Digital and ICT privacy notice for those engaged as an agency staff worker

Contents

  1. Introduction
  2. Who we are
  3. What type of personal information do we collect?
  4. How do we collect personal information?
  5. Why do we collect your personal information?
  6. Who might we share your personal information with?
  7. How long will we keep your personal information?
  8. What is our legal basis for using your personal information?
  9. How do we keep your personal information secure?
  10. Is your personal information used overseas?
  11. What are your rights?
  12. Contact us

1. Introduction

This notice provides additional privacy information regarding the types of personal information we may collect about you when you interact with us. It also explains how we will store and handle that information, as well as keep it safe and secure.

We will keep our privacy notice under regular review and will advise you of any updates on our website.

This Notice was last reviewed in February 2023.

2. Who we are

For the purposes of Data Protection legislation, South Tyneside Council is the Data Controller.

3. What type of personal information do we collect?

For the purpose of delivering Digital and ICT Services we will need to collect the following types of information:

  • Personal information
    • Full name
    • Telephone number
    • Job title
    • Office location
    • Department
    • Manager name
    • Email address
    • Username
    • Session information
    • Authentication
    • Digital & ICT system and audit logs
    • Network access logs
    • National Insurance number
    • Home address (if you are engaged as an agency worker)

4. How do we collect personal information?

We may collect your personal information in a number of ways, for example:

  • Email requests to the service
  • Online forms
  • Telephone calls
  • Digital & ICT system and network monitoring tools

5. Why do we collect your personal information?

We collect your personal information in order to:

  • Enhance the security of our systems by tracking suspicious and anomalous behaviour
  • To assist the Digital & ICT service in support and operation functions including fulfilling requests, responding to incidents and supporting Digital & ICT systems
  • To monitor the use of our services and systems to enhance the services we deliver
  • To meet organisation security and compliance requirements

Your NI number will be used as a unique identifier for the purpose of linking systems across the Council.

If you are engaged as an agency worker, your address may be used to arrange delivery of ICT equipment.

6. Who might we share your personal information with?

We may share information provided with the following parties in order to meet necessary compliance requirements:

  • Human Resources (HR)
  • Information Security
  • Information Governance
  • Audit
  • Legal

We will not share your personal information with any other third parties unless you have specifically asked us to, or if we have a legal obligation to do so.

If you are engaged as an agency worker, where required we may need to share your home address with an external courier service.

7. How long will we keep your personal information?

We may keep your personal information for up to 2 years after leaving employment for auditing purposes.

Any personal details shared with a courier service will be held according to their own retention periods.

8. What is our legal basis for using your personal information?

To use your personal information there must be a lawful basis to do this, such as, through a contract, performing a public task or where there is a legal obligation. 

Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information is:

  • We need it to perform a public task. The processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.

9. How do we keep your personal information secure?

Information provided to Digital and ICT is held securely on our network. Only officers working within Digital and ICT and system administrators have access to these records.

Any personal details shared with a courier service will be held according to their own security arrangements.

10. Is your personal information used overseas?

We will not process your personal information outside of the UK.

11. What are your rights?

Your individual rights are set out in law. Subject to some legal exemptions, you have the following rights:

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights in relating to automated decision making and profiling

Contact us

If you would like to exercise your rights in relation to your personal information, or you feel that something has gone wrong with your personal information, you can contact us in either of the following ways:

By email: data.protection@southtyneside.gov.uk
By telephone: 0191 424 6539

In writing:

South Tyneside Council
Information Governance
Town Hall and Civic Offices
South Shields
NE33 2RL

If you feel that the Council has not handled your information correctly you can contact the Information Commissioner's Office (ICO). 

The ICO is the Government's Independent Body responsible for overseeing data protection. 

In most cases the ICO will only review cases that have exhausted the Council's internal procedures.