UK GDPR privacy notices Planning (Development Management) Privacy Notice

Introduction

The Planning (Development Management) Team have provided this privacy notice to help you understand how we collect, use and protect your information in the course of our work as a local planning authority.

The document below will describe how we may collect and process your personal information.

The purpose of this document is to clearly acknowledge the council’s responsibilities in relation to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

See also our Planning Policy and Delivery and Design and Heritage Privacy Notice, which addresses how we use information in connection with the production of planning policy and guidance documents, keeping registers such as the self-build and custom build housebuilding register, the monitoring of development and Community Infrastructure Levy.

Definitions

Personal data means any information related to an identified or identifiable natural (living) person (‘data subject’) i.e. a person that can be directly or indirectly identified by reference to a name, ID reference number, email address, location data, or physical, physiological, genetic, mental, economic, cultural or societal identifier.

Special personal data, previously known as ‘sensitive personal data’, relates to race, ethnic origin, politics, religion, trade union membership, genetic data, biometric data, health, sex life or sexual orientation. Records of criminal personal data must also be treated in a similar way.

Data Controller determines the purposes and means of processing personal data.

Data Processor is responsible for any operation which is performed on personal data on behalf of the controller, e.g. collection, recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or making available, alignment or combination, restriction, erasure or destruction.

Third Party is someone/somebody who is not the Data Controller, the Data Processor or the Data Subject.

Who we are

The council, as the local planning authority, has a duty to consider applications for development in the public interest. We process information provided as part of an application including application forms, plans, documents and other supporting information. We invite statutory consultees, local people and organisations to comment on planning applications. This consultation helps to ensure that the right things are built in the right places.

The services provided by the Planning (Development Management) Team are statutory and are governed by (and any subsequent amendments):

  • The Town and Country Planning Act 1990
  • Planning and Compulsory Purchase Act 2004
  • The Town and Country Planning (Development Management Procedure) (England) Order 2015
  • The Town and Country Planning (General Permitted Development) (England) Order 2015
  • Local Land Charges Act 1975
  • Localism Act 2011

The council is the ‘data controller’ for the information which is collated and processed. This means we are responsible for deciding how we can use your information. If you want more information regarding the services delivered, please go to our website.

The council regards lawful and correct treatment of personal information as critical to their successful operations, maintaining confidence between the council and those with whom they carry out business. The council will ensure that they treat personal information correctly in accordance with the law. Our services are statutory and are governed by the Local Government Act 1972 (as amended).

The Data Protection Officer for ESC is Siobhan Martin, Head of Internal Audit, and can be contacted at dataprotection@eastsuffolk.gov.uk.

How the law protects you

UK GDPR says that we are allowed to use personal information only if we have a proper reason to do so. More information on how the law protects you can be found on the East Suffolk website.

Our responsibilities

UK GDPR provides us with main responsibilities for processing personal data. All personal information provided by you is held securely and in confidence by us in our computerised and other records. When we process your personal information, we do so in compliance with UK GDPR. For further information on our responsibilities, please see our website.

Your rights

The UK GDPR and DPA 2018 provide you with the following rights:

  • The right to be informed: You have the right to be informed about the collection and use of your personal data, and this is outlined in this privacy notice.
  • The right of access: You have the right to request access to the personal data we may hold about you. This is undertaken using a Subject Access Request.
  • The right to rectification: You have the right to request that inaccurate personal data we hold is rectified.
  • The right to erasure: In certain circumstances, you have ‘the right to be forgotten’ and have your personal data erased.
  • The right to restrict processing: In certain circumstances, you have the right to request the restriction or suppression of your personal data.
  • The right to data portability: In certain circumstances, you have the right to request to obtain your own personal data for your own use or to give to other organisations.
  • The right to object: In certain circumstances, you have the right to object to your personal data being collated, stored and processed.
  • Rights in relation to automated decision making and profiling: You have the right to request that we do not make our decisions based on solely an automated process, and you can object to an automated decision and ask that a person reviews it in certain circumstances.
  • The right to withdraw consent: In our discretionary service provisions, you have the right to withdraw your consent at any time.
  • The right to complain: You have the right to complain through our complaints procedure, and then to the Information Commissioner. Any requests in relation to your rights with regard to the personal data we hold should be made verbally or in writing to the Data Protection Officer. For further information on your rights, please see the ICO website.

