Privacy

Brighton & Hove City Council is the data controller for purposes of the Data Protection Act (2018) and The General Data Protection Regulation (EU) 2016/679 ("GDPR") and is registered as a data controller with the Information Commissioner’s Office (ICO) under registration number Z5840053.

Brighton & Hove City Council are committed to protecting your personal information. As a data controller we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law.

Purposes and lawful basis of processing

The reason and legal basis for collecting the data will be different for each consultation. For each consultation, the legal basis will be included on the consultation start page.

If special category data is being processed, then we will state this on the consultation start page.

Who we will share your data with

Your data may be shared with internal departments in the council. If we intend to share your data with external organisations, we will include this on the consultation start page:

  • who the data will be shared with
  • why the data is being shared with them

How long we will hold your data (retention)

We will not hold your data beyond the stated need for each consultation.

Data we may collect

Depending on the consultation, we may collect the following personal data:

  • name
  • age or date of birth
  • email address
  • post codes or part of a post code

We may also collect special category (sensitive data) personal data if you provide answers to our equalities monitoring questions. This could include:

  • health details
  • ethnicity
  • gender
  • religion
  • sexual orientation
  • other protected characteristics

Email notifications

Citizen Space (the consultation portal software) will ask for your email address if you want to:

  • save your progress and complete the consultation later
  • receive a submission acknowledge email

In these instances, the email address you supply will not be linked to your consultation response and will be deleted from the system within a few days.

How your data will be stored

Your information will be stored electronically and/or on paper records. We will only make them available to those who have a right to see them.

Example of the security measures we used are:

  • controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it.
  • training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong.
  • regular testing of our technology and ways of working including keeping up to date on the latest security updates.

Will my data be transferred outside of the European Economic Area?

No.

Your information rights

Under data protection legislation you have certain rights concerning your information, namely:    

  • the right to be informed - to be informed regarding why, where and how we use your information
  • the right of access – to request access to the information we hold about you
  • the right to rectification– to have your information corrected if it is inaccurate or incomplete
  • the right to erasure or the ‘right to be forgotten’– to ask for your information to be deleted or removed where there is no need for us to continue processing it, except when processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest
  • the right to restriction of processing– to ask us to restrict the use of your information in certain circumstances
  • right to data portability, to ask us to copy or transfer your information from one data controller to another in a safe and secure way, without impacting the quality of the information
  • the right to object to processing– to object to how your information is used in certain circumstances.
  • the data subject right not to be subject to a decision based solely on automated processing

Not all these rights may be applicable to you.

Learn more about your rights.

How to get advice or make a complaint

Contact the council's Data Protection Officer

If you wish to discuss any of your data protection rights, you can contact the Data Protection team by phone on 01273 29 59 59 or sending an email todata.protection@brighton-hove.gov.uk.

Contact the council's Data Protection Officer.

While we would prefer that you contact us first with any concerns that you might have, you can also contact the Information Commissioner’s Office. The ICO is the national regulator with responsibility for ensuring compliance with data protection.

Information Commissioner’s Office

You also have the right to lodge a complaint with a supervisory authority. Contact details for the ICO is stated below:

You can contact the ICO:

  • on their website
  • by phone 0303 123 1113
  • by post: Wycliffe House, Water Ln, Wilmslow SK9 5AF

This privacy notice will be subject to review when there is a change.

Delib Privacy Information

Delib’s software (this website) enables organisations to set up and operate democratic exercises, through which they will engage with you.

When you access and use this site, your information submitted to these exercises will go to the data controller: the organisation running this site. If you have provided it, this information may include personal data (e.g. your name, age, contact details etc.).

Delib’s role is to process this data on behalf of the controller. Processing means (among other things): making sure this website runs properly, that your data is securely stored and is available to the controller so that they can do their work effectively.

Our primary purpose is in making software platforms that help you to have your say. To do this we need to make sure that when you do, your data is safe, secure, and can be worked with effectively. So that’s what we do. Delib will not access your personal data unless requested to do so by the controller, and only for the purposes of helping them or you.

The data controller will have a privacy policy or other information notice, which sets out how they will hold and use the information you provide, as well as your rights in relation to that information. This policy or notice may be included on this page, or can be obtained by contacting them.

If you have any questions or requests about your personal data, these should be sent to the data controller in the first instance. Delib cannot directly deal with such enquiries as it does not control how your information is used.

Collection of Browser Information

Delib stores information which is provided by your computer when you use the website. For example, your browser type, IP address, language preference, referring site, and the date and time. Delib's purpose in collecting this information is to maintain the security of the website and for the purposes of operating and improving the software.