Business Rates (or National Non Domestic Rates (NNDR)) are a tax that we collect on behalf of Central Government.
Processing activity - in order to provide the service, it is necessary for us to collect and hold personal information about you. The information collected and held will vary and depend on the nature of the service. In general terms, we process personal information relating to:
- reliefs (eg: discretionary rate relief)
- data matching
- state aid related matters
- general correspondence between you and us on matters related to the administration, billing, collection and enforcement of Business Rates
- investigating and if applicable, prosecuting for fraudulent activity
- correspondence with the Insolvency Service (see below)
Information requirements - our processing activities may include:
- full name
- address including postcode
- telephone number
- email address
- financial details
- trading name
- move in date
- move out date
- forwarding addresses
- liability order(s)
- our on-line payment system (for the recording of your payment only)
Do you have to provide your information? - without the information we may charge you the incorrect rate of business rates and you may not receive the exemptions or reliefs from business rates which you are entitled to. If we ask you to provide specific information in order to assess the correct amount of business rates payable and you do not provide this information, we may prosecute you. Deliberately providing false information in order to avoid or reduce business rates is also a crime.
Lawful bases1- - our lawful bases for processing your personal information are:
- UK GDPR Article 6(1)(c) - our legal obligation(s) under the Local Government Finance Act 1988
- UK GDPR Article 6(1)(c) -our legal obligation(s) under the Non-Domestic (Collection and Enforcement) (Local Lists) Regulations 1989
- UK GDPR Article 6(1)(c) - our legal obligation(s) under the Serious Crime Act 2007
- UK GDPR Article 6(1)(c) -our legal obligation(s) under the Non-Domestic Rating (Alteration of Lists and Appeals) (England) Regulations 2009
- UK GDPR Article 6(1)(c) -our legal obligation(s) under the Non-Domestic Rating (Chargeable Amounts) (England) Regulations 2009
- UK GDPR Article 6(1)(c) -our legal obligation(s) under the Business Rates Supplements Act 2009
- UK GDPR Article 6(1)(c) -our legal obligation(s) under the Non-Domestic Rating (Rates Retention) Regulations 2013
- UK GDPR Article 6(1)(c) -our legal obligation(s) under the Non-Domestic Rating (Levy and Safety Net) Regulations 2013
- UK GDPR Article 6(1)(c) -our legal obligation(s) under the Non-Domestic Rating (Designated Areas) Regulations 2013
- UK GDPR Article 6(1)(c) -our legal obligations(s) under the Debt Respite Scheme (Breathing Space Moratorium and Mental Health Crisis Moratorium) (England and Wales) Regulations 2020)
- Article 6(1)(e) UK GDPR & s.8(c) Data Protection Act 2018 - where needed for the performance of a task carried out in the public interest (under the above legislation) and the Subsidy Control Act 2022
- UK GDPR Article 9(2)(g) as supplemented by the Data Protection Act 2018 section 10(3) & Schedule 1, Part 2, paras 6(1) and (2)(a) - where processing is necessary for the reasons of substantial public interest
- UK GDPR Article 10(1) and Data Protection Act 2018 section 10(3) & Schedule 1, Part 2, para.10 - processing of data relating to criminal convictions and offences - – justified by the Serious Crime Act 2007
Reasons for processing - some of the information that is collected and shared is classified as criminal convictions and offences (including alleged offences) - Article 10 UK GDPR. This is processed for reasons of substantial public interest under the laws that apply to us (see above) where this helps to meet our broader social obligations such as where it is necessary for us to fulfil our legal obligations and regulatory requirements. We have a Data Protection Policy that sets out how this information will be handled.
Data sharing - we may share your information with partner organisations that inspect or handle public funds, to prevent and detect fraud and error including:
- council department(s)
- BEIS (subsidy and Covid grant related matters)
- other local authorities
- HM Revenue and Customs
- Cabinet Office (as part of the National Fraud Initiative)
- National Audit Office
- Destin Solutions Ltd (to cross check business rates relief on non-domestic properties (excluding empty rate relief) against English local authorities’ similar data sets) for detection of fraud
The Insolvency Service may share your information with us (pursuant to the Debt Respite Scheme (Breathing Space Moratorium and Mental Health Crisis Moratorium) (England and Wales) Regulations 2020). As a creditor, if we are told by the Insolvency Service that a debt owed by you is in a breathing space, we must stop all action related to that debt and apply the protections. These protections must stay in place until the breathing space ends.
We have a legal obligation to share information with the Valuation Office Agency and we share with and use enforcement agents during the course of enforcing business rates liability orders.
We subscribe to a tracing system called LoCTA which allows us to search a subset of all subscribing local authorities’ revenues systems to trace individuals who have an outstanding council tax debt and to prevent duplicate council tax claims. We also subscribe to a search and trace system provided by TransUnion. We use Analyse LOCAL for NNDR checks, challenge and appeal information and RV finder.
HMRC: Where we detect suspicious behaviours of fraud and/or crime across our functions, we have may receive from and share information with HMRC (Customer Compliance Group – RIS Intelligence, Volume Intelligence, Intelligence Exchange).
We may also rely on a number of exemptions, which allow us to share information without needing to comply with all the rights and obligations under the Data Protection Act 2018. Please refer to the Kent and Medway Information Agreement for further details on our sharing arrangements.
Retention period - we keep your personal information for the minimum period necessary. The information outlined in this Privacy Notice will be kept after business rates liability has ended, after any recovery and enforcement action has been completed and the period required by us for legal and audit purposes has expired, unless exceptional circumstances require longer retention eg: a pending court case. All information will be held securely and disposed of confidentially.
Automated decision making - we may make automated decisions to end some time-limited discounts and exemptions, to include small business rate relief following the result of a review undertaken by us in order to protect the public funds that we handle. You have a right of appeal against our automated decision-making.
Anonymisation - your personal information may be converted ('anonymised') into statistical or aggregated data in such a way that ensures that you cannot be identified from it. Aggregated data cannot, by definition, be linked back to you as an individual and may be used to conduct research and analysis, including the preparation of statistics for use in our reports.
Right to object - where processing your personal information is required for the performance of a public interest task (see our lawful bases above), you have the right to object on ‘grounds relating to your particular situation’. We will have to demonstrate why it is appropriate for us to continue to use your personal data.
Please refer to our Corporate Privacy Notice for further details of how we process your personal information and for details on your additional rights.
1 Note that we may process your personal information on more than one lawful basis depending on the specific purpose for which we are using your information
GDPR/ Business rates (NNDR) Privacy Notice