Data Protection

The council takes its roll as a data controller seriously, and is governed by the GDPR. As entitled under the act, the council does not have a Data Protection Officer (DPO) but the clerk acts as a pseudo-DPO.

The council does not have a mailing list and keeps very few records. Typically, the following data is held:

  • Public attendance at council meetings is not generally recorded but speakers are asked to provide a name and address, which may be recorded in the minutes.
  • Emails received and sent by the council are stored.
  • Records of children attending the youth club are held and permission is obtained from parents or guardians, including parent/guardian contact details.
  • The council operates CCTV overlooking the MUGA. Records are overwritten on an ongoing basis.
  • As a Parish Council the clerk retains a copy of the full electoral register under a data sharing agreement with North Hertfordshire District Council and this register this available to members of the council, for use connected to their role as a councillor.

The council’s data protection policy can be viewed here: GDPR Privacy Policy (2018).