How we use your personal information for Emergency Planning purposes

The Council provides services for local communities and the people who live in them.  Undertaking this work means that we must collect and use information about the people we provide services to and keep a record of those services. Because we collect and use personal information about individuals we must make sure that they know what we intend to do with their information and who it may be shared with. 

We have summarised in this privacy notice some of the key ways in which we use your personal information for Emergency Planning purposes. This information should be read in conjunction with the Council’s corporate privacy notice.

1.    Who we are, what we do.

Emergency planning should aim where possible to prevent emergencies occurring, and when they do occur, good planning should reduce, control or mitigate the effects of the emergency. It is a systematic and ongoing process which should evolve as lessons are learnt and circumstances change.

 

Emergency planning should be viewed as part of a cycle of activities beginning with establishing a risk profile to help determine what should be the priorities for developing plans and ending with review and revision, which then re-starts the whole cycle. Plans should focus on at least 3 key groupings of people - the vulnerable, victims (including survivors, family and friends) and responder personnel.

Integrated emergency management (IEM) comprises six related activities: anticipation, assessment, prevention, preparation, response and recovery.

2.    What and whose personal information we hold? 

We hold information about people in known/statutory risk areas (for example community flood groups or those inside public information zones covered by the Control of Major Accident Hazard (COMAH) Regulations, victims (including survivors, family and friends) and responder personnel (both Council and partner agencies).

 

The types of information we hold and process will typically include:

  • Details of those affected by or with the potential to be affected as part of an incident including name, address, dates of birth, contact details (telephone / e-mail), next of kin, special needs, health information. This could be before, during or after any incidents taking place
  • Addresses and appointment dates for dialysis patients
  • Contact details, including name, address, telephone numbers and e-mail addresses for staff / volunteers (both Council and partner agencies)
  • License applications from event organisers
  • Risk information such as flood maps and public information zones for sites covered by the Control of Major Accident Hazard (COMAH) Regulations
  • Training records

 3.    Where does the service get my information from?

We obtain some information directly from you, friends, neighbours or family for example registration forms at rest centres or for incident logs.

 

We may also obtain information from partner agencies or other services of the Council; there are duties under the Civil Contingencies Act around assessing risk, jointly planning, sharing information and responding to emergencies in order to provide the best, most joined up approach we can to those affected by emergencies or at risk.

 

We may also receive information from employers for example staff telephone numbers, addresses, etc.

4.    What we will do with your personal information?

We will use this personal information to prepare for, respond to and recover from incidents.

 

It will be used as part of our training programme.

 

From time to time we will share your personal information with third parties, including our contractors, response partners and statutory bodies such as the coroner.  These organisations are listed below.

 

In rare cases these recipients may be outside the UK. If this occurs, we will make sure that appropriate safeguards are in place to protect your information in accordance with applicable laws. 

 

Please use the contact details below if you want more information in connection with this.

5.    What is the legal basis for the use of this information?

The legal basis for our use of your personal information will generally be one or more of the following:

 

a)     In fulfilment of the statutory obligations placed on us, primarily under the Civil Contingencies Act 2004, the Control of Major Accident (COMAH) Regulations 2015, the Pipeline Safety Regulation 1996 and CONTEST – The United Kingdom’s Strategy for Countering Terrorism.

 

b)     We need to utilise your personal information to carry out a task in the public interest or in the exercise of official authority in our capacity as a public body.

6.    Does the service share my personal information with any other organisation?

From time to time the service will share your personal information with partner agencies to ensure the best approach we can to prepare for, manage and recover from emergencies.

 

In each case we will only do this to the extent that we consider the information is reasonably required for these purposes.

 

Other Organisations:

  •   Police
  •   Fire and Rescue
  •   Health
  •   Maritime and Coastguard
  •   Local Authorities
  •   Natural Resources Wales
  •   Utilities
  •   Telecommunications
  •   Transport Providers
  •   Highways Agency
  •   Health and Safety Executive
  •   Red Cross
  •   St Johns Ambulance
  •   Central Government
  •   Welsh Government
  •   Coroner
  •   Coal Authority
  •   Mines Rescue
  •   Royal Mint
  •   Military

Contractors:

  •   Kenyons
  •   Resilience Direct

7.    How long will my information be kept?

We will only keep your personal information for as long as needed to fulfil the reason it has been provided. In practice this will vary:

  •   Community Risk Register – kept up to date (annual review)
  •   Contacts - kept up to date (annual / statutory review period)
  •   Incident logs / reports – current year + 12 years (maybe longer for   major incidents)
  •   Training records – current year + 3 years
  •   Emergency Plans – current plan + 1
  •   COMAH / Pipeline Safety Plans – Review period not exceeding 3 years

8.    Your information, your rights

The General Data Protection Regulation (GDPR) gives you important rights, including the right to access the personal information the services hold about you. 

 

View further details on your information rights and how to exercise them. 

9.    Contact us

If you have any concerns or would like to know more about how the service using your personal information please contact us in one of the following ways:

 

By email : Emergency.Planning@rctcbc.gov.uk

 

By telephone : 01443 827726

 

In writing : RCTCBC, Emergency Planning, Ty Glantaf, Unit B23, Treforest Industrial Estate, Pontypridd, CF37 5TT

 

Help us improve - don't include personal or financial information, e.g. your National Insurance number or credit card details.