Privacy notice - relating to how the council will deal with your data during the current coronavirus crisis
This privacy notice is an addendum to our overarching Privacy Notice, and explains how Islington Council (as a Data Controller) will collect, use and protect personal data specifically with regard to the Covid-19 (coronavirus) Pandemic.
The council already holds data regarding residents, employees and stakeholders. You may have provided this information for a specific reason. Normally, the council would seek to inform you that the data provided would be used for a different purpose. Due to the rapidly emerging situation regarding the current pandemic this will not always be possible. If we already hold information regarding vulnerability as defined in the current guidance from the Government and Public Health England, we may share this for emergency planning purposes or to protect your vital interests by sharing with services both inside and outside the council.
The Information Commissioners Office has published its own FAQs on data handling during the pandemic.
We may in this current crisis need to ask you for personal information including sensitive personal information for example your age or if you have any underlying illnesses or are vulnerable, that you have not already supplied. This is so the council can assist and prioritise it's services.
Your personal data
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller's possession or likely to come into such possession.
Some of your personal data is classed as 'special category data' because it is the information that is considered to be more sensitive and therefore requires more protection. This includes your medical data.
Legal basis for processing your personal data
How we are processing your personal data will determine the legal basis for processing. The legal bases for processing by the council as a public authority will be:
- Where disclosure is in the vital interests of yourself or another person (Article 6(1)(d) and 9(2)(c) GDPR)
- Where it is necessary for the reasons of substantial public interest Article 9(2)(g)
- Where it is in the interest of public health Article 9(2)(i)
Sharing your personal data
In this current pandemic we may share your information with other public authorities, emergency services, and other stakeholders as necessary and where it is proportionate to do so.
How long we keep your personal data
We will only keep your personal data for as long as is necessary for the purpose for which we are processing it, unless we have a legitimate reason for keeping it, for example, any legal requirement to keep the data for a set time period. At this stage it is not known how long data relating to the management of the pandemic will be retained. We will ensure that we follow any published guidance in this respect as it becomes available.
Where possible we will anonymise this data so that you cannot be identified.
Where we do not need to continue to process your personal data, it will be securely destroyed.
Complaints or queries
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
If you have any concerns, questions or comments please email the council's Data Protection Team.
If having exhausted the complaint process you are not content that your request or review has been dealt with correctly, you can appeal to the Information Commissioner's Office to investigate the matter further by writing to:
Information Commissioner's Office
Changes to this privacy notice
We keep this privacy notice under regular review and if we make any changes, we will publish the updated version on our website.
Data Protection Officer contact information
Data Protection Officer, 7 Newington Barrow Way, London N7 7EP – firstname.lastname@example.org