Skip to content

Gloucestershire County Council Privacy Notice

Gloucestershire County Council logo with crest

We process the personal data that we collect for a number of different purposes. This privacy statement gives a general overview of how we use personal data.

As we offer a diverse range of services, the notice is layered, with general information supported by service specific privacy notices. These provide more detailed information about how we handle your information for specific council services, including who we will share your information with and why.

How long do we keep your personal data for?

We keep personal data for different lengths of time, depending on the reason it was collected and the services is was used by.

Sometimes the law will specify how long we have to hold personal data for, in other cases we will determine the length of time.

You can find detailed information on how long we keep personal data in our Records Retention and Disposal Schedule, available on our How long do we keep records for? page.

How do we keep your personal data secure?

Technical and physical security measures

The council protects the privacy and security of the data that we control and use. This protection includes:

  • Baseline security recruitment checks;
  • Controlled access to buildings;
  • Restricted and controlled access to the council’s ICT network;
  • Automatic locking of PCs when not in use;
  • Virus protection and firewalls;
  • Secure email;
  • Patching and updating of systems to maintain the security and integrity of the council network.

Organisational measures

To support the physical and technical measures we have a range of controls that helps us secure your personal data, including:

  • An Information and Data Management Strategy;
  • A suite of data protection, information security and management policies;
  • An Information Board that oversees information management activity;
  • A Senior Information Risk Owner (SIRO); a Director with accountability for information security;
  • Caldicott Guardians;
  • Online training for staff – completion is monitored and recorded electronically;
  • A clear procedure for reporting and dealing with suspected breaches of data protection;
  • An approach that is accredited by the NHS Data Security and Protection Toolkit;
  • Internal Audit; and
  • Robust procurement security assessments and contractual clauses.
Page updated: 22/02/2021 Page updated by: Information Management Service

Help us improve Gloucestershire County Council

Don’t include personal or financial information like your National Insurance number or credit card details.