The Council is the data controller for purposes of the Data Protection Act (2018) and UK General Data Protection Regulation and is registered as a data controller with the Information Commissioner’s Office (ICO) under registration number Z5840053.
Brighton and Hove City Council are committed to protecting your personal information. As a data controller we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law.
Why we are processing your data
- We are collecting your data for the purpose of providing Welfare and Benefits services.
- We have a legal basis for collecting this data through our statutory obligation under the Welfare Reform Act 2012.
- We also collect data to enable us to exercise specific obligations in the field of social security and social care.
- Your data may be shared internally within the council. It may also be shared with external organisations for the purposes of tax collection, provision of social care and to prevent fraud.
- To make sure that it delivers its functions as efficiently as possible; this Council may share your information with one of its local authority partners, namely Surrey County Council, East Sussex County Council etc., with whom it operates a shared service arrangement.
Your information rights
Under GDPR you have certain rights concerning your information.
For further information on your rights visit our website.
How to get advice or make a complaint
Data protection contact information
If you’d like to discuss your data protection rights, you can contact the Data Protection Team. Only use these contact details if you have questions about data protection and not for questions about other services.
We also have a Data Protection Officer. Visit our data protection officer page to find their contact details.
Please contact the Data Protection Team first if you have any concerns.
You can then contact the Information Commissioner’s Office (ICO). The ICO is the national regulator with responsibility for ensuring compliance with data protection.