Transfers out of the EEA

In the majority of cases your information will remain in the UK and it will not be necessary for us to transfer your personal data outside the European Economic Area (EEA). But there are some occasions where your information may leave or be accessed from outside the EEA. For example

• Where we use a cloud-based IT system to hold your data, and the data in the cloud is stored on servers located outside the EEA.  In these circumstances we safeguard your data through undertaking appropriate checks on the levels of security offered by the cloud provider and entering into a contract with them which applies protections of the same type and level required by data protection laws within the EEA
• Where we use an offshore third party supplier who provides technical support for council systems. Access by this supplier will be limited and only for the purposes of fixing any technical issues with those systems or data held within them.
• Where you are based outside the EEA and we need to send you emails or other communications which are necessary for the performance of our contract with you or to deliver the services we provide

If we do need to share your personal data outside of the EEA, we will endeavour to:

• Take all practical steps to make sur6e your personal information is not sent to a country that is not deemed to provide an adequate level of protection for personal data either by the UK government or the European Commission.
• Use specific contractual clauses approved by the European Commission which give personal data the same protection it has in the UK and Europe.
• Use only appropriate safeguards as set out in Chapter 5 of UK GDPR.