This notice provides additional privacy information regarding Electoral Services.
The Electoral Registration Officer (ERO) and Returning Officer (RO) are the data controllers, Electoral Services use information about residents to enable us to carry out specific functions for which we are statutorily responsible.
We keep records about potential and actual electors, voters, candidates and their agents, staff employed by the RO and ERO and those we need to pay. This information may be written down or kept in digital format. The information is, as follows;
If you are employed by the RO on election duties of for the ERO for registration duties, we may also collect the following;
If you are a candidate at an election, an appointed election agent, we may also collect the following;
We will collect information for a variety of reasons in our operations as Spelthorne's Electoral Services. These may include the following:
The legal basis for processing this data is as follows:
A breakdown of the legislation by which we process you data is as follows;
The law makes it compulsory to provide information to an ERO when requested. This is for the compilation and maintenance of an accurate electoral register.
The RO has a statutory duty to collect and retain information from voters, Candidates and their agents, and staff employed at an election.
Electoral services rely on public task basis to respond to any enquiries requested of them.
The information you provide is held in electoral registers which are managed by an Electoral Registration Officer (ERO) who, using the information received, maintains two registers - the full electoral register and the open register.
The full register is published once a year and is updated every month and can only be supplied to people and organisations permitted by law, eg:
We also have to disclose (share) your information with our Software providers and contracted printers.
Anyone can inspect the full electoral register.
The open register contains the same information as the full register, but is not used for elections or referendums. It is updated and published every month and can be sold to any person, organisation or company for a wide range of purposes. It is used by businesses and charities for checking names and address details; users of the register include direct marketing firms and also online directory firms.
You can choose whether or not to have your personal details included in the open version of the register; however, they will be included unless you ask for them to be removed. Removing your details from the open register will not affect your right to vote.
There may be certain circumstances where we would share your details without consent such as where we are required to do so by law, to safeguard public safety, and in risk of harm or emergency situations. Any information which is shared will only be shared on a need to know basis, with appropriate individuals. Only the minimum information for the purpose will be shared.
We will only keep your information for the minimum period necessary. The information outlined in this privacy notice will be kept in accordance with our retention schedule. All information will be held securely and destroyed under confidential conditions.
Enquiries handled by email will be kept for 6 years.
The Data Protection Act 2018 allows you to find out what information is held about you on paper and in digital format. This is known as a subject access request. If you would like to see a copy of your records, you should contact the Data Protection Officer. You are entitled to receive a copy within a month and free of charge.
You have the following rights under GDPR and the Data Protection Act 2018:
If you have any concerns about how this Department or the Council is handling your personal data, these can be raised with the Council's Data Protection Officer, contact details as follows:
Spelthorne Borough Council, Council Offices, Knowle Green, Staines upon Thames, TW18 1XB Email: firstname.lastname@example.org
You also have the right to make a complaint to the Information Commissioner's Office (ICO). This is an independent body responsible for making sure that organisations comply with Data Protection legislation.
The ICO will always expect you to have raised your concerns with us before submitting a complaint.