Skip to main content
  1. Home
  2. Privacy and data
  3. Service privacy notices
  4. Community Climate Action Plan - Privacy notice

Community Climate Action Plan - Privacy notice

Who the Council is and what the Council does

The Forest of Dean District Council is a data controller under the Data Protection Legislation (UK General Data Protection Regulation and the Data Protection Act 2018) as the Council collects and processes personal information about you.

The Community Climate Action Plan is a district wide programme funded by the National Lottery’s Climate Action Fund. It demonstrates the important role communities can play in achieving the district's climate and nature ambitions, whilst also improving people’s quality of life.

Any questions regarding our privacy practice should be sent to:

Data Protection Officer (DPO)
Forest of Dean District Council
Council Offices
Coleford GL16 8HG
Email: data.protection@fdean.gov.uk
Tel: 01993 861194

Why the Council needs your information and how the Council uses it

We use and retain your data in different ways depending on the application:

Memberships

We use your data to provide membership services, including e-newsletters and communications regarding relevant events.

Mailing list subscribers

We send you an e-newsletter and other occasional mailings about relevant events or projects.

Event attendees

When you attend one of our events, we collect data to help us plan and organise the event, and for monitoring and evaluation purposes. We may also take photos for documentation or to be used in our future communications.


What is the legal process for collecting and processing this data

  • UK GDPR Article 6(1)(c) - processing is necessary for compliance with legal obligation to which the Council is subject - this is limited activities on our Council website (cookies)
  • UK GDPR Article 6(1)(e) - processing is necessary for the performance of a task carried out in the public interest in the exercise of official authority vested in the Council
  • ‘Articles 6(1) Consent - the individual has given clear consent for you to process their personal data for a specific purpose
  • Article 6(1)f - Legitimate interests: As you have signed up, the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests
  • Where one or more of Articles 9(2)b, 9(2)g, 9(2)h, 9(2)i or 9(2)j are selected, the application must include the applicable conditions under Schedule 1 of the Data Protection Act 2018 to justify processing special category data

Please note that you may withdraw your consent at any time.

What type of information is collected from you

In order to administer our Community Climate Action Plan the Council collects the following information from you:

  • Memberships - name, address, website, phone number, email, description; names, email addresses, phone numbers of up to two contact people; any other data on organisation activities you supply us with
  • Mailing list subscribers - First name, Last name and email address, areas of interest, community organisation (optional)
  • Event attendees - Name, email address, photos

Who your information may be shared with (internally and externally)

The Council may share your information internally (within the Council) in accordance with statutory obligations. In addition, the Council may share your information with third parties in accordance with statutory and regulatory obligations. These may include the above the Legal and Regulatory obligations.

Third Party suppliers

We may use third party suppliers to provide services. These suppliers process personal data on our behalf as “processors”. They are only permitted to process your data for the lawful purpose for which it has been shared and in accordance with our instructions.

When we share personal information with third parties, we only share such information as required for the specific purposes, and we take reasonable steps to ensure recipients shall only process the information in accordance with those purposes. Examples of who we may share your information with are listed below:

  • Training providers and event organisers receive details of participants.
  • We may use MailChimp to send emails. Their servers are based in the US and they uphold the EU Privacy Shield to certify their data security.
  • We use Microsoft Forms to send surveys to participants. Their servers are based in Europe and they uphold the EU Privacy Shield to certify their data security.

Your information will not be passed on to any third parties without your consent.

Anonymisation

Your personal information may be converted ('anonymised') into statistical or aggregated data in such a way that ensures that you cannot be identified from it. Anonymised data cannot, by definition, be linked back to you as an individual and may be used to conduct research and analysis, including the preparation of statistics for use in our reports.

How long the Council keep your information (retention period)

The information you provide as part of your request will be retained in accordance with the Council Retention Policy schedules.

The Council has retention schedules in place to ensure that information is only held for as long as it is needed. We will not keep your information for longer than is required to by law.

Your information will be disposed of in a controlled and secure manner in accordance with the Council’s Policy.

How the Council protect your information

All the information the Council collects is stored securely on our IT system and manual filing systems. The Council has strict procedures for the way this is done. Any and all information about you is treated as confidential and with respect. There are also clear rules and guidance about storing, recording and sharing information which staff receive training on.

The Council will not transfer your personal data outside the EU without your consent.

The Council has implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction.

Please note however that where you are transmitting information to us over the internet this can never be guaranteed to be 100% secure.

If you use your credit or debit card to make payments, the Council passes your card details securely to our payment processing partner as part of the payment process. The Council does this in accordance with the Payment Card Industry Security Standard, and doesn’t store the details on its website. The information you give to the Council when using our online payment system will only be used for the recording of your payment.

The Council will notify you promptly in the event of any breach of your personal data which might expose you to serious risk.

Your rights

You have rights under the Data Protection Legislations:

  • to access your personal data
  • to be provided with information about how your personal data is processed
  • to have your personal data corrected
  • to have your personal data erased in certain circumstances
  • to object to or restrict how your personal data is processed
  • to have your personal data transferred to yourself or to another business in certain circumstances
  • to be told if the Council has made a mistake whilst processing your data and the Council will self-report breaches to the Commissioner

How you can access, update or correct your information

The Data Protection law gives you the right to apply for a copy of information about yourself. This is called a ‘Subject Access Request'.

If you wish to see a copy of your records you should contact the Data Protection Officer. You are entitled to receive a copy of your records free of charge, within a month.

The accuracy of your information is important to us to be able to provide relevant services more quickly. We are working to make our record keeping more efficient. In the meantime, if you change your address or email address, or if any of your circumstances change or any of the other information we hold is inaccurate or out of date please email us or write to us at:

Climate Change Community
Forest of Dean District Council
Council Offices
Coleford GL16 8HG
Email: customer.services@fdean.gov.uk

Further information

If you would like to know more about how the Council uses your information, or if for any reason you do not wish to have your information used in any of the ways described here, please tell us. Contact the Data Protection Officer at data.protection@westoxon.gov.uk

You can also complain to the Information Commissioner: https://ico.org.uk

The Council reserves the right to update this privacy notice from time to time by publishing a new version on our website.