Information Commissioners Office logo

Data protection register - entry details

Registration number:
Date registered:
21 December 2017
Registration expires:
20 December 2018
Data controller:
Hertfordshire CCTV Partnership Ltd
Stevenage Borough Council
Daneshill House
Contact for information:
Stevenage Borough Council
Daneshill House

This data controller states that it is a public authority under the Freedom of Information Act 2000 or a Scottish public authority under the Freedom of Information (Scotland) Act 2002

This register entry describes, in very general terms, the personal data being processed by:

Hertfordshire CCTV Partnership Ltd

Nature of work - CCTV and Crime Prevention

Description of processing

The following is a broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation to ask about your personal circumstances.

Reasons/purposes for processing information

We process personal information using a CCTV system to monitor and collect visual images for the purpose of security and prevention and detection of crime.

Type/classes of information processed

We process information relevant to the above reasons/purposes. This may include; personal details, personal appearance and behaviour; visual images.

We also process sensitive classes of information that may include:

  • offences and alleged offences
  • criminal proceedings, outcomes and sentences
  • visual images, personal appearance and behaviour

Who the information is processed about

We process personal information about:

  • staff
  • customers, clients
  • offenders and suspected offenders
  • members of the public and people in the area which is under CCTV surveillance

Who the information may be shared with

We sometimes need to share the personal information we process with the individual themself and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

Where necessary or required we share information with:

  • business associates
  • service providers
  • enquirers and complainants
  • police forces and security organisations

CCTV for crime prevention

CCTV is used for maintaining the security of property and premises and for preventing and investigating crime, it may also be used to monitor staff when carrying out work duties. For these reasons the information processed may include visual images, personal appearance and behaviours. This information may be about staff, customers and clients, offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance. Where necessary or required this information is shared with the data subjects themselves, employees and agents, services providers, police forces, security organisations and persons making an enquiry.


It may sometimes be necessary to transfer personal information overseas. When this is needed information is only shared within the European Economic Area (EEA). Any transfers made will be in full compliance with all aspects of the data protection act.


© Copyright