Your responsibilities

You are responsible for making sure you give us accurate and up to date information, and to let us know if any personal information we hold is incorrect.

When do we collect information about you?

We collect information about you from different places, including:

  • Directly from you or an agent acting on your behalf when making an application, commenting on an application, responding to planning enforcement enquiries, or general correspondence.
  • From third party websites, such as the Planning Portal.
  • Indirectly, when members of the public reference you in documents or other communications with us.

What information do we maintain?

The information about you which we will maintain will include:

Information published on our website:

  • Applicant name and address, and details relating to the property
  • Agent name, address and contact information
  • Address of enforcement notices
  • Commentator name and addresses when commenting on planning applications
  • Any objector comments on planning applications

We operate a policy where we routinely redact the following details before making forms and documents available online:

  • Contact information (emails, telephone numbers)
  • Signatures
  • Special category data (such as information about health or other sensitive personal information as defined by legislation)
  • Any other information clearly signposted to us as personal and confidential

When you make a complaint about a possible breach of planning, we will ask for your information as well as information about the alleged breach. We will not publish or disclose any personal details about you or the breach unless we are obliged to by Law.

How do we use your information?

We will be using your information to:

  • Make decisions and provide advice on all applications sent to the planning department
  • Work with other councils on strategic policies
  • Monitor development
  • Enter into legal agreements for example section 106 and Community Infrastructure Levy (CIL)
  • Complete and send reports to Government departments
  • Investigate breaches of planning
  • Administer the Planning application and appeals process
  • Support a fair and transparent Planning process
  • Monitor development and ensure development is lawful
  • Respond to queries or issues raised by you

We will not use your personal data for other purposes other than for what it was collated unless we have obtained your consent or for other lawful purposes (e.g. detection and prevention of fraud). We do not use automated decision making.

How long do we keep your information?

We will only keep your information for as long as we need to, so we can give you the service you need, unless we must keep it for legal reasons.

All planning applications and enforcement notices are held on a public register and will not be deleted as we are required by law to maintain a register of both planning decisions and enforcement actions.

Where you have opted to create an account on Public Access, we will hold your personal information for the duration of the time you have an account and you can delete active accounts at any time. Accounts that have not been active for a period of 2 years will be deleted.

Data sharing

Information provided for planning matters is available for public viewing and is published online at www.eastsuffolk.gov.uk or can be requested by emailing planning@eastsuffolk.gov.uk

Where we have a lawful basis we may share your data internally with other council departments or externally with the following:

  • All district councillors
  • Anglia Revenue Partnerships (ARP)
  • Anglian Water
  • Environment Agency
  • Highways Agency
  • Suffolk County Council (Highways Authority, Archaeology, Planning, Drainage)
  • Health & Safety Executive
  • Local Government Ombudsman
  • National Grid
  • Natural England
  • Network Rail
  • New Anglia Local Enterprise Partnership
  • Local Government Association
  • Planning Inspectorate
  • Planning Portal
  • National Amenity Societies
  • Churches Conservation Trust (National)
  • Churches Conservation Trust (South East)
  • UK Power Ltd
  • Valuation Office Agency

The statutory provisions listed above may require us to share your details with other third parties not included in this list.

Transferring your information overseas

Currently, we do not transfer any personal information outside of the European Economic Area (EEA).

National Fraud Initiative (NFI)

We may share information provided to us with other bodies responsible for auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud. For further information, see the East Suffolk website.