This notice describes your rights as a visitor, customer or job applicant of The Local Government Association. It provides information about your rights relating to your personal information along with how we collect, use and share your data via contact with us and via our website www.local.gov.uk or any systems that use this domain.
The Local Government Association is committed to abiding by data protection laws and to be open and transparent in how we use your personal information. Many people will be aware of the General Data Protection Regulation (GDPR) and the new 2018 UK Data Protection Act. We acknowledge our requirement to comply with these laws as well as local laws applicable to other countries.
This policy contains links to more information on many of the topics listed and further external links if you wish to read further detail about personal data management.
Who we are
The Local Government Association is a membership organisation and more information on what we do can be found at www.local.gov.uk/. As a data controller we operate under the names of the Local Government Association and the Improvement and Development Agency for Local Government, (IDeA). However, our data controller registration is “Local Government Association”.
We are registered with the UK Information Commissioner’s Office as a data controller and our registration number is Z5871320.
Our head office address is 18 Smith Square, Westminster, London, SW1P 3HZ.
If you need to contact someone to talk about personal data privacy you can contact our Data Protection Team at ITandbusinessmanagement@local.gov.uk .
What is personal data?
Personal data is data which identifies a person from the information provided or if combined with information that we may already have access to.
You can find out more about the legal definitions of personal data here.
In summary and by way of example personal data is:
- Name and address
- Date of birth
- Email address
- Bank account details
- An IP address
In addition, there are “special categories” of personal data which means that the data, in law, is considered more sensitive, such as:
- Personal data related to your health
- Genetic data
- Religious beliefs
Click here for a more complete list of this type of data.
We do not collect sensitive data in our normal course of business and any such data you provide for specific purposes, such as for monitoring purposes in job applications, will be treated with the utmost confidentiality.
Collecting personal data
We collect your personal data for a number of reasons including to enable us to provide you with a service you are interested in and where you have provided these details. Your personal data may be collected from several places.
The information we collect about you can come from:
- information you provide via the "Registration" page when registering to use the Website including your name, email address, job title and any updated information you provide from time to time;
- any comments you may have about your application to register to use the Website;
- Information you provide via the "My Profile" page;
- Information you provide when you submit or post content to the Website or when you contact us (including when you report a problem with the Website to us).
- additional information we may request from you from time to time either by contacting you directly or through the Website/ eventsforce/ CRM etc, although there will be no obligation on you to provide this additional information.
- Details of your visits to the Website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own purposes or otherwise and the resources that you access.
- Information you provide as part of a recruitment campaign – when applying for a job with the LGA or specific campaign run by the LGA, such as the national graduate development programme.
As a membership organisations the LGA uses information provided by and personal information of and relating to its members, councillors and officers so that it can for example:
- Carry out lobbying on behalf of the sector
- Contact officers
- Contact councillors
- Contact political groups
- Send bulletins
- Organise and market events
- Carryout campaigns
- Provide training and development events and sessions
- Conduct and defend litigation on behalf of the sector
- Provide legal advice to members, councillors and officers
- Send publications
- Enter into agreement, MoUs
- Conduct improvement work, negotiations and investigations
- Inform policy and associated guidance and documentation
- Conduct research
Usually we will collect information you have provided, but sometimes we get your personal information from third parties who provide us with the information of people who have given permission for their information to be shared. We will always use such information responsibly and in accordance with your rights.
We may get your information from third parties, where your permission is given or there is a valid legal basis for obtaining it, from (but not limited to):
- Gov delivery
Where your personal data is used by us, and you have a choice e.g. receiving direct marketing, you will always be afforded the option of stopping further contact “unsubscribe” and controlling these consent options.
If you believe that we have misused your personal data, please contact us and we will resolve your problem as swiftly as we can.
What we use your personal data for
We will use your personal data to let you know about above areas of work of the LGA and at times in relation to marketing, so long as we have your permission to do so. Wherever we collect personal data with marketing in mind, we will inform you and provide you with a choice to continue or stop being contacted for this purpose.
We will use your personal data to fulfil any contract we have with you and we are at times contractually obliged to use your personal data to ensure we are able to meet our contractual obligations.
We will use your personal data, with your permission, to provide to third parties who you may be interested in hearing from. We will always ensure we have your permission to do this before we share.
If you are registered on our recruitment website, Jobtrain, we will use your personal data, with your permission, to administer any recruitment process you have applied for. If you are signed up to receive job alerts via email we may also send you adverts that could be of interest. You are able to amend your preferences on our recruitment system http://jobs.local.gov.uk or you can contact our HR team via email – HrandPayroll@local.gov.uk
Who do we share your personal data with?
There are some organisations with who we work where we must share your personal details to provide the goods and services you require. There may also be times when we believe it is necessary in order to provide our members with advice and support in line with our membership offer, in an emergency, when it is deemed in the best interests of members to avoid adverse impact or detriment personal information may be shared.
Where your personal data must be shared for us to provide you with a service, then we make sure that our partners have the right controls in place to use your information responsibly and under our control. Categories of partners who may see your information are listed here.
- Annual Conference App;
- Recruitment testing providers
It is important for us that you understand who your information may be shared with and the seriousness with which we take the confidentiality of your personal data. If you have questions about such uses of your personal data, we will happy to tell you more.
