Who we are
Teignbridge District Council is registered with the Information Commissioner’s Office (ICO) as a ‘data controller’ under the Data Protection Act, entry Z5463710. We are a public authority and have a nominated Data Protection Officer who can be contacted on firstname.lastname@example.org.
Licensing Services process and store your personal information by law to administer applications and enforce licensing provisions under its obligations of the licensing requirements.
What information do we collect about you?
The personal information we collect includes:
- contact details (email address and telephone numbers)
- date of birth
- national insurance number, where applicable
- details of any relevant convictions (this includes information from disclosure and barring service (DBS) checks which are returned to applicant or destroyed after determination of an application)
- DBS checks or outcomes of DBS checks
- identity documents (we will destroy copies of bank statements and other proof of address documents once we have determined your application)
- details of your nationality, where applicable
- proof of right to work in the UK, where applicable
- your driving licence details (DVLA or overseas), where applicable
- employment history, where relevant
- details of knowledge tests taken and scores (drivers)
- medical forms and supporting information (drivers)
- vehicle details including registrations and garage tests, insurance documents, etc. (hackney and private hire)
- complaints made about persons, vehicles or premises and details of investigations
- licences issued to you and premises and details included on them
- information shared with us from other authorities or internal departments
- details of persons making representations in relation to applications
- details of any relevant qualifications held
- evidence relating to enforcement actions which may include prosecutions and reviews and may make reference to individuals and include personal data
Where we get your information from
We collect personal information from you as the service user through online web forms, hard copy application forms, e-mail, by telephone, through face-to-face discussion or by recording of your telephone call if calling our main customer support centre. This information will be collected either from you directly as the data subject, or from a representative acting on your behalf.
We have installed CCTV systems in some of our premises for the purposes of public and staff safety and crime prevention and detection.
If you fail to provide certain information, we may not be able to provide the service you have requested.
How your information will be used
We use this information to communicate with you, assess your application and issue you with a licence, permit or certificate. Also, to register a range of business activities to satisfy licensing objectives, including publishing public registers. This information applies to the administration of:
- gambling and lotteries
- hackney carriage and private hire and driver licensing
- wheelchair accessible vehicles
- alcohol and entertainment, including temporary event notices, personal, premises and club licences
- charity collections
- sex entertainment venues and sex establishments
- animal licensing
- street trading
- skin piercing, tattooing and electrolysis
- scrap metal dealers
- cooling towers
- camping, caravans and park homes
In addition, we use this information to help investigate complaints or concerns you have raised about the service provided.
Some restrictions apply to the publication of personal data on a public register, these can be viewed on our website, such as:
- where a business address is the same as a personal address this will also be shown on a public register, unless legal reasons support protection
- in the case of a named person who holds a position of responsibility, for example, a designated premises supervisor, their name will appear on a public register, however, their personal address (if not a business address) will be excluded
Lawful basis for processing data
The lawful basis for processing your personal information is the performance of a public task, and is necessary for compliance with a legal obligation as specified by the following legislation but not limited to:
- Licensing Act 2003
- Gambling Act 2005
- Local Government (Miscellaneous Provisions) Act 1976
- Section 68 of the Town Police Clauses Act 1847
- Section 171 of the Public Health Act 1875
- Air Quality (Taxi and Private Hire Vehicle Database) (England and Wales) Regulations 2019
- Rehabilitation of Offenders Act 1974 (Exceptions) (Amendment) Order 2002
We are allowed to process personal and sensitive data for the reasons of substantial public interest where it is necessary for us to fulfil our legal obligations and regulatory requirements.
Who we share your data with
Your information may be shared with other council services and being presented to the council’s licensing sub-committee for determination, local authorities, statutory responsible authorities such as the police and the Home Office, and government departments including the Department for Work and Pensions (DWP), Department for Environment, Food and Rural Affairs (DEFRA) and HM Revenue and Customs (HMRC).
For example, we are required to notify the police if an applicant is found to have an unspent conviction for a relevant or foreign offence. The police may object to the application on crime prevention grounds. Similarly, we are required to notify the Secretary of State through Home Office Immigration Enforcement when an applicant declares that they have been issued with an immigration penalty or convicted of an immigration offence.
We are required by law to disclose information to the Cabinet Office as part of the National Fraud Initiative.
There may also be instances where our system suppliers will need to access individual’s personal information to ensure that information is being held securely and accuracy is maintained. This will be on a strict need to know basis and all contracts have confidentiality clauses built in.
Where we engage third parties to process personal data on our behalf, they do so on the basis of written instructions, are under a duty of confidentiality, and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
We will not disclose any personal information to any other third parties unless required to do so by law or where it is appropriate to support our duty to protect public funds and / or detect and prevent fraud or other criminal activity or safeguarding requirements.
We will not transfer your information to countries outside the European Economic Area (EEA) unless this is necessary, and only to countries which have sufficient safeguards in place to protect information.
We will not share your information with third parties for commercial or marketing purposes.
How long do we keep hold of your information and is it secure?
We will only retain your personal information for as long as we are required to do so by law and the purpose, we collected it for. The retention period is either dictated by law or by our discretion. Once your data is no longer needed it will be securely and confidentially destroyed. We will hold your personal information for seven years after the expiry, surrender or revoke date of the licence.
We have implemented appropriate technological and operational security in order to safeguard your data from loss or misuse.
Changes in your circumstances
You must notify us immediately if there are any changes in your personal details so we can maintain an accurate and up to date record of your information.
Your rights and access to your information
You have rights under the data protection legislation:
- to access your personal data, known as a subject access request
- to be provided with information about how your personal data is processed
- to have your personal data corrected
- to have your personal data erased in certain circumstances
- to object to or restrict how your personal data is processed
- to have your personal data transferred to yourself or to another business in certain circumstances
- you have the right to be told if we have made a mistake whilst processing your data and we will self-report breaches to the Information Commissioner
Should you wish to exercise any of your rights, you should contact the Data Protection Officer email@example.com.
If you have any concerns
You have a right to complain to us if you think we have not complied with our obligation for handling your personal information by contacting the Data Protection Officer in the first instance.
If you are not satisfied with the council’s response you have a right to complain to the Information Commissioner Office:
Telephone: 0303 123 1113
Or use their online tool for reporting concerns: https://ico.org.uk/concerns/