Financial Services Privacy Notice
Privacy Notice for Financial Services
Our department comprises an accountancy service team comprising financial services, treasury, procurement and insurance. Our services include financial planning, statements of accounts, budgeting, financial systems and controls, debt collection, payments and strategic payroll.
The CIPFA Statement on the role of the Chief Financial Officer (CFO) in local government describes the responsibilities of the CFO, including responsibility for the finance function.
We are required to comply with professional standard, government guidance and other professional codes of conduct.
Processing activity - In general terms, we process personal information relating to the following areas:
- setting up and maintaining records relating to debtors
- processing payments to external individuals
- processing payments to employees and elected councillors
- procurement card administration
- recording transactions on the ledger
- accounting for expenditure and income
- budget setting and budget monitoring
- providing financial management information
- costing staffing budgets
- providing financial analysis and advice to internal customers
- submission of grant funding claims
- administering prepaid cards for direct payment clients
- calculating and setting council housing rents
- administration of employee car loans and leases
- managing insurance claims from the public, employees and clients
- general correspondence between you and us
Information requirements - our processing activities may include:
- name, address, telephone, email address
- date of birth
- employee information, for example, payroll number, salary, taxation, national insurance, pension details, sickness details
- bank account details
- mortgagee details of individuals purchasing/leasing shared ownership/residential properties at The Bridge
- housing rent account details
- commercial property lettings tenants’ details
- details of the type of business carried out by those parties leasing commercial units from us
- vehicle details (lease car scheme)
- insurance proposals
- personal details relating to insurance claims
- insurance related legal records
- our payment system (for the recording of your payment only)
Failure to provide your personal data may result in us being unable to complete transactions with you.
Lawful bases1- our lawful bases for processing your personal information are:
- where it is necessary to fulfil your contractual obligations with us eg: the payroll function
- our legal obligation(s) under the:
- Local Government Act 1972 (Section 151 - requires local authorities to make arrangements for the proper administration of their financial affairs)
- Local Government Finance Act 1988 (rates)
- Local Government Finance Act 1992 (council tax)
- Local Government Finance Act 2003
- Local Audit and Accountability Act 2014
- HMRC Compliance Handbook Manual
- where it is necessary for the establishment, exercise or defence of legal claims
- where needed for the performance of a task carried out in the public interest and the task or function has a clear basis in law
- in the exercise of official authority vested in us and the task or function has a clear basis in law
Data sharing - we may share and receive information from:
- our department(s)
- Government agencies
- Cabinet Office (as part of the National Fraud Initiative)
- service providers
- professional advisers
- internal and external auditors
- law enforcement authorities
- Her Majesty’s Revenue and Customs
- insurance providers, brokers and claims’ handlers
We may lawfully disclose information to public sector agencies to prevent or detect fraud or other crime, or to support the national fraud initiatives and protect public funds under the Local Audit and Accountability Act 2014. Under the Digital Economy Act 2017, we may also share personal data provided to us with other public authorities as defined in the Act, for the purposes of fraud or crime detection or prevention, to recover monies owed to us, to improve public service delivery, or for statistical research. We do not share the information with other organisations for commercial purposes.
We may also rely on a number of exemptions, which allow us to share information without needing to comply with all the rights and obligations under the Data Protection Act 2018. Please refer to the Kent & Medway Information Agreement for further details on our sharing arrangements.
Retention period - we keep your personal information for the minimum period necessary. The information outlined in this Privacy Notice will be kept in accordance with the retention periods referred to in our Asset Information Register (Financial Services). All information will be held securely and disposed of confidentially.
Anonymisation- your personal information may be converted ('anonymised') into statistical or aggregated data in such a way that ensures that you cannot be identified from it. Aggregated data cannot, by definition, be linked back to you as an individual and may be used to conduct research and analysis, including the preparation of statistics for use in our reports.
Right to object - where processing your personal information is required for the performance of a public interest task (see our lawful bases above), you have the right to object on ‘grounds relating to your particular situation’. We will have to demonstrate why it is appropriate for us to continue to use your personal data.
Changes to this Privacy Notice - we review this Privacy Notice regularly and will place updates on our website.
Please refer to our Corporate Privacy Notice for further details of how we process your personal information.
1 Note that we may process your personal information on more than one lawful basis depending on the specific purpose for which we are using your information
GDPR Financial Services Privacy Notice