Privacy statement

Lancaster City Council is committed to protecting your privacy. We need to collect and use information about people (“personal data”) in order to provide public services and carry out our duties as a Local Authority. This Privacy Statement is made in light of the requirements of the General Data Protection Regulation 2016 and the Data Protection Act 2018 to inform you how we use and protect this data.

The information on this page relates to the council as a whole. More detailed information in respect of specific services, departments and functions is available below. This list will be updated over the coming months to include information about the full range of council services.

Why do we use personal information?

The main reason we collect and use personal data is to support us in carrying out our duties as a Local Authority. These duties include collecting Council Tax, administering planning applications, protecting public health, providing housing and keeping the district clean, amongst many other things.

We will usually need at least basic information (such as your name and address) in order to administer these functions and contact you about them, and will sometimes need more detailed information to provide tailored services or investigate issues further. We also use the data we hold to monitor how we are doing, and to help plan future services.

We also use personal data for a range of other purposes, including providing other services to you, meeting our legal obligations, and contacting you with information about the Council (if you have requested this).

We will always explain in more detail why we need your data when we collect it from you.

When do we collect personal information?

We collect data about you whenever you:

provide it to us by filling in a form;
contact us by any method, including letter, email, social media or visiting one of our offices;
use some of our services;
book on to a Council lead event (i.e Community Conversations etc)

We also have a number of CCTV cameras in the district, both in our offices and in public spaces.

We might also collect data about you from other organisations or people. This includes information we receive from government departments and other public services (such as the NHS or the Police), and also sometimes from other sources such as local businesses or residents – for example, if your neighbour complains or reports a concern about you.

When we collect or receive data about you from third parties, we will usually tell you that we have done so (unless you already know about it).

We also use cookies on this website. For more information see our separate Cookie Policy.

How do we use personal information?

How we use your data will depend greatly on why we collected it in the first place. We will not usually use your data for any other purpose unless there is a strong reason to do so – such as a legal obligation or a criminal investigation. However, we do from time to time share basic information (such as name, address and contact details) between departments within the Council in order to ensure that our records remain up-to-date.

We will sometimes share your information with third party organisations, either because we are required to do so by law or because doing so allows us to provide you with more appropriate, efficient and effective services. This means that your data may be shared with other public organisations (such as other Councils, the NHS, or the Department for Work and Pensions) or with partner organisations that we use to either store personal information or help deliver services to you.

We will usually tell you who we intend to share your information with before any sharing takes place, unless there is a good reason not to do so (such as a legal obligation).

How do we protect your information?

We have a number of policies in place to ensure that your information is kept safe and secure, and can only be accessed by people who need to access it. Examples of our security include:

encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password);
controlling access to systems and networks, to ensure that only people who need to access information can do so;
training our staff in how to handle confidential information appropriately;
procedures for handling information that is kept on paper, such as ensuring it is locked away when not in use;
regularly testing and updating our technology to ensure that all our security measures are effective and up-to-date; and
procedures to follow in the event that any breach of security occurs, to ensure that any damage from this is minimised.

If we share your information with third party partners or contractors, we will put in place appropriate information sharing agreements or contractual terms to ensure that your data is protected to the same standard no matter who holds it.

Your rights

You have the right to request access to any of the data the Council holds about you. This is known as a Subject Access Request. For details of how to make a request, please see our webpage on Requesting information from the Council.

Where we are using your data in the process of carrying out our duties as a Local Authority, you can object to this if you think there are particular grounds to do so based on your personal circumstances.

Where we are using your data because you have consented to this in the past, you have the right to withdraw this consent at any time.

You also have a number of other rights under data protection law. These include:

the right to have your data corrected if it is inaccurate,
the right to have data erased where we no longer have a reason to keep it,
the right to have your data restricted in certain circumstances (such as if there is a dispute about how we are using it), and
the right to object to direct marketing.

Please note that none of these rights are absolute, and depending on the circumstances we may not be able to fulfil your request.

If you have any queries or complaints about how we use your data, or would like to exercise any of your rights, please contact our Data Protection Officer on info@lancaster.gov.uk or 01524 582205.

We always aim to resolve complaints to the satisfaction of everyone involved, but if you are unhappy with our response to any request you make, you have a right to complain to the Information Commissioner’s Office (ICO). The ICO is an independent regulator with the power to investigate your complaint and instruct us to take remedial action if necessary.

For more detailed information about your rights, please see the ICO’s guide, Your Data Matters.

Queries and revisions

We reserve the right to amend this privacy notice at any time. However, we take your privacy very seriously and will never change our policies or practices to make them less protective of your personal information.

If we make any changes to this policy which significantly affect you, we will aim to notify you directly if we hold contact details for you. You will always be able to find the most up-to-date version of this policy on our website.

This Version: v3.0, September 2022

Last updated: 15 January 2024

Name	Cookie purpose description	Provider	Expiry
CookieNotice	Used to hold the selections you make as to which cookies you allow from the site.	lancaster.gov.uk	6 months
Bridge.Auth	used to hold authentication information	lancaster.gov.uk	Session
ASP.NET_SessionId	used to hold session information	lancaster.gov.uk	Session
ProcessDisplayOptionsActionFilter.Pref	This cookie is used to remember display settings for colour contrast and font sizes set by the user in the accessibility options panel.	lancaster.gov.uk	30 days

Name	Cookie purpose description	Provider	Expiry
_gid	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	google-analytics.com	1 day
_ga	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	google-analytics.com	2 years