We may also share your information with organisations where there is a need to check the accuracy of data we hold and where there may be legal or regulatory requirement to provide personal data, for example law enforcement.
We will not share your personal data unless there is a valid legal reason or need to do so.
Where is your personal data kept?
Your personal data is kept secure at all times and we use the latest technology to ensure that all our data is kept confidential, especially personal information that we hold.
Your information may be kept in a number of places, all of which comply with data protection requirements. We use cloud providers and online application providers to help us run our business. Personal data may be held on systems and databases in several locations. However, your personal information will be held with requirements of confidentiality and with suitable legal agreements and contracts in place, so you can be assured that your personal data is looked after.
Some of our systems may include the transfer of your personal data to other countries. Your data will only be transferred to other countries which have adequate provision in place to protect personal data to an equivalent level as personal data held in the UK.
How long we keep your personal data for
We will keep and use the personal information for as long as is detailed in the LGA’s retention schedule, as long as there is an association with local government and for at least 3 years after a councillor or council officer has left the Local Authority or membership of the LGA, in order to deal with any consequent queries or complaints you may have. We may retain the personal information for longer than this if there is a legal reason or requirement to keep the information for longer, for example if it is relevant to any current legal proceedings.
If you are a registered user and cease to access the LGA website for 1 year, then we shall mark your personal profile as "inactive". Your profile will then be deleted soon afterwards if it hasn’t been re-activated. If you wish to use the Website after such period has elapsed, you will need to re-register with us.
For job applicants, information will be retained for the purposes of processing your application and for 6 months after the end of the campaign. You are able to withdraw your applications and/or delete your profile before this time by visiting http://jobs.local.gov.uk
Any references to you in any current records and any statistical or anonymised information (from which you cannot be identified) may be kept for longer periods.
More information on how long we keep your data is available from us should you require it.
How we protect your personal data
We take the confidentiality of personal information very seriously and use recognised security and access controls to protect the information from unauthorised access, loss, misuse, alteration or corruption. We have procedures and processes in place to ensure that your personal information is managed appropriately.
However, we will always recommend that you take your own precautions to protect your own personal data whilst using the Internet, including this website. If you have any questions regarding the security of your personal data on our systems, please contact us.
What are your rights?
Under data protection legislation, you have rights over how your personal data is used. The main rights related to your personal data are listed below, but there are others which you may like to find out more about by looking up the Data Protection Act 2018 or the General Data Protection Regulation.
The right of transparency (right to be informed)
You have a right to be informed about the collection and use of your personal data. We have an obligation to be transparent and provide you with this information freely and that it is easily understood. This notice serves to provide information on collection and use of personal data, and you may contact us if you want to know more about any aspect of how we handle your personal information. More information on this right is available here.
The right of access to your information
You have a right to have access to the information we hold about you and to verify that we are using your personal data lawfully. If asked we will provide confirmation of what personal data we hold, provide a copy of the data, and inform you of any other rights you may have. You can find out more about what you are entitled to request by clicking here.
If you would like to make such a request, please contact the email address listed above.
The right of rectification
You have the right to have any information held about you which is inaccurate to be rectified. If you believe that we have inaccurate information, for example a misspelt name, then please contact us and we will do our utmost to sort it for you. More about rectification here.
The right to be forgotten (the right to erasure)
You have, subject to certain conditions being met, the right to be forgotten. Where we can, we will remove all your details from our systems subject to being able to do so reasonably, and where no other legal or legitimate reason exists to keep your personal data. For example, if you owe money to us via an account, we would expect this to be cleared before we considered erasure of your details. Please look here for more information on this right.
The right to restrict processing of your personal data
In some cases, you may require us to hold your data but not process it, this may be relevant if you believe inaccuracies have not been corrected and further processing would cause issues for you as an individual. More information on this right can be found here.
The right to data portability
Personal data portability, means that on request we will give you the information we hold about you in a form that can easily be used by other systems. This is most likely to be a spreadsheet file so that you may pass this information on to other organisations with which you would like to share the data. It may not always be possible to give you everything about you in this format, but we will always strive to provide what we can for you. Click here for more information.
The right to object
You have a right to object to how personal data about you are processed, in some instances. You may object to us processing your personal data for our “legitimate interests”, to stop direct marketing and processing your personal data for research or statistical purposes.
[Whilst we do have legitimate interests under which we process data and we do send marketing messages out to those that want them, we do not undertake research or statistical reporting.]
Unless we can demonstrate compelling reasons for continuing to process your personal data, which we will explain to you, if relevant, when you object, then we will always endeavour to comply with your wishes.
You may find out more about this right, here.
The right to stop automated individual decision making, including profiling
Should we wish to carry out any automated decision making or profiling of you, using your personal data, then we will abide by the law and only do this where it is necessary to do so, or we have your consent.
Any decisions made automatically about you will be made obvious to you, where they have a direct effect on you. You will always have the ability to contact us and query these activities and request that they stop or have human intervention.
We aim to be transparent and open about this type of data processing so that you can feel assured that your data is safe, kept confidential and always used lawfully and fairly.
Details about this right can be found here.
The right to complain
You have a right to complain to the regulator in the country in which you reside or where you believe any misuse of your data has taken place. The UK Information Commissioner’s Office can be contacted directly if you believe that we have failed to address your concerns.
Their information may be found at www.ico.org.uk.