This privacy notice explains how Ards and North Down Borough Council, (as a Data Controller), collects, uses and protects personal data that it holds.
Your personal data - what is it?
Personal data is any data that identifies or relates to a living individual. Identification can be through the information alone or in conjunction with any other information in the Council's possession or likely to come into its possession. The processing of personal data is governed by The Data Protection Act (DPA) 2018 and UK GDPR (General Data Protection Regulation) and the principles set out in them.
Who are we?
Ards and North Down Borough Council is the data controller for the purposes of this notice. This means it decides how your personal data is processed and for what purposes. More information about Council services can be found on this website.
How does the Council process your personal data?
The Council complies with its obligations under the GDPR, and the principles of the DPA, by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
Under the DPA and GDPR, the Council has a legal duty to protect any personal data it collects. It will take all reasonable steps, including using technologies, to safeguard your data and keep strict security standards to prevent any unauthorised access to it.
What is the legal basis for processing your personal data?
The purposes for which the Council is processing your personal data will determine the legal basis for processing. Generally, the legal basis for processing by the Council as a public authority will be:
- To perform a function or provide a service required by statute (Article 6 (1) (e) GDPR)
- To comply with a legal obligation (Article 6 (1) (C) GDPR)
- Where the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Article 1(b) GDPR)
- Where disclosure is in the vital interests of yourself or another person (Article 6 (1) (d) GDPR)
- With your explicit consent (Articles 6 (1) (a) and 9 (2) (a) GDPR)
In addition, the Council may process your personal information where it is in your legitimate interests, however, this does not apply where the processing relates to the Council's statutory functions.
Where the purpose for processing your personal data has changed, you will be contacted and you will, where applicable, be advised at the point of collection or within one month of the Council receiving information, of the legal basis for the processing of your personal information.
In certain circumstances you may be able to withdraw your consent to processing. Please contact the Council's Data Protection Officer (contact details provided below), who will explain if your consent can or cannot be withdrawn.
Sharing your personal data
Depending on the purpose for which your personal data was originally obtained, and the use to which it is to be put, it may be shared with other organisations. Personal data may be shared, where necessary, with other organisations that provide services on our behalf, for example, contractors who print and post events brochures.
In such cases, the personal data provided to that party is only the minimum necessary to enable them to provide services to you.
In most cases the Council will not disclose your personal data without your consent, however there may be statutory or regulatory circumstances when your consent is not required.
How long do we keep your personal data?
The Council will only keep your personal data for as long as is necessary and for the purpose for which it is being processed, unless there is a legitimate reason for keeping it longer, for example, any legal requirement to keep data for a set time period. Where the Council does not need to continue to process your personal data, it will be securely destroyed, in line with the Council's Retention and Disposal Schedule.
Your rights and your personal data
Unless subject to an exemption under GDPR, you have the following rights with respect to your personal data to:
- request a copy of the personal data which is held about you
- request that the Council corrects any personal data if it is found to be inaccurate or out of date
- request that your personal data be erased where it is no longer necessary for the Council to retain such data
- withdraw your consent to the processing
- request that the Council provides you with your personal data or ask that it be forwarded directly to another controller
- request that a restriction be placed on further processing where there is a dispute in relation to the accuracy or processing of your personal data
- object to the processing of personal data (where applicable)
- lodge a complaint with the ICO
You can access the personal information that is held about you by submitting a Subject Access Request (SAR) to the Council. This request must be in writing and clearly specify the information you require and be made to the Data Protection Officer (contact details below).
Complaints or queries
The Council will strive to meet the highest data governance standards when collecting and using personal information. For this reason, it takes any complaint about this very seriously.
The Council encourages people to contact it if they think that the collection or use of information is unfair, misleading or inappropriate.
If you have any concerns, questions or comments please email the Council's Data Protection Officer: dataprotection@ardsandnorthdown.gov.uk
If you are unhappy with the way in which the Data Protection Officer has dealt with matters, then you may request that the handling of the matter be reviewed by the Director of Organisational Development and Administration.
