored, processed in or transferred between parties located in countries outside of the EEA which may not have as stringent data protection laws as found in the EEA.
If you wish to complain about how we handle your personal information held by us, please contact us using the details set out below including your name and contact details. We will investigate your complaint promptly and respond to you within a reasonable time.
For data which is subject to the GDPR, you have the right to lodge a complaint with the local regulator in your jurisdiction in Europe if you do not feel we have adequately upheld your rights under GDPR.
10. Contact us
Name: Sophie Harris
Address: Royal Borough of Kingston-Upon-Thames, Guildhall, Kingston-Upon-Thames, KT1 1EU
You can read the council's full privacy statement on the Kingston website.