Welcome to your new East Suffolk Council website
Should you have any issues or feedback about the new site, please let us know at web@eastsuffolk.gov.uk.
UK GDPR privacy notices - Car Parks Privacy Notice
Introduction
The Parking Services team have provided this privacy notice to help you understand how we collect, use and protect your information whilst we provide your community with enabling support to be healthier.
The document below will describe how we may collect and process your personal information.
The purpose of this document is to clearly acknowledge the council’s responsibilities in relation to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Definitions
Personal data means any information related to an identified or identifiable natural (living) person (‘data subject’) i.e. a person that can be directly or indirectly identified by reference to a name, ID reference number, email address, location data, or physical, physiological, genetic, mental, economic, cultural or societal identifier.
Special personal data, previously known as ‘sensitive personal data’, relates to race, ethnic origin, politics, religion, trade union membership, genetic data, biometric data, health, sex life or sexual orientation. Records of criminal personal data must also be treated in a similar way.
Data Controller determines the purposes and means of processing personal data.
Data Processor is responsible for any operation which is performed on personal data on behalf of the controller, e.g. collection, recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or making available, alignment or combination, restriction, erasure or destruction.
Third Party is someone/somebody who is not the Data Controller, the Data Processor or the Data Subject.
Who we are
The patrolling of on-street and off-street parking management regulations is undertaken by East Suffolk Services Limited, in accordance with the procedures and policies set out by East Suffolk Council’s Parking Services team.
The services provided are discretionary insofar as the council can choose whether or not to provide on-street and off-street parking management regulations and the enforcement thereof. In doing so it is governed by the provisions of the Road Traffic Regulation Act 1984 (as amended) and the Traffic Management Act 2004.
The council is the ‘data controller’ for the information which is collated and processed. This means it is responsible for deciding how it can use your information. If you want more information regarding the services delivered, please go to its website.
The council regards lawful and correct treatment of personal information as critical to its successful operations, maintaining confidence between the council and those with whom it carries out business. The council will ensure that it treats personal information correctly in accordance with the law.
The Data Protection Officer for the council is Siobhan Martin, Head of Internal Audit, and can be contacted at dataprotection@eastsuffolk.gov.uk
How the law protects you
UK GDPR says that we are allowed to use personal information only if we have a proper reason to do so. More information on how the law protects you can be found on the East Suffolk website.
Our responsibilities
UK GDPR provides us with main responsibilities for processing personal data. All personal information provided by you is held securely and in confidence by us in our computerised and other records. When we process your personal information, we do so in compliance with UK GDPR. For further information on our responsibilities, please see our website.
Your rights
The UK GDPR and DPA 2018 provide you with the following rights:
- The right to be informed: You have the right to be informed about the collection and use of your personal data, and this is outlined in this privacy notice.
- The right of access: You have the right to request access to the personal data we may hold about you. This is undertaken using a Subject Access Request.
- The right to rectification: You have the right to request that inaccurate personal data we hold is rectified.
- The right to erasure: In certain circumstances, you have ‘the right to be forgotten’ and have your personal data erased.
- The right to restrict processing: In certain circumstances, you have the right to request the restriction or suppression of your personal data.
- The right to data portability: In certain circumstances, you have the right to request to obtain your own personal data for your own use or to give to other organisations.
- The right to object: In certain circumstances, you have the right to object to your personal data being collated, stored and processed.
- Rights in relation to automated decision making and profiling: You have the right to request that we do not make our decisions based on solely an automated process, and you can object to an automated decision and ask that a person reviews it in certain circumstances.
- The right to withdraw consent: In our discretionary service provisions, you have the right to withdraw your consent at any time.
- The right to complain: You have the right to complain through our complaints procedure, and then to the Information Commissioner. Any requests in relation to your rights with regard to the personal data we hold should be made verbally or in writing to the Data Protection Officer. For further information on your rights, please see the ICO website.
Your responsibilities
You are responsible for making sure you give us accurate and up to date information, and to let us know if any personal information we hold is incorrect.
When do we collect information about you?
We collect information about you from different places, including:
- DVLA
- Enforcement Agent services (bailiffs)
- Applications made by you for administering schemes set by on-street and off-street parking management Orders.
- Car Parking service providers such as RINGO, PaybyPhone, JustPark and Apcoa via the National Parking Platform.
What information do we maintain?
The information about you may include:
- Vehicle registration number, make, model and colour of vehicle
- Photographs of the vehicle
- Footage taken by Civil Enforcement Officers using body worn video cameras (as personal protective equipment)
- Name and address of registered keeper of the vehicle
- Dates of payments and how payments have been made
- Traffic penalty tribunal dates and outcomes.
How do we use your information?
Your personal data is collected to support the administration of Civil Parking Enforcement in accordance with on-street and off-street parking management regulations.
Your data is stored on a secure system to enable the administration of penalty charges in accordance with Civil Parking Enforcement legislation.
We will not use your personal data for other purposes other than for what it was collated unless it has obtained your consent or for other lawful purposes, e.g., detection and prevention of fraud.
How long do we keep your information?
All your data will be securely stored for a period of twelve months from the date the Penalty Charge Notice (PCN) was served for all paid accounts. The reason for the retention of data even when a PCN has been paid, is for ongoing Civil Parking Enforcement administration e.g., taking payments and for processing appeals.
All your data will be securely stored for all unpaid accounts. This allows Civil Parking Enforcement administration in accordance with the relevant legislation.
Data on parking contravention cases that proceed to the Traffic Penalty Tribunal and/or to Enforcement Agent services (bailiffs) shall be held securely until the penalty charge has been paid in full.
All electronic files shall be deleted (and any paper copies made) will be securely disposed of when data is no longer required.
Body worn video camera footage is retained for one month, or in the case of an incident being investigated, for the period of the investigation.
Data sharing
Data and personal information may be shared with:
- East Suffolk Services Limited as the contractor patrolling parking management regulations.
- DVLA to collect registered keeper details.
- Traffic Enforcement Centre (TEC) and Enforcement Agent services (bailiffs) for the registration and collection of road traffic debt following of non-payment of penalty charges.
- Taranto Systems Limited for the administration of Civil Parking Enforcement
- Car Parking service providers such as RINGO, PaybyPhone, JustPark and Apcoa.
Parking Matters Limited software provider of the National Parking Platform, used by East Suffolk Councils car parking service providers.
Transferring your information overseas
Currently, the Council does not transfer any personal information outside of the European Economic Area (EEA).
National Fraud Initiative (NFI)
The council may share information with other bodies responsible for auditing, or administering public funds, or where undertaking a public function, to prevent and detect fraud. For further information, see the East Suffolk website.