Facebook

Data Protection and Privacy Policy

Privacy and data protection

This page explains what personal information Findochty Community Council may hold, why we hold it, and your rights under UK data protection law.

Findochty Community Council is a statutory community body made up of local volunteers.
We do not hold large public databases — most personal information we hold relates to correspondence, community participation, and council administration.

This policy follows the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Quick answers

Do you store my details?

Only when you contact us, submit a form, correspond with the council, or take part in community activities.

Who can access it?

Only Community Council members who need the information to carry out council duties.

How long do you keep it?

Only for as long as necessary for the purpose it was collected, or as required for statutory record-keeping.

Records required for statutory governance may be retained for longer in accordance with local government record-keeping guidance.

How do I get it removed?

Email the Community Council Secretary and request deletion.

Your rights

Under UK GDPR, you have the right to:

  • Ask what information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal data
  • Withdraw consent where consent is the legal basis
  • Object to how your data is used
  • Complain to the Information Commissioner’s Office (ICO)

We may ask for proof of identity before releasing personal information.

What information we hold

Information collected

We may hold personal information including:

  • Names

  • Addresses

  • Email addresses

  • Telephone numbers

  • Written correspondence

  • Information you provide in forms, surveys or consultations

We only collect information relevant to Community Council duties.

Why we hold it

We process personal data in order to:

  • Respond to enquiries from residents

  • Represent community views

  • Manage meetings and consultations

  • Organise community activities

  • Maintain statutory records

  • Meet legal obligations

The legal basis for processing is normally public task. Consent is used only where required (for example photographs or optional participation).

Data processing and records

The Community Council maintains a data register describing:

  • What information is held

  • The purpose for holding it

  • Who has access to it

  • How long it is retained

This register is reviewed periodically.

Data security

  • Restricted access to authorised members only
  • Password-protected digital storage
  • Secure storage of paper records
  • Secure deletion when no longer required
  • Antivirus and software security measures where applicable

Data breaches

If a data breach occurs, the Community Council will:

  • Assess the level of risk

  • Notify affected individuals where necessary

  • Report to the Information Commissioner’s Office when legally required

  • Review procedures to prevent recurrence

Complaints

If you are unhappy with how your personal data has been handled, please contact the Community Council first so we can resolve the issue.

You also have the right to complain to:

Information Commissioner’s Office (ICO)
https://ico.org.uk

Information Commissioner’s Office website

Contact us

For any data protection enquiries or requests, contact:

Community Council Secretary
secretary@findochty-cc.org ↗

Please do not include sensitive personal information in emails unless necessary.

This policy is reviewed periodically to ensure compliance with current data protection legislation.

Last reviewed: February 2026

Findochty Community Council

Council Information

Policies & Website

Social

Facebook
  • Findochty Community Council

Website maintained by Findochty Community Council