CFRS privacy notices

Who we are
What personal information we obtain
Why we collect information about you
How we use your information
Information sharing
How long your information will be held
How we protect your information
Your information rights
Contact Information
How to complain
Service specific privacy notices

We are updating our Privacy Notice to reflect the changes we have made. This is part of our ongoing commitment to be transparent about how we use your data and keep it safe. We are including changes to address the new standards introduced by the European data protection law. This is known as the General Data Protection Regulation (GDPR).

Our privacy notices set out how we, Resilient Cornwall; including Cornwall Fire and Rescue Service, collect, store and handle your personal information. They also include what your information rights are. Your rights will vary with the service being used. We provide a wide range of public services, so one notice for all services may not give you enough detail. You can also find links to further notices for each service area. There may be a service specific privacy notice for you to find out how your information is used and your rights.

Personal information may be collected:

on a paper or online form
by telephone
by email
on CCTV
by a member of our staff
by one of our partners

Who we are

Cornwall Council is registered as a ‘data controller’ under the Data Protection Act. Resilient Cornwall is a service within Cornwall Council and is responsible for controlling how your personal data is used. You can contact the Data Protection Officer by email (address) or by writing to the address at the end of this notice.

ICO registration: Z1745294

Address: Cornwall Council, New County Hall, Treyew Road, Truro TR1 3AY

We collect and process personal information about you. We process and hold your information in order to provide public services. This notice explains how we use and share your information. Information may be collected on paper or online form, by telephone, email, CCTV or by a member of our staff, or one of our partners.

We will continually review and update this privacy notice to reflect changes in our services and feedback from service users, as well as to comply with changes in the law. When such changes occur, we will revise the ‘last updated’ date on this document.

What personal information we obtain

Our ICO registration entry describes in general terms the purposes, the categories of personal data and the categories of the recipients – see entry Z1745294. This entry applies to council staff and members of the public. For further details see Service specific privacy notices.

Why we collect information about you

We need to collect and hold information about you, in order to:

deliver public services
confirm your identity to provide some services
contact you by post, email or telephone
understand your needs to provide the services that you request
obtain your opinion about our services
update your customer record
help us to build up a picture of how we are performing at delivering services to you and what services the people of Cornwall need
allow us to undertake statutory functions efficiently and effectively
make sure we meet our statutory obligations

We may not be able to provide you with a product or service unless we have enough information, or your permission to use that information.

How we use your information

We will use the information you provide in a manner that conforms to the Data Protection legislation. We will endeavour to keep your information accurate and up to date and not keep it for longer than is necessary. In some instances the law sets the length of time information has to be kept.

In general, we process your information for the following purposes:

for the service you requested, and to monitor and improve the Service's performance in responding to your request
to allow us to be able to communicate and provide services and benefits appropriate to your needs
to ensure that we meet our legal obligations
where necessary for the law enforcement functions
to prevent and detect fraud or crime
to process financial transactions including grants, payments and benefits involving the Services, Council, or where we are acting on behalf of other government bodies, e.g. Department for Work and Pensions
to collect monies owed to us
where necessary to protect individuals from harm or injury
to allow the statistical analysis of data so we can plan the provision of services.

We will not pass any personal data on to third parties, other than those who either process information on our behalf, or because of a legal requirement, and it will only do so, where possible, after we have ensured that sufficient steps have been taken to protect the personal data by the recipient. We do not sell your information to any organisation.

We will not disclose any information that you provide ‘in confidence’ to us, to anyone else without your permission, except in the few situations where disclosure is required by law, or where we have good reason to believe that failing to share the information would put someone else at risk. You will be told about this.

Information Sharing

We may need to pass your information to other people and organisations that provide the service. These providers are obliged to keep your details securely, and use them only to fulfil your request. If we wish to pass your sensitive or confidential information onto a third party, we will only do so once we have obtained your consent, unless we are legally required to do so.

We may disclose information to other partners where it is necessary, either to comply with a legal obligation, or where permitted under the Data Protection Act, e.g. where the disclosure is necessary for the purposes of the prevention and/or detection of crime.

Where we need to disclose sensitive or confidential information such as medical details to other partners, we will do so only with your prior explicit consent or where we are legally required to.

We may disclose information when necessary to prevent risk of harm to an individual.

At no time will your information be passed to organisations external to us and our partners, for marketing or sales purposes or for any commercial use without your prior express consent.

We will provide further information of what information is shared with other organisations on data collection forms, service specific privacy notices and sharing agreements.

How long your information will be held

We will not keep your information any longer than needed to provide the services you require. We may keep your data longer if we need to retain it for legal, regulatory or best practice reasons. We will tell you in our service specific privacy notices of the retention period that applies.

How we protect your information

Our aim is not to be intrusive, and we won’t ask irrelevant or unnecessary questions. The information you provide will be subject to rigorous measures and procedures to make sure it can’t be seen, accessed or disclosed to anyone who shouldn’t see it. We have an Information Governance Framework that includes a Data Protection and Privacy Policy and a set of Information Security policies. These define our commitments and responsibilities to your privacy and cover a range of information and technology security areas. We provide training to staff who handle personal information and treat it as a disciplinary matter if they misuse or do not look after your personal information properly. We will not keep your information longer than it is needed or where the law states how long this should be kept. We will dispose of paper records or delete any electronic personal information in a secure way.

Your information rights

You have the right to request that Resilient Cornwall, part of Cornwall Council stop processing your personal data in relation to any service it provides. However, this may cause delays or prevent us delivering a service to you. Where possible we will seek to comply with your request but we may be required to hold or process information to comply with a legal requirement.

We try to ensure that any information we hold about you is correct. There may be situations where you find the information we hold is no longer accurate and you have the right to have this corrected. Please contact the relevant service/team holding your information.

You are legally entitled to request access to any information about you that we hold, and a copy using the subject access request. To access this please go to:

Contact Information

If you would like to discuss anything in this privacy notice, please contact:

Data Protection Officer

Data Protection Team,
Cornwall Council,
County Hall,
Truro,
TR1 3AY

Telephone: 01872 326424

Email: dataprotection@cornwall.gov.uk

How to complain

If you wish to complain about your personal data privacy or information rights please contact the service in the first instance or visit the Council's web page - Feedback and complaints

If you wish to raise the matter directly with the Data Protection Officer, use the contact details above.

Information Commissioner

If you have concerns about the use of your personal data, the Information Commissioners Office is an independent body set up to uphold information rights in the UK. They can be contacted through their website: www.ico.org.uk or their helpline on 0303 123 1113, or in writing to:

Information Commissioner’s Office
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire
SK9 5AF

For more information about your rights: