Privacy notice relating to the processing of personal data by Rhondda Cynon Taf County Borough Council for the purpose of The Welsh Church Act Fund
Introduction
This privacy notice is intended to provide information about how Rhondda Cynon Taf County Borough Council (referred to as ‘RCTCBC’, ‘Council’, ‘Local Authority’, ‘we’) will use (or ‘process’) personal data about individuals for the purpose of The Welsh Church Act Fund.
This notice should be read in conjunction with;
The Data Controller
The Council is the data controller for the personal data processed for the purposes of The Welsh Church Act Fund.
The Council is registered with the Information Commissioner’s Office (ICO) as a controller under reference Z4870100.
Queries relating to this privacy notice
If you have any questions or queries relating to this privacy notice please contact the Regeneration Team as follows:
By email : regeneration@rctcbc.gov.uk
By telephone : 01443 281124
In writing : Regeneration Team, Business Support Unit, Ty Elai, Dinas Isaf Industrial Estate, Williamstown, Tonypandy, CF40 1NY
Who we are what we do
The Welsh Church Act Fund was established from the proceeds and assets of the disestablishment of the Church in Wales and is an independent charitable trust.
The fund is available to churches, chapels, places of public worship community groups and charities who provide activities that have long term benefit to residents and communities.
The fund is administered by Rhondda Cynon Taf Council on behalf of Merthyr and Bridgend Councils.
Whose personal data we process
We process data in relation to individuals who submit applications to receive funding through the Welsh Church Act.
The categories of personal data we process
We may process the following categories of personal data to administer the fund:
- Contact Information such as name, address, email address and telephone number
- Financial Information
Why we process the personal data
We process the personal data to administer the fund. This may include but is not limited to the following activities;
- Provide pre-application advice and guidance.
- Complete internal checks with other internal Council departments such as planning and licencing to assess eligibility.
- Check with partner Local Authorities (Merthyr CBC and Bridgend CBC) to complete eligibility checks such as planning and licencing for applications received within their catchment areas.
- Assess, approve, and make payments in respect of applications.
- Complete monitoring checks for audit purposes.
Our lawful basis for processing the personal data
Under the General Data Protection Regulation (GDPR), our lawful basis for processing the personal data to administer the fund is;
- Public Task - Article 6 (e) – processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
The primary legislation, regulations and guidance that supports this includes, but is not limited to;
- Welsh Churct Act 1914
- Well-being of Future Generations (Wales) Act 2015
Who or where we get the personal data from
We receive the data from service users who submits an application for the fund.
Who we share personal data with
We may share the personal data with the following key organisations to administer the fund.
When sharing the personal data, we only share the minimum amount necessary in relation to the purpose.
|
Who
|
Purpose
|
|
Internal Council Departments
- Planning / Building Control
- Licensing
- Finance
|
To assess Eligibility and make payments in relation to the fund
|
|
Other Local Authorities
|
To assess Eligibility for applications received within their local area
|
|
Wales Audit Office
|
To comply with sample checks on grants as part of the annual audit for the fund.
|
Data Processors
A data processor is a company or organisation that processes personal data on our behalf. Our data processors act only upon our instruction. They cannot do anything with the personal data unless we instruct them to do so. They will not share the personal data with any organisation apart from us or use it for their own purposes. They will hold it securely and retain it for the period we instruct.
The categories of data processors we use for the purpose of administering the fund is:
- It Suppliers – Evolutive
How long we retain the personal data
We retain the personal data contained with the records for:
|
Length of time
|
Reason
|
|
Not Progressed applications and all supporting information -end of the financial year the application was received
|
Business Reason
|
|
Approved applications and all supporting information – current financial the last payment is made + 7 Years
|
In line with financial retention schedule
|
In keeping with the General Data Protection Regulation storage limitation principle, records are periodically reviewed. Not all personal data is retained. Only personal data that is relevant to the record is retained for the entire retention period. Information that has no long term or evidential value is routinely destroyed in the normal course of business.
Your data protection rights
The General Data Protection Regulation (GDPR) gives individuals important rights, including the right of access to the personal data that the Council holds about you.
Click here for further information on your information rights and how to exercise them.
Your right to make a data protection complaint to the Council
You have the right to complain to the Council if you believe we have not handled your personal data responsibly and in line with good practice.
You can do this by contacting the Enterprise Team directly via one of the following communication methods. Most concerns can be resolved relatively quickly through a simple phone call or email;
By email : regeneration@rctcbc.gov.uk
By telephone : 01443 281124
In writing : Regeneration Team, Business Support Unit, Ty Elai, Dinas Isaf Industrial Estate, Williamstown, Tonypandy, CF40 1NY
Alternatively, you can raise a formal complaint via the Council’s Customer Feedback Scheme using the following link (Make a comment, compliment or complaint online) or you can contact the Council’s Data Protection Officer at Information.management@rctcbc.gov.uk.
Your right to make a data protection complaint to the ICO
You also have the right to complain to the ICO if you are unhappy with how we have used your data. However, we encourage you to contact us first and provide us with an opportunity to look into your concern and put things right.
The ICO can be contacted:
- Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
- Helpline number: 0303 123 1113
- Website: https://www.ico.org.uk