top of page

PRIVACY NOTICE FOR LYDLINCH PARISH COUNCIL 

Privacy Notice - Lydlinch Parish Council

Effective Date: 23rd March 2026 Last Reviewed: March 2026

1. Who We Are

Lydlinch Parish Council (“we”, “us”, “our”) is a local public authority responsible for the administration and delivery of civic and community services within Lydlinch.

We are registered with the Information Commissioner’s Office (ICO) as a Data Controller.

Contact details: Email: clerk@lydlinchparishcouncil.gov.uk Telephone: 01963 364276 Address: The Parish Clerk, The Hub@Stalbridge, Station Road, Stalbridge, Dorset DT10 2RG Website: https://www.lydlinchparishcouncil.gov.uk

ICO Registration Number: A8091761

2. Personal Data We Collect

We may collect and process the following categories of personal data as necessary and proportionate:

• Contact details (e.g. name, email address, postal address, telephone number)

• Correspondence and enquiries submitted to the Parish Council

• Consultation responses, surveys, and engagement feedback

• Records of attendance or participation at Parish Council meetings, events, or forums

• Images, audio, or video recordings (e.g. public events or CCTV where applicable)

• Website usage, analytics, and technical data

Where personal data is obtained indirectly (for example from other public authorities, third-party providers, or publicly available sources), we ensure transparency in line with our statutory obligations.

3. How and Why We Use Your Personal Data

We only process personal data where it is necessary to do so, including to:

• Deliver our statutory functions and public services

• Maintain public records and respond to enquiries or correspondence

• Carry out consultations and democratic engagement​

  • Comply with legal and regulatory obligations

• Protect public health, safety, or welfare

• Prevent or detect fraud or misuse of public resources

• Communicate Council decisions, notices, and updates

• Administer community facilities, allotments, grant schemes, and local projects

• Manage volunteers, contractors, and community representatives

• Process payments, financial transactions, and supplier records

• Administer planning, licensing, and regulatory consultations (where applicable)

Where appropriate, we may use anonymised or pseudonymised data for reporting, research, or statistical purposes, ensuring individuals cannot be identified.

 

4. Lawful Bases for Processing

Under the UK General Data Protection Regulation and the Data Use and Access Act 2025, we rely on the following lawful bases for processing:

• Public task – where processing is necessary to perform our functions as a local authority

• Legal obligation – where processing is required by law

• Consent – where explicitly given for specific, non-essential activities

• Vital interests – where processing is necessary to protect life or safety

In limited circumstances where processing does not fall within our statutory public task, the Council may rely on legitimate interests, provided such processing does not override the rights and freedoms of individuals.

Where the Council processes special category data (for example health or safeguarding information), this is carried out in accordance with Article 9 UK GDPR and Schedule 1 of the Data Protection Act 2018, and only where necessary and proportionate for the performance of our statutory functions.

5. Automated Decision-Making and Profiling

We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects on individuals.

If this position changes, we will update this Notice and provide appropriate information about your rights.

6. Data Sharing

We may share personal data where necessary and lawful with:

• Government departments, regulators, and statutory bodies

• Contractors or service providers acting on our behalf

• Other public authorities to support joined-up public services

• Professional advisers (such as auditors, insurers, or legal advisers) where required

• IT and system providers hosting Council systems under contract

 

All third-party processors are required to meet appropriate data protection and security standards. We do not sell personal data.

 

7. International Transfers

Personal data is normally processed within the United Kingdom. Where data is transferred outside the UK, appropriate safeguards will be in place, such as adequacy regulations or approved contractual mechanisms.

 

8. Data Security and Accountability

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse. This includes:

• Access controls and secure systems

• Staff training and confidentiality obligations

• Governance of suppliers and data processors

We are committed to the principles of accountability and transparency in how we handle personal data.

 

9. Data Retention

Personal data is retained only for as long as necessary for the purpose for which it was collected, in accordance with statutory requirements and the Council’s approved retention schedule. Where appropriate, specific retention periods are defined by legislation or regulatory guidance. Further details of the Council’s retention framework and retention schedule are set out in the Council’s Data Retention & Deletion Policy, which is available on request.

 

10. Your Rights

You have rights under data protection law, including the right to:

• Access your personal data

• Request correction of inaccurate data

bottom of page