We will not pass any personal data on to third parties, other than those who either process information on our behalf, or because of a legal requirement, and will only do so, where possible, after we have ensured that sufficient steps have been taken to protect the personal data by the recipient.
Information given in confidence
We will not normally share any information that you give ‘in confidence’ to us- meaning we have promised you we will not share it with others. At times we will need to share this information when you have said that we can, or when we have to by law, or where believe that not sharing the information would put you or someone else at risk of harm. If we do share information because of this, we will try to tell you about this but we can only do this if it is safe and legal for us to do so.
Information shared with Stratford-on-Avon District Council
We have a strong working relationship with Stratford-on-Avon District Council. Some Council officers work for both Councils and these officers use a different e-mail address for each Council. To help these Officers work effectively in their role, your e-mail to officers at Warwick District Council may be automatically forwarded to their e-mail address at Stratford-on-Avon District Council and you may receive a reply from their Stratford-on-Avon District Council e-mail address. This does not change who controls your personal data and Warwick District Council remain as data controller.
Information shared with partner organisations and agencies
We may need to pass your information to other people and groups that help offer a service for us. These people and groups are called ‘third parties’. ‘Third parties’ must look after your personal data, and only use it to answer your question or help with what you are asking them to do. If we want to share very private information about you, like your sensitive or confidential information, with a third party, we will only do so where we have to by law or you have told us we can do so.
By law, we must appoint a Returning and Electoral Registration Officer who runs electoral services. The Returning Officer is in control of the data they hold. To find out how they use your personal data, please see Electoral Services (elections and electoral registration) privacy notice - Warwick District Council.
Section 23 and 35 of the Representation of the People Regulations 2001 (RPA) says that the Electoral registration officer can use personal data that we have, if they need it to run their services. The Council will only share your personal information with electoral services for this reason and we will only share what they need.
Sharing special personal information
Where we need to disclose sensitive or confidential information such as medical details to other partners, we will do so only with your prior, explicit consent, where we are legally required to or where we otherwise have a lawful basis to do so under Article 9 of the GDPR. We may also lawfully disclose information when necessary to prevent risk of harm to an individual or individuals.
Sharing for marketing purposes
We will never share your information with other groups for them to try to sell something to you, unless you tell us that we can do so.
Legal obligations including the prevention and detection of crime, including fraud
We may need to share information with other groups, either to do something we have to do by law, or where the Data Protection Act or other Act or Regulation says that we can do so, such as when we must share information to help stop crime.
By law, we must protect the public money we use. We can use any of the information you give to us to help stop crime. We can also share this information with other groups in charge of auditing, looking after and spending public money, when we are doing one of our public tasks, or to prevent and spot fraud. We may share the information with the Cabinet Office, the Department for Work and Pensions, other local authorities, HM Revenue and Customs, and the Police.
Section 68 of the Serious Crime Act 2007 says we can share information to try to prevent fraud as a member of an anti-fraud group or when we have an agreement with an anti-fraud group that allows this.
Personal Information transferred outside the EU
Most of the personal information we have about you is held on computer systems in the UK but there are some times where your information may leave the UK. If we share or use your information abroad or use computer systems that are outside the European Union, we will tell you. We will only do this when we have data processing agreements that say what every group must do under the General Data Protection Regulations and the Data Protection Act.
We’ll do what we can to make sure your personal information is not sent to a country that is not seen as ‘safe’ either by the UK or EU Governments. If we need to send your information to an ‘unsafe’ country, we’ll always ask for advice from the Information Commissioner first.