Information we hold
We store information in many formats such as emails, letters and CCTV footage. Our information security policies are in place to ensure that we keep information confidential, accurate and available to those who need it.
When dealing with confidential data, both personal and commercial, we follow current legislation such as:
- Data Protection Act 2018
- Human Rights Act 1998
- Privacy and Electronic Communications regulations 2003 with subsequent amendments
The confidential data we hold about you will depend on what services you use. Some examples are financial data for council tax payments and care records for children and vulnerable adults.
Our information policies
We have a number of information policies in place. These include: IT access control, Data security, Information handling, Unreasonable behaviour, Complaints.
Records retention and management
Our records retention schedules detail the recommended minimum length of time that different types of records should be kept by the council. The schedules apply to both paper and electronic records. They show when these records can be destroyed to comply with relevant legislation and operational needs.
Our General Records Retention Schedule includes details of some of the main types of records created and held by us.
If you would like further details on the retention of any specific records created by the council please contact us:
- Email: firstname.lastname@example.org
The Freedom of Information Act 2000 and the Environmental Regulations 2004 give you a general right of access to all types of recorded information held by public authorities, including local councils. The legislation is designed to promote greater openness and transparency throughout the public sector.
Our responsibilities under the Freedom of Information Act 2000
- We must produce a publication scheme, approved by the Information Commissioner. This is a guide to information held by the council that is routinely made available to the public. Under the Act, this includes all information held anywhere within an institution and does not have to be in the form of a specific document or structure. The scheme describes how and when this information is published and whether it is available free of charge or by payment
- We must deal with individual requests for information. This is known as the 'right to ask'. Any person or body, including companies resident in or outside the UK, has the right to ask whether the council holds the particular information in question.
You also have the right to access information about yourself held by a local council under other legislation including:
- The Data Protection Act 2018
Information request charging policy
Download a copy of our policy on charging for information requests.
How we process your data when you make a complaint or a request for information
Herefordshire Council is the Data Controller under data protection law and will use the information you provide to make a formal complaint or to request information only for that purpose.
The legal basis for processing this data is the legal obligation under various legislation to respond to complaints and to have a complaints process, and to process requests for information. This legislation includes the Local Government Acts, the Freedom of Information Act 2000, and the Environmental Information Regulations 2004.
We will keep your data for 6 years after the close of all action regarding your complaint or request..
Your information will be shared within the council and with our partners only as required to answer your complaint or request. If you approach a regulator, including the Local Government and Social Care Ombudsman or the Information Commissioner, we will share the information we hold with these regulators if they request it from us.
Individuals have a number of rights under data protection law, including the right to request their information. You also have a right to make a complaint about our handling of your personal data to the Information Commissioner's Office https://ico.org.uk/
You can contact the council's Data Protection Officer, Carol Trachonitis, via email@example.com