Registration Number: ZA046828
Date Registered: 16 April 2014 Registration Expires: 15 April 2018
Data Controller: Penryn Town Council
Penryn Town Council
Higher Market Street
This data controller states that it is a public authority under the
Freedom of Information Act 2000 or a Scottish public authority under the
Freedom of Information (Scotland) Act 2002
This register entry describes, in very general terms, the personal data being processed by:
Penryn Town Council
Nature of work - Town Council
Description of processing
The following is a broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation to ask about your personal circumstances.
Reasons/purposes for processing information
We process personal information to enable us to provide local services in accordance with our statutory powers and duties, to promote campaigns, public relations and fundraising, conduct research and to support and manage our staff.
Type/classes of information processed
We process information relevant to the above reasons/purposes. This may include:
- personal details
- family details
- lifestyle and social circumstances
- financial details
- education and training details
- information regarding goods or services provided
We also process sensitive classes of information that may include physical or mental health or condition and racial or ethnic origin.
Who the information is processed about
We process personal information about:
- elected representatives, other holders of public office and members of the town council
- residents of the town
- complainants and enquirers
- advisers, consultants and other professional experts
- business or other contacts, agents and contractors.
Who the information may be shared with
We sometimes need to share the personal information we process with the individual themself and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.
Where necessary or required we share information with:
- the residents of the town
- family, associates and representatives of the person whose personal data we are processing
- current, past or prospective employers
- suppliers, providers of goods or services
- education, training establishments and examining bodies
- financial organisations and advisers
- persons making an enquiry or complaint
- the media
- local government
CCTV - Crime Prevention and/or Staff Monitoring
CCTV is used for maintaining the security of property and premises and for preventing and investigating crime, it may also be used to monitor staff when carrying out work duties. For these reasons the information processed may include visual images, personal appearance and behaviours. This information may be about staff, customers and clients, offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance. Where necessary or required this information is shared with the data subjects themselves, employees and agents, services providers, police forces, security organisations and persons making an enquiry.
It may sometimes be necessary to transfer personal information overseas. When this is needed information is only shared within the European Economic Area (EEA). Any transfers made will be in full compliance with all aspects of the data protection act.