6. Who we share your data with
We share your information with officers from other service areas for assistance, specifically, those which your request relates to.
The Data Protection Officer, and members of the Information Governance Service, will have access to your personal data when there has been a breach to enable them to investigate the breach, report this to the necessary individuals and to make any changes to processes to prevent a reoccurrence happening.
If you make a complaint to the Information Commissioners Office about the way in which we dealt with a request, we may be required to disclose personal data about you to comply with an investigation.
There may also be instances where our system suppliers will need to access individual’s personal information to ensure that information is being held securely and accuracy is maintained. This will be on a strict need to know basis and all contracts have confidentiality clauses built in.
Where we engage third parties to process personal data on our behalf, they do so on the basis of written instructions, are under a duty of confidentiality, and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
We will not disclose any personal information to any other third parties unless required to do so by law or where it is appropriate to support our duty to protect public funds and / or detect and prevent fraud or other criminal activity.
We will not transfer your information to countries outside the European Economic Area (EEA) unless this is necessary, and only to countries which have sufficient safeguards in place to protect information.
We will not share your information with third parties for commercial or marketing purposes.