Weather disruption
Winter weather is causing disruption to services in some parts of the county. Find out what services may be affected in your area.
Dorset Council revenues and benefits service collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation and we are responsible as ‘controller’ of that personal information.
For the purposes of service delivery we need to collect personal information from you – the amount of information we need will depend on which service you use (but not limited to):
We may also obtain personal information about you or members of your household from other sources as follows:
We use your personal information so that we are able to deliver the highest quality service to you. This includes:
The personal information we have collected from you may be shared with fraud prevention agencies (such as CIFAS) who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. In appropriate cases, the council and fraud prevention agencies may also share personal information with law enforcement agencies to detect, investigate and prevent crime.
See more information about how your information will be used by us and these fraud prevention agencies, and your data protection rights.
The General Data Protection Regulation (GDPR) and Data Protection Act 2018 require that we must have a legal reason, or reasons, to collect and use your information. There are six specified reasons within the GDPR and, of those, the following reasons are applicable to revenues and benefits services:
1. "Legal Obligation" is where we need to process your personal data to comply with a common law or a statutory obligation - the legislation enabling us to process your personal information includes, but is not limited to:
2. “Public Task” is where the processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.
Your personal information will be treated as confidential but it may be shared with other Council services and organisations in order to ensure our records are accurate and up to date, and to improve the standard of service we deliver. We will only use your information in ways which are permitted by the General Data Protection Regulation and Data Protection Act.
As Dorset Council has a duty to protect the public funds it administers we may use the information you have provided for the prevention and detection of fraud. This may involve using Credit Reference Agencies to check that our records are accurate.
We use a range of organisations to either store personal information or to help deliver our services to you. Sometimes we have a legal duty to provide your personal information to other organisations, for example the Court Service, DWP or HMRC.
Those that we share information with are:
We may also share your information with the Dorset & Wiltshire Fire and Rescue Service (D&WFRS). D&WFRS has a duty to provide fire safety and prevention advice to local residents. To enable that, we have agreed to provide them with the name and address of those that receive a Council Tax single person discount. D&WFRS will compare this with their data to help identify those most likely to benefit from fire safety and prevention advice.
On occasion we may be required to share personal information with law enforcement or other authorities if required by applicable law. Where this occurs we will attempt to ensure that appropriate safeguards are in place.
As a mandatory participant of the National Fraud Initiative (NFI), we sometimes share personal data with the NFI. The purpose of this data sharing is to detect and prevent fraud. The NFI may share the personal data we provide with other bodies or organisations including: HMRC, the Department for Work and Pensions and IT suppliers to the NFI.
Our legal basis for sharing the data is that the processing is necessary for the performance of a task carried out in the public interest. Where we share special category data, our additional legal basis is that the processing is necessary for reasons of substantial public interest for the exercise of a function of the Crown, a Minister of the Crown, or a government department.
The personal data we provide will be used by the NFI to match records across different data sources in order to prevent and detect fraud. More information about how the NFI use personal data
Data sharing enables us to ensure the best service is delivered to you. We do not anticipate that our data-transferring arrangements will involve a transfer outside of the European Economic Area (EEA).
We will not share your personal information with any other third party.
The provision of the personal data (as set out above) is required from you to enable us to:
We will inform you at the point of collecting information from you, whether you are required to provide the information to us. If you fail to provide us with the information it may mean that we are unable to process your claim for benefit or reduce debts that you owe. In some cases, we may charge you a penalty for not providing us with information we have requested or you have deliberately provided us with wrong information. We will tell you about these penalties when we make the original request for information.
We will hold the personal data provided by you for six years after your account has closed or ended, as stated in our retention schedule and in accordance with HMRC and Government Department rules.
Under the General Data Protection Regulation you have a number of important rights that may be exercised free of charge. In summary, those include rights to:
For further information on each of those rights you can visit the Information Commissioner's Office.
If you have any concerns about how we are using your information, we would ask that you contact us.
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner telephone: 0303 123 1113.