If you are unhappy with the outcome of that review process you can contact the Information Commissioner's Office (ICO) at:
ICO Office Northern Ireland 3rd Floor, 14 Cromac Place, Belfast BT7 2JB
Telephone: 028 9027 8757 / 0303 123 1114
Email: ni@ico.org.uk
Privacy in relation to Planning
For information on how the Planning section look after your personal data please refer to the planning section of the website at Planning Privacy Policy
Household Recycling Centre Booking System Privacy Notice
For information on how the Household Recycling Centre (HRC) Booking System uses you personal date please read the HRC Booking System Privacy Notice (PDF) [55KB](opens new window)
Social Media - Terms of Use
Ards and North Down Borough Council uses social media platforms as a means to communicate with residents within the Borough as well as promoting the area to those outside of it. Social media is monitored during office hours and House Rules apply to comments. Download the Terms of Use/House Rules for Council social media channels (PDF) [398KB](opens new window)
Books of Condolence
All comments on Books of Condolence will be subject to moderation, read more: Book of Condolence - Moderation (PDF) [63KB](opens new window)
Cookies
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
You can choose to accept or decline cookies. You can usually modify your browser setting to decline cookies if you prefer. To find out more about cookies, including how to see what cookies have been set, visit About Cookies or All About Cookies | Online Privacy and Digital Security
Find out how to manage cookies on popular browsers:
Google Chrome
Microsoft Edge
Mozilla Firefox
Microsoft Internet Explorer
Opera
Apple Safari
To find information relating to other browsers, visit the browser developer's website.
To opt out of being tracked by Google Analytics across all websites, visit Google Analytics Opt-out Browser Add-on Download Page
Necessary
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
| Cookie | Duration | Description |
|---|---|---|
| PHPSESSID | session | This cookie is native to PHP applications. The cookie stores and identifies a user's unique session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted when all the browser windows are closed. |
| exp_csrf_token | 2 hours | This cookie is used for the purpose of website security that is Cross-Site-Request forgery prevention. It is used to identify the trusted web traffic. |
| JSESSIONID | session | New Relic uses this cookie to store a session identifier so that New Relic can monitor session counts for an application. |
| ARRAffinitySameSite | session | This cookie is set by Windows Azure cloud, and is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. |
| ARRAffinity | session | ARRAffinity cookie is set by Azure app service, and allows the service to choose the right instance established by a user to deliver subsequent requests made by that user. |
| ASP.NET_SessionId | session | Issued by Microsoft's ASP.NET Application, this cookie stores session data during a user's website visit. |
| __RequestVerificationToken | session | This cookie is set by web application built in ASP.NET MVC Technologies. This is an anti-forgery cookie used for preventing cross site request forgery attacks. |
| cookieyes-consent | 1 year | CookieYes sets this cookie to remember users' consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about the site visitors. |
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
| Cookie | Duration | Description |
|---|---|---|
| exp_last_visit | 1 year | This cookie is used by the website Content Management System. This cookie is used to store the last visit date of the registered users. |
| exp_last_activity | 1 year | This cookie is used by the website Content Management System. This cookie is used to record the time of last page load. |
| exp_tracker | session | This cookie is used by the website Content Management System. This is a temporary cookie which expires when the visitor close the browser window. This cookie stores the last five pages viewed by the visitor for form or error message returns. |
| _ga | 1 year 1 month 4 days | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. |
| _gid | 1 day | Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously. |
| _gat_UA-* | 1 minute | Google Analytics sets this cookie for user behaviour tracking. |
| _ga_* | 1 year 1 month 4 days | Google Analytics sets this cookie to store and count page views. |
Advertisement
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
| Cookie | Duration | Description |
|---|---|---|
| YSC | session | Youtube sets this cookie to track the views of embedded videos on Youtube pages. |
| VISITOR_INFO1_LIVE | 6 months | YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface. |
| yt-remote-device-id | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
| yt-remote-connected-devices | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
| yt.innertube::requests | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
| yt.innertube::nextId | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
Uncategorised
Other uncategorised cookies are those that are being analysed and have not been classified into a category as yet.
| Cookie | Duration | Description |
|---|---|---|
| machine | session | No description available. |
| SERVERUSED | session | No description available. |
| VISITOR_PRIVACY_METADATA | 6 months | Description is currently not available. |
| session | session | No description available. |
Share this page
