Skip to main content
BCP Council

People & Culture privacy notice

Skip to contents of guide

Please read our general privacy notice as well as this notice.

What we do

People & Culture includes the following teams:

  • HR Business Partners
  • Employee Relations & Change Teams
  • Talent Acquisition & Recruitment Teams
  • People & Culture Service Delivery Team
  • People & Culture Systems and Data Team
  • Payroll & Pensions
  • Workforce Development

The purposes we use your personal information for

HR & OD use the personal information you give us to process your employment, payroll and pensions records and to process any applications via our recruitment system. This includes pre-employment health checks, DBS and right to work in the UK checks.

We have a legal requirement to obtain this information and a legal requirement to share it with certain Government bodies for PAYE, Pensions administration, fraud avoidance, statistical analysis or financial management.

We use computer databases to process and store your information. These databases are located in the UK and are held securely in a password-protected environment. Only authorised officers have access to the databases.

The personal information we collect and use

We only obtain and use the information we need to provide our services to you. We may obtain and use special category information.

We will collect enough personal information in order to provide you with services for the following purposes:

  • processing an application for employment and associated pre-employment checks
  • creating and maintaining worker / employment record and training records
  • to meet our obligations set out in your contract of employment
  • to calculate your pay and report PAYE to HMRC
  • to administer your pension record and report information to the appropriate pension scheme body
  • to support with reasonable adjustments
  • to maintain workforce equality metrics

We are not permitted to collect information we do not need or will not use. This document covers information you have provided direct to the Council and information which has been shared with us by other organisations.

If we don’t need your personal information we will either keep your details anonymous, if we already have it for another service or we won’t ask you for it. If we use your personal information for research or analysis, we will always keep your details anonymous or use a fake name.

We don’t sell your personal information to anyone else.

The law we use to process your personal information

According to the General Data Protection Regulations (GDPR) and the Data Protection Act 1998, we must have a reason to collect and use your information.

This will be to:

  • deliver services and support you
  • enable us to manage the services we provide
  • train and manage our workers who deliver those services
  • investigate any worries or complaints you may have about our services
  • check the quality of our services
  • help with research and planning of new services.

There are a number of legal reasons why we need to collect and use your personal information. For this service:

(i) Contract (GDPR Article 6(1)(b)): you have entered into a contract with us.

(ii) Legal obligation (GDPR Article 6(1)(c)): for example if it is required by employment law and HMRC regulations, and other applicable laws to which the Council is subject.

Our service also needs to use sensitive personal data also called “special category data” which requires more protection to keep it safe. This is often information you would not want to be widely known and is very personal to you. It includes:

  • sexuality or sexual heath
  • religious or spiritual or philosophical beliefs
  • ethnicity
  • physical or mental health
  • trade union membership
  • political opinions
  • genetic or biometric data
  • criminal history

We will take extra care of this data. We also use these additional sections of the GDPR conditions to process your special category personal information.

i) Vital Interests (GDPR Article 9(2)(c)) 

ii) Employment, social security and social protection law (GDPR Article 9(2)(b) 

iii) Criminal convictions (GDPR Article 10)

Health emergency information sharing

In the event of a health emergency, including a mental health crisis, we may need to share your personal information with healthcare professionals or emergency services. This measure is crucial to ensure your safety and well-being, as well as to provide you with the necessary care and support during such times. We are committed to handling your information with the utmost confidentiality and will only share it when it is essential for your health and safety. 

Accessing the information we hold about you

You have the right to request, in writing, details of the information that is held about you and also the right to access a copy of the information. This may be by the Council providing copies of documents or by inviting you to view the records at one of its offices, if appropriate. Please see our webpage for further information about how to make a subject access request.

The Council will not charge a fee to access your information. Sometimes there may be information that we are not allowed to show you, such as:

  • legal information or advice
  • crime prevention and detection records
  • information that we believe may be harmful to you and your well-being
  • details about or provided by other people – this is called third party information (e.g. information from the Police or Department for Work & Pensions)

You may also ask us to:

  • stop processing your information if this causes or might cause damage or distress
  • stop processing your information for direct marketing
  • make decisions about you using your information by automated means (e.g. using computers to decide on an entitlement)
  • amend any of your data which you feel is inaccurate. You can also ask for information to be blocked, erased or destroyed
  • transfer your information electronically to another service provider
  • consider a claim for compensation for any damages caused by a breach of the Data Protection regulations

If you give consent for us to use your information, you may withdraw this at any time. However, this may affect our ability to continue to provide you with HR, Payroll or Pension services. 

Who we may share your information with

We use a range of organisations to either store personal information or to help deliver our services to you and for prevention and detection of Crime. Sometimes we have a legal duty to provide your personal information to other organisations, for example the court service or HMRC.

We may share your information with your manager and these other council departments:

  • Internal Audit
  • Revenues and Benefits

We may also share your personal information with these organisations:

  • Department for Work and Pensions
  • Her Majesty’s Revenue & Customs
  • Dorset County Council Pension Fund
  • Teachers Pensions
  • Other pensions Administrators
  • Her Majesty’s Tribunal Service
  • Office of National Statistics
  • Local Government Ombudsman
  • External Auditors
  • Other Local Authorities (in the context of the possible transfer of services in which you are involved).
  • Partners eg NHS (to facilitate secondment working arrangements)
  • The Cabinet Office (NFI – National Fraud Initiative)
  • Disclosure and Barring Service
  • People Asset Management
  • The Home Office (right to work / visa)
  • Trade Unions
  • Education and Skills Funding Agency

National Fraud Initiative

The Council is engaged with the National Fraud Initiative. This is an exercise that matches electronic data between public and private sector bodies to prevent and detect fraud. This is a government backed initiative to protect public funds. If you would like to know how your information is used in this initiative please read more on NFI Privacy.

Your information will not be disclosed to any other organisations, except where we are required and allowed to by law.

How long we keep information about you

We keep records and documentation for six years after your employment has ended. We have to keep some of your information for longer periods to comply with the law . We retain this information only for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. Details of retention periods for different aspects of your personal information are available in our retention policy which is available on the Council’s intranet.   

Have you encountered a problem with this page?