We use essential cookies to make our site work. We'd also like to set analytics cookies that help us make improvements by measuring how you use the site. These will be set only if you accept.

For more detailed information about the cookies we use, see our cookies page.

Essential Cookies

Essential cookies enable core functionality such as security, network management, and accessibility. For example, the selections you make here about which cookies to accept are stored in a cookie.

You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics Cookies

We'd like to set Google Analytics cookies to help us improve our website by collecting and reporting information on how you use it. The cookies collect information in a way that does not directly identify you.

Third Party Cookies

Third party cookies are ones planted by other websites while using this site. This may occur (for example) where a Twitter or Facebook feed is embedded with a page. Selecting to turn these off will hide such content.

Skip to main content

Data Protection

GDPR Data Protection Policy – 19th February 2019                              Hannington Parish Council

Hannington Parish Council complies with the General Data Protection Regulation (GDPR).

GDPR regulates the use of personal data, e.g. the name, address and email of an individual (the data subject).

General Data Protection Regulation

The General Data Protection Regulation sets out the handling of personal information and protecting individuals’ rights for privacy. It also regulates how personal information can be collected, handled and used. The General Data Protection Regulation applies to anyone holding personal information about people, electronically or on paper.

Hannington Parish Council has notified the Information Commissioner that it holds personal data of individuals.

When dealing with personal data, Hannington Parish Council’s Clerk and any Councillor must ensure that they comply with the six principles listed below:

  • Personal data must be processed fairly, lawfully and in a transparent manner in relation to the data subject;
  • Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a manner   that is incompatible with those purposes;
  • Personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
  • Personal data must be accurate and, where necessary, kept up to date;
  • Personal data must be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed;
  • Personal data must be processed in a manner that ensures appropriate security of the personal data including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Personal Data Access

Hannington Parish Council recognises its responsibility to be open with people when taking personal details from them. This means that Councillors and Clerk must be honest about why they want a particular piece of personal information.

Hannington Parish Council’s Privacy Notice describes how we use your data and is available on the Parish Council website at

Security of Personal Data

Hannington Parish Council may hold personal information about individuals such as their addresses, email addresses and telephone numbers. These are securely kept by the Clerk and Councillors and are not available for public access without the prior permission of the data subject as this would be deemed to be a serious breach of GDPR compliance. All data stored on the Clerk’s computers is password protected.

Disposal of Personal Data

Once data is not needed any more, is out of date or has served its use and falls outside the minimum retention time of our Document Retention Policy, it will be shredded or securely deleted from the computer by the Clerk, as is applicable.

Rights of data subjects to view their data

GDPR provides for the right of a data subject to have access to their personal information (other than regulatory situations which may prevent this) that is held about them via a Subject Access Request addressed to the Parish Clerk. If a person requests to see any data that is being held about them:

  • They must be sent all of the personal information that is being held about them;
  • There must be an explanation for why it has been stored;
  • There must be a list of who has seen it;
  • It must be sent within 1 calendar month.

Hannington Parish Council members have individual parish council secure email addresses of the form ‘’ all of which are automatically recorded so that there is no confusion about data traceability or who has seen the data. The Parish Clerk has sole access to these recorded emails which can be rapidly searched for the desired subject.


The Parish Clerk, Hannington Parish Council is responsible for ensuring adherence with the General Data Protection Regulations.

Contact details:

The Parish Clerk contact details are on the website at


Useful Contacts

Information Commissioner: Email: Website: