Pest control service privacy notice
Read our privacy notice for information on how we collect, store and process your data.
Brighton & Hove City Council is committed to protecting your personal information. As a data controller we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law.
The primary laws which govern how Brighton & Hove City Council collects and use personal information (known as “Data”) about you are:
However, Pest Control is also subject to other specific laws which define when and for what purposes it can use your personal data.
Why we are collecting your data and our lawful basis for doing so
We’re collecting your data for the purpose of removing pests from commercial and residential buildings. Information will be used to provide this service, including using contact details for communication purposes in relation to the work that needs to be carried out.
As the service incurs a fee, financial information will need to be processed.
Information is also processed when we receive complaints or queries. Data collected this way will be used to communicate in relation to the matter as well as used to resolve issues if necessary.
As a local authority we have a legal obligation to ensure council land and property is kept free from mice or rats under the Prevention of Damage by Pests Act 1949.
Should work be carried out on private and/or commercial property then our lawful basis is for the performance of a contract.
We may also process special category data on occasion, which will be done under substantial public interest, specifically the Data Protection Act (2018) Schedule 1, Part 2, Paragraph 6 ’Statutory etc. and government purposes.’
The data we may collect
- contact details including name, address, email address, telephone number
- information about your family
- social and personal circumstances
- financial details for purposes of receiving or making payments
- housing information relating your council tenancy
- business activities
Special category data
- physical or mental health details
Who we’ll share your data with
Your data may be shared internally with Financial Services and Legal Services.
We may also share your data externally with a contractor who we may employ to carry out some works.
Data that is shared is always done:
- on a case-by-case basis
- using the minimum personal data necessary to provide the service
- with the appropriate security controls in place
- in line with legislation
Information is only shared with those agencies and bodies who need to know or where you have consented to the sharing of your personal data.
We may use the information we hold about you to assist in the detection and prevention of crime or fraud. We may also share this information with other bodies that inspect and manage public funds.
Holding your personal information
We will not keep your data for longer than is necessary, subject to any legal obligations we have to retain the data. How long we keep it will vary according to the services you are involved with and the lawful basis for processing within those services.
The principles we use to determine how long your data will be kept include:
- the type of services you received and whether you are still receiving them
- whether we still are still under a legal obligation either to you or under UK Law
- any standards and guidance set out by the various regulators for our functions
- if you have expressed a preference that your data be retained, such as exercising your right to restricted processing
We will hold information for 6 years from our last contact with you.
How your data will be stored
Your information will be stored in electronic databases, document management systems and on paper records.
Who can access your data
We will only make your information available to those who need to know in order to perform their council role.
How we protect your data
Examples of the security measures we use are:
- training our staff to make them aware of how to handle information securely and how and when to report when something goes wrong
- encryption when data is being sent, meaning that information is scrambled so that it cannot be read without access to an unlock key. The hidden information is said to then be ‘encrypted’
- data is pseudonymised where possible, meaning that your identity will be removed, so work can be done without your identity being known by the people doing that work
- controlling access to systems and networks to stop people who are not allowed to view your personal information from getting access to it
- regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches)
Transferring data outside the European Economic Area
Your information is not processed outside of the European Economic Area.
Your individual rights
In relation to your personal information you have the right:
- to be informed – you have right to know about the collection and use of your personal data. We will inform you through our service-specific notices
- of access – you can request to know what we hold on you along with an explanation for how it is used by making a Subject Access Request
- to rectification – you have the right to ask us to update, amend or change your information if it’s factually inaccurate or incomplete
- to restrict processing – you have the right to request that we limit using your personal data for specific purposes if you do not believe we have a lawful basis for a particular purpose or where you consider the data to be incorrect. Upon receiving a restriction request, we are obliged to consider our use of the data and provide you with a response
How to get advice or make a complaint
Data protection contacts
If you wish to discuss any of your data protection rights, you can contact the Data Protection Team on 01273 29 59 59 or by email at firstname.lastname@example.org.
Whilst we would prefer that you contact us first with any concerns that you might have, you can also contact the Information Commissioner’s Office. The ICO is the national regulator with responsibility for ensuring compliance with data protection.
Information Commissioner’s Office
You also have the right to lodge a complaint with a supervisory authority. Contact details for the ICO is stated below:
You can contact the ICO:
- on their website
- by telephone: 0303 123 1113
- by post: Wycliffe House, Water Ln, Wilmslow SK9 5AF
This privacy notice will be subject to review when there is a change.