An essential activity within the council is the requirement to gather and process information about the staff and people who use our services. This will be done in accordance with the General Data Protection Regulations (GDPR), the Data Protection Act 1998 (The Act) and other related government legislation.
The General Data Protection Regulation (GDPR) is an EU regulation that establishes a new framework for handling and protecting the personal data of EU citizens. ( This will still apply after Brexit)
It introduces new obligations and liabilities for all organisations - including parish councils, that handle personal data and new rights for individuals in respect of their personal data. All organisations must comply with the new rules by 25 May 2018.
For Hawthorn Parish Council itself, as a corporate body, it is the formal Data Controller and as such must meet its obligations.
Information held by Hawthorn Parish Council
A data audit of all personal data has been carried out.
In addition, Hawthorn Parish Council is aware of the ICO's code of practice and the risk to information privacy.
In particular Hawthorn Parish Council looks to minimise this riisk by looking to ensure personal information is
Hawthorn Parish Council has reviewed and amended all of its policies and procedures in order that they cover all the rights which individuals have including:-
Communicating Privacy Information
Hawthorn Parish Council has reviewed all of their Privacy Notices and Privacy Impact Information including:-
Subject Access Requests / Consents / Data Breaches
Hawthorn Parish Council has updated its procedures in respect of handling requests and providing information.
Hawthorn Parish Council does not hold any information / data on any child.
Data Protection Officer
Hawthorn Parish Council is aware of the need to appoint a Data Protection Officer and is awaiting advice and information on this.
Hawthorn Parish Council Privacy Notice