Fylde Council Financial Services take your privacy seriously and we will only use your personal information to fulfil our statutory duties or to provide the products and services you have requested from us or have consented to us providing. To satisfy the requirements of the General Data Protection Regulation, the council is obliged to make it clear to you how we use your personal data, who we might share it with and to give you certain other information.

What will we do with the personal information that you give us?

Unless otherwise agreed with you, Fylde Council (the data controller) will only collect the minimum personal data required to deliver our services to you. This may include the payment of invoices received from our suppliers or to request payment for council services you have requested. The information collected may include your name, address, contact telephone numbers and bank account details where required. The information collected will not include any special category personal information, or information relating to criminal convictions or offences.

How long will we keep the information?

We will retain your personal data for six years plus current following the date of your last transaction, following which your personal data will be deleted and any paper copies shredded.

Who might we share your information with?

The information provided may be shared with Her Majesty’s Revenue and Customs, who have demonstrated that they have a lawful and legitimate interest in this information, for the purposes of carrying out an inspection on our accounts. Your information may also be shared with our external auditors, to fulfil our legal obligations to be audited on our accounts, and also Enforcement Agencies used by the Council for the recovery of outstanding debts.

We may also lawfully disclose information to other public sector agencies to prevent or detect fraud or other crime. The council also participates in the National Fraud Initiative (NFI) data matching exercise carried out by the Cabinet Office to assist the prevention and detection of fraud against the council and organisations within the public sector. The use of data by the Cabinet Office in this data matching exercise is carried out with statutory authority under part 6 of the Local Audit and Accountability Act 2014. We do not share your data outside the European Economic Area or use it for profiling or any other form of automated decision-making.

What is the lawful basis for processing my information?

Where the law requires us to carry out a function, we process your information to because it is necessary to comply with a legal obligation to which we are subject. This includes using your information to comply with our obligation to investigate, detect and combat fraud.

Where the law allows, but does not require, us to carry out a function, we process your information because it is necessary for the performance of a task carried out in the public interest, or in the exercise of official authority vested in us. If you have entered into a contract with us, or intend to enter into a contract with us, we process your information because it is necessary for the performance of that contract. If none of the above apply, but you have given your consent to process your information for one or more specific purposes, we process your information on the basis of your consent.

Who is the data controller and how can I get in touch?

Fylde Borough Council is the data controller. You can contact us by email at listening@fylde.gov.uk, by phone on 01253 658658, or at the Town Hall, St Annes Road West, Lytham St Annes FY8 1LW. Our Data Protection Officer can be contacted at the same address, or at dpo@fylde.gov.uk, or on 01253 658506.

What rights do I have about my data?

You have the right to request access to information about you that we hold. To make a request for your personal information, or to exercise any of the rights set out below, contact our Data Protection Officer, whose details are above.

You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • prevent processing for the purpose of direct marketing
  • object to decisions being taken by automated means
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations

If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/