Check out the latest information and advice on coronavirus (COVID-19).
Derby City Council is the local government unitary authority for Derby City. Our address is The Council House, Corporation Street, Derby, DE1 2FS. You can contact our Data Protection Officer on 01332 640763 or by email at email@example.com.
We collect information from you when you visit www.derby.gov.uk; also when you contact us in writing, speak to us on the phone, by email or any other type of electronic communication, or talk to us face to face.
We collect different categories of information about you, depending on the service you want from us and/or the reason why we need to process information relating to you. This could be personal information (for example your name and address), or other more sensitive data that we would only collect and use in very particular circumstances that are set out in law. In Digital Services we collect a variety of personal and special category data in accordance with the lawful bases set out below.
Examples of personal data Digital Services collect include photographs and personal contact details. An example of special category we collect data is disability information to support with technological reasonable adjustment.
We may use your information to:
We will primarily use your data in accordance with contractual obligations arising from the contract of employment. Alternatively your data will be processed in accordance with:
If we inform you that we are processing your data in accordance with your consent or legitimate interests, you have the right to opt out at any time. This can be done by emailing ServiceDesk@derby.gov.uk
Some special category data available on sight, and therefore is already in the public domain. As such the primary justification for processing this information is; personal data which are manifestly made public by the data subject, in accordance in Article 9 (e).
Further information about how Digital Services use staff personal data such as photographs can be viewed by visiting the Digital Workforce FAQ's and Guidance section on the Council’s intranet.
Coronavirus has been added as a notifiable disease under the Health Protection (Notification) Regulations 2010. The Council have a legal duty to process and share personal information in accordance with the Coronavirus Act 2020. Any such processing will be done in the public interest to promote health and wellbeing.
The Council have a duty to notify Public Health England and the local authority where the individual resides (if different), where there are suspected Coronavirus cases. In this instance, the Council will disclose the information under Article 9(2)(j) of GDPR (processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health), and confidential information can be lawfully disclosed in the public interest, without consent, where the benefits to an individual or to society outweigh both the individuals and the public interest in keeping the information confidential.
The Council may contact staff, service users, residents and patients with messages relating to Coronavirus by text, phone, letter or e-mail. This contact is not direct marketing; therefore we do not need your Consent before contacting you. There is more information available on the national Information Commissioners Office approach to the current epidemic here: https://ico.org.uk/
Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.
We may share your information with the following third parties for the reasons detailed:
Further detail about employee data that will be generally managed will be listed within HR and related privacy notices. This notice should not be considered in isolation.
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
We keep and dispose of all records in line with our record retention schedule. We will comply with Data Protection legislation.
We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the information you provide to us. However, we cannot guarantee the security of any information you transmit to us. We recommend that you take every precaution to protect your personal information.
We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.
If you are accessing online services and are under the age of 13‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
Cookies are small text files which identify your computer to our servers. They are used to improve the user experience. View what cookies we use and how you can manage them.
If you would like to make a complaint regarding the use of your personal data you can contact our Data Protection Officer;
For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner's Office (ICO):