Solihull Council is committed to respecting your privacy. We use and share your personal information to enable us to identify, plan, deliver and monitor services that we provide to you and the community as a whole.
Data Protection legislation defines how the Council must collect, record, process store or dispose of your personal information. It must be:
- Processed lawfully, fairly and in a clear, transparent manner;
- Collected for specified, explicit and legitimate purposes and not processed in a way that is incompatible with those purposes;
- Adequate, relevant and not excessive for those stated purposes;
- Accurate and, where necessary, kept up to date;
- Kept in a format which allows identification of individuals for no longer than is necessary for the purposes for which it is processed;
- Kept secure by taking appropriate technical and organisational measures.
Data Protection legislation gives you a number of rights, which include:
- The right of access – to request access to your personal information and information about how we process it
- The right to rectification if information is inaccurate or incomplete;
- The right to erasure also known as ‘the right to be forgotten’. This will enable deletion or removal of personal information where there is not a legal or compelling reason to continue processing it;
- The right to restrict processing of your personal information This will block or suppress processing of personal information but will allow us to store it but not further use it;
- The right to data portability - to electronically move, copy or transfer your personal information in a standard form for your own purposes; for example, if switching energy providers;
- The right to object to processing of your personal information, including direct marketing and processing for the purposes of scientific/historical research and assistance;
- Rights related to automated decision making including profiling. This is where decisions are made solely by automated means without any human involvement.
Accessing Your Information
Data protection legislation gives you the right to request access to the information that the Council holds about you. However, as it is a legal process, the following ‘Frequently Asked Questions (FAQs) should help to inform you and guide you through it.
Frequently Asked Questions
Can I request access to a certain piece of my personal information?
Yes. If you would like access to a specific document or piece of information on your record between certain dates, this will be provided.
Is there a fee?
No, if you are applying to access personal information held by the Council you will not be charged for this service.
Can I see or have access to someone else's personal information?
No, you are not entitled to see someone else's information (even if they are known to you) unless they have given their permission for you to do so. Likewise, someone else can not ask for your information unless you have given permission for them to do so; this applies to spouses, relatives, friends etc.
What if I want access to my child(ren)’s personal information?
There are special rules that apply to a parent/guardian seeking access to their child(ren)'s information. If the child is aged 13 years or above, their consent may be required before any disclosure is made to a parent/guardian. This is because the legislation deems them to have the necessary legal capacity to make an informed decision about what happens to their personal information.
However, if they are under 13 years of age (or lack the capacity to understand the implications of a request), in addition to providing your identification, you must also provide evidence of parental responsibility. If it is in their best interests and there is not any legal reason preventing disclosure, the information will be provided.
What if I am making the request on behalf of somebody else?
Sometimes an individual may not be able to make the request for themselves; and may ask someone else to act on their behalf. Before we will process a request from a representative, we will require proof of consent from the individual whose information is being sought, for the representative to act on their behalf. If the individual is not capable of giving their consent, the representative may have the legal authority to act using a ‘power of attorney’.
Will I be given everything?
Usually, yes. However, there are circumstances where we may not be able to do so, for example:
- if your records contain details that identify someone other than yourself (even if they are known to you). If we do not have their consent, we are unable to provide this information to you and it will be redacted (blocked out) or removed. This may include whole pages from documents.
- if your records contain information that was provided by a third party, we may need to get permission from the provider of the information before it can be given to you.
- if providing the information may adversely affect a criminal investigation or prevent the detection of a crime.
How long will it take to get my records?
The legislation says that we must provide information within one month of receipt of a valid request. However, if the request is complex or voluminous this can be extended by a further two months.
How will you get the information to me?
For greater security, it will be provided electronically by:
- encrypted email; or
- on an encrypted disc sent by ‘Signed For’ delivery; or
- arranging for you to collect it from one of our offices.
Important note - please be aware that if you wish us to post the information to you, we will take every care to ensure that it is addressed correctly. However, we cannot be held liable if the information is lost in the post, incorrectly delivered or opened by someone else in your household.
What if I want information about the Council that is not personal information?
Requests for all other types of information can be dealt with either:
- as ‘business as usual’ by the relevant service; or
- under the Freedom of Information Act; or
- under the Environmental Information Regulations.
How do I make a request to access my personal information?
You will need to make your request in writing. The Council provides a vast amount of services, so simply asking for “everything the Council holds about me” can cause significant delays. Therefore, please be as specific as possible and provide as much detail as you can when making your request. It must include enough information about yourself and the information that you are seeking to enable the Council to identify you and your record(s).
You can download an access to records form or email the Corporate Information Governance Team at firstname.lastname@example.org to request a copy. Alternatively, you can write to:
Corporate Information Governance Team
What other information does the Council need?
We are legally required to confirm the identity of the requester; to ensure that we only disclose personal information to those who have a legal right to receive it.
Therefore, before we can process your request you will need to provide proof of identification. We will need to see a clear, full colour copy document; one from each of the lists below (unless an original is specified).
Identity Documents List 1:
- Current passport
- Current full driving licence
- Birth certificate (original certified)
- Adoption certificate (original certified)
- Marriage certificate (original certified)
- NHS Medical Card
Identity Documents List 2:
- Gas, Electricity or Water Bill (dated within last 6 months for your current address)
- Fixed Line Telephone Bill (dated within last 6 months for your current address)
- Council Tax Statement/Payment Book (dated for current year)
- Current bank, building society or credit card statement (showing your current address)
NOTE: We cannot accept provisional driving licences or mobile phone bills as identification.
What if I am not happy with how my request has been handled?
If you believe the Council has not correctly dealt with your request for access to records under data protection legislation, or you have identified any errors in your record(s), please write to:
Corporate Information Governance Manager
or email: email@example.com and tell us of your concerns. Your concerns will be investigated and you will be notified of the outcome within 10 working days of receiving your letter of concern.
If you remain unsatisfied with the outcome, you may refer the matter to the Information Commissioner’s Office (ICO). The ICO is responsible for enforcing data protection legislation and offers a range of publications about your rights, as well as advice and assistance:
Information Commissioner's Office
Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number. Website: www.ico.org.uk