Staffordshire Resilience Forum Privacy Notice

This is how we* use your information in the preparation for incidents and during incidents.

 *'we' primarily referring to local authorities, emergency services & health trusts

Why do we collect your personal information?

Organisations that are classified as Category 1 Responders have a legal duty to under the Civil Contingencies Act (2004) to maintain plans (and arrangements) to ensure that in an emergency, they can perform their functions so far as necessary or desirable for the purpose of preventing the emergency, reducing or mitigating its effects or taking other action in connection with it. If you are involved in an incident or emergency, responders will collect and process information relating to you in order to protect your vital interests and provide for your welfare.

Category 1 (and 2) Responders also have a legal duty to share information with one another and to co-operate with each other. For further guidance on who Category 1 and 2 Responders are, please see Gov.UK.

What do we collect and how do we use your personal information?

As part of the work we do within the Staffordshire Resilience Forum (SRF), we may collect information from you, either day-to-day or during an incident.

Information we collect day-to-day could include contact details for members of community groups or networks in order to undertake work in the area of Community Resilience, or engagement with the voluntary sector.

Information collected during an incident or emergency may include:

  • Name & address
  • Date of birth
  • Contact phone numbers
  • Needs (such as medical, dietary/allergy, care, physical, social or language/communication needs) and other characteristics or information about your situation that will help us look after your welfare and protect your vital interests during and after an incident
  • Name of GP Surgery, so that we can ensure any health input you need is provided and that it is provided in the most efficient way.

Information may need to be collected and processed if you need to use an emergency Rest or Reception Centre, or another form of emergency centre, because you require assistance of some kind in relation to the impact of the incident upon you. Information will be collected and processed in order to provide the best support to you.

We may also need to warn you or provide advice based on emergency situations that might present a risk to your welfare (particularly if we think that situation might be imminent, e.g. risk of flooding over the next few days) in order to keep you safe from those risks. We may need to use personal information in order to do this, to carry out a task in the public interest and using our authority vested in us by the Civil Contingencies Act 2004, and to make sure we are providing the right advice to the right person.

Who else has access to the information?

The data that is collected is likely to be shared between responders and SRF partners for the purposes of carrying out activity in relation to legal duties under the Civil Contingencies Act and also during incidents, to protect the vital interests of individuals.

If we feel another organisation may be able to help keep you safe or meet your needs during/after an incident, then we may share your details with them.

The types of organisations we may share information with include health services, local government, other government agencies, charities, voluntary sector organisations and other support groups. However please note this list is non-exhaustive.

SRF Partners may disclose personal information to a wide variety of recipients in any part of the world. If personal information is transferred outside the European Union, it is the responsibility of the organisation making the transfer to take proper steps to ensure that the data is adequately protected. Disclosure of information may also take place when organisations are required to do so by, or under, any other act of legislation, by any rule of law, by court order or in connection with any legal proceedings.

What happens if your information is shared between organisations?

You may have been signposted to this privacy notice because your information has been obtained an organisation by way of it being shared by another organisation, and not directly from you. The organisation that originally recorded your information may be able to let you know at the time that this occurs, but it might be up to a month afterwards.

How long will it be stored for?

This will depend on the incident and what response is required, but as long as agencies are involved in your welfare after the incident, your information may be made available to them. A decision will then be made regarding whether it is necessary to retain the information (and how much of the information to retain), for the purposes of, for example, inquiries into the incident. If information is not required to be retained, it will be securely destroyed at the point when you no longer need any help from agencies after the incident. This is unless you request your information to be erased prior to this point, which we may be able to do, depending on what information it is.

Each agency has its own data management and retention policies and the data will be handled in accordance with these, by the agencies with whom the information has been shared.

What are my rights over the data?

You can request access to your data from the Data Controller at any time (and obtain a copy free of charge). There are likely to be decisions that we need to make as a resilience partnership, about how we seek to help those affected by the incident. This may involve your data.

If you do not wish us to take any further decisions without your consent, you may have the right to request not to be subject to any automated decision making and we will do our best to meet your request insofar as possible.

You can request access to your data from us at any time (and obtain a copy free of charge). You also have the right to: 

  • Be informed of how we use your data.
  • Object to processing of personal data that is likely to cause, or is causing, damage or distress.
  • Prevent processing for the purpose of direct marketing, and in certain circumstances to request restrictions to what we do with the data or to take it elsewhere.
  • Object to decisions being taken by automated means.
  • In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed.
  • Claim compensation for damages caused by a breach of the Data Protection regulations.

If you wish to exercise any of the above rights, or raise any queries in relation to the processing of your data, please contact the Data Protection Officer for the organisation that originally collected your information.

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at any time. You can also contact the Information Commissioner's Office to complain by visiting, calling 0303 123 1113 or writing to:

Information Commissioner's Office
Wycliffe House
Water Lane

Further information

If you need further information about this privacy notice, or how we process data, please contact the relevant Data Protection Officer:

Data Protection Officer
Cannock Chase District Council
Civic Centre, Beecroft Road, Cannock WS11 1BG 

Data Protection Officer
East Staffordshire Borough Council
Town Hall, King Edward Place, Burton upon Trent DE14 2EB

Data Protection Officer
Lichfield District Council
Frog Lane, Lichfield WS13 6YY

Data Protection Officer
Newcastle-under-Lyme Borough Council
Civic Offices, Merrial Street, ST5 2AG (until Summer 2018)
Castle House, Barracks Road, ST5 1BL (from Summer 2018 onwards)

Data Protection Officer
Stoke-on-Trent City Council
Civic Centre, Glebe St, Stoke-on-Trent ST4 1HH

Data Protection Officer
Stafford Borough Council
Civic Centre, Riverside, Stafford ST16 3AQ

Data Protection Officer
Staffordshire Moorlands District Council
Moorlands House, Leek ST13 6HQ

Data Protection Officer
South Staffordshire Council
Wolverhampton Rd, Codsall, Wolverhampton WV8 1PX 

Data Protection Officer
Tamworth Borough Council
Marmion House, Lichfield St, Tamworth B79 7BZ

Data Protection Officer
Staffordshire County Council
1 Staffordshire Place, Stafford ST16 2LP

Data Protection Officer
Staffordshire Police
Weston Road, Stafford ST18 0YY

Data Protection Officer
Staffordshire Fire and Rescue Service HQ
Pirehill, Stone, Staffordshire ST15 0BS

Data Protection Officer
West Midlands Ambulance Service 
Millennium Point, Waterfront Business Park, Waterfront Way, Brierley Hill, West Midlands DY5 1LX

Data Protection Officer
University Hospital of North Midlands
Royal Stoke Hospital, Newcastle Rd, Stoke-on-Trent ST4 6QG

Data Protection Officer
Staffordshire and Stoke-on-Trent Partnership NHS Trust
Morston House, The Midway, Newcastle-under-Lyme, Staffordshire ST5 1QG

Data Protection Officer
North Staffordshire Combined Healthcare Trust
Bellringer Rd, Stoke-on-Trent ST4 8HH

Data Protection Officer
South Staffordshire & Shropshire Foundation Trