We are committed to protecting your personal information.

The council is the data controller for purposes of the Data Protection Act (2018), and The General Data Protection Regulation (EU) 2016/679 ("GDPR"), and is also registered as a data controller with the Information Commissioner’s Office (ICO).

As a data controller, we have a responsibility to make sure you know why and how your personal information is being collected. This is according to relevant data protection law.

The primary laws which govern how Brighton & Hove City Council collects and use personal information (known as data) about you are:

Why we collect your data

We are collecting your data for the purpose of seeking your nominations for heritage assets to be added to the council’s Local List of Heritage Assets, which is compiled in order to meet the Government guidance set out in paragraph 040 of the National Planning Policy Guidance (NPPG), which supports the National Planning Policy Framework.

Our legal basis for collecting your data

Our lawful basis for processing your data is so that up to date information about non-designated heritage assets is included in the council’s adopted Local List and in East Sussex historic environment record; and so that that this information can be taken into consideration, and given appropriate weight, in determining planning applications under the Town and Country Planning Act 1990 (as amended).

What data we collect from you

Personal data

  • name
  • address
  • email address

Special category data

  • none

Who we share your data with

We will not share your information with any other third party, unless we are under a legal obligation to do so.

How long we will keep your data

We will not keep your data for longer than is necessary in order for the revised Local List of Heritage Assets to be formally approved by the relevant council committee in 2021, subject to any legal obligations we have to retain the data.

How we store your data

We will store your information on electronic databases, document management systems and on paper records. Paper copies will be scanned for storage on an electronic database and then immediately and securely disposed of.

How we protect your data and keep it secure

Examples of the security measures we use are:

  • training for our staff, making them aware of how to handle information securely, and how and when to report when something goes wrong
  • we use encryption when data is being sent, meaning we scramble information so other people can’t read it without access to an unlock key
  • where possible, we will pseudonymise your data. This means we will remove your identity so the people working with your data will not know your identity

Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information, from getting access to it.

Regular testing of our technology and ways of working, including keeping up to date on the latest security updates (called patches).

Transferring your data outside the United Kingdom

Your data is not processed outside of the United Kingdom.

Your rights

Check your rights in relation to your personal information.

How to get advice or make a complaint

If you want to discuss any of your data protection rights, you can:

Information Commissioners Office (ICO)

The ICO is the national regulator with responsibility for ensuring compliance with data protection.

We would prefer you to contact us first with any concerns, but you can also contact the Information Commissioner to make a complaint:

  • on their website
  • by phone on 0303 123 1113
  • by post, Wycliffe House, Water Ln, Wilmslow, SK9 5AF

Changes to this privacy notice

This privacy notice will be subject to review when there is a change.