Madeley Town Council is committed to protecting the personal information we hold of people who use our services.

We comply with all laws concerning the protection of personal information, including the General Data Protection Regulation (GDPR). We have security measures in place to reduce the risk of theft, loss, destruction, misuse or inappropriate disclosure of personal information. All our systems have unique login details and access is only given to the staff who need it.

Your personal information is being processed by Madeley Town Council . We are devoted to managing personal information in line with current legislation and best practice, this includes the new General Data Protection Regulation (GDPR) which is active from May 25th, 2018. Whenever you provide personal information, we will treat information in accordance with our privacy policy. This statement of privacy applies to Madeley Town Council’s use of any personal information we collect or create about you. This includes information:
• we collect from visitors to our website and users of our web applications  given to us by phone, social media, such as Facebook and Twitter, email, in letters, in forms and other correspondence given in person

What information we may collect about you and where it comes fromMadeley Town Council collects personally identifiable information whenever you access or sign up to any of our services, request information, make a complaint or participate in activities provided by us. This information may include your name, email address, home or work address, telephone or mobile number, date of birth or bank account details. We also collect anonymous demographic information, which is not unique to you, such as postcode, age, gender, preferences, interests and favourites.

Type/classes of information processed We process information relating to the above reasons/purposes. This information may include:
 personal details
 family, lifestyle and social circumstances
 goods and services
 financial details
 education details
 employment details
 customers
 suppliers
 staff
 people contracted to provide a service
 complainants, enquirers or their representatives
 professional advisers and consultants
 landlords
 people captured by CCTV images
 representatives of other organisations
 elected members
We also process sensitive classes of information that may include:
 physical or mental health details
 racial or ethnic origin
 religious or other beliefs
 trade union membership
Who the information is processed about
We process personal information about customers and clients, advisers and other professional
experts and employees.
Who the information may be shared with
We sometimes need to share the personal information we process with the individual them self and
with other organisations. Where this is necessary we are required to comply with all aspects of
GDPR. What follows is a description of the types of organisations we may need to share some of the
personal information we process with for one or more reasons. Where necessary or required we
share information with:
 business associates, professional advisers
 family, associates and representatives of the person whose personal data we are processing
 suppliers
 local and central government
 financial organisations
 ombudsmen and regulatory authorities
 credit reference and debt collection agencies
 healthcare professionals, social and welfare organisations
 current, past or prospective employers
 examining bodies
 service providers
How we use the information we collect about you
We process personal information to enable us to provide a range of local government services to
people and businesses which include:
 maintaining our own accounts and records
 supporting and managing our employees
 promoting the services we provide
 carrying out health and public awareness campaigns
 managing our property
 carrying out surveys
 crime prevention including the use of CCTV
 corporate administration and all activities we are required to carry out as a data controller
and public authority
 undertaking research
 internal financial support and corporate functions
 managing archived records for historical and research reasons
 planning including applications and decisions, building control, local plans and conservation
Consent
We will ask you for your permission to process your personal information if it is not covered by a
public task or legal duty. This might be when we want to use your information in a way which is
unexpected or different to the original purpose where there is no legal basis. If we rely on your
consent to process your personal information, you have the right to withdraw that consent at any
time. If you wish to withdraw your consent, please contact the service that asked for your consent in
the first instance.
We will need the parental consent of children under the age of 13 if we offer services directly to
children over the internet. We will make reasonable efforts to verify age and parental responsibility.
When we may use your details to contact you
Madeley Town Council may contact you in a variety of circumstances, for instance:
 in relation to any service, activity or online content you have requested or signed up for to make
sure that we can deliver the services to you, e.g. to verify your email when you sign up to an
online account, to help you reset your password or to check if you still want to use the service (if
your account has not been active recently)
 in response to any correspondence we receive from you or any comment or complaint you make
 in relation to any personalised services you are receiving
 to invite you to participate in surveys about the council services
Retention policy
Retention Period
Our retention policy can be viewed on our website.
Where stored: Electronic, paper
Authority: Madeley Town Council
Information Asset Owner: Madeley Town Council
Location Held: Electronically or Secure File
Permanent Preservation: No
Sensitive Personal Data: No
Your Rights:
The right to be informed Data subjects should be clear about what, why and in what way, Personal
Identifiable Information (PII) will be processed.
The right of access Data subjects have the right to learn what PII is held on them by whom
and why
The right of rectification Data subjects can request corrections to their PII
The right to erase Data subjects can request to be forgotten
The right to restrict
processing
Data subjects can ask organisation to stop processing their PII
The right to data
portability
Data subjects can ask for their PII in machine readable format or to have it
sent to another organisation
The right to object Data subjects can object to organisation processing their PII
Automated decision
making and profiling
Protection against targeted marketing and decision making
If you wish to require more information regarding rights, you can do this by consulting the
Information Commissioners Office (ICO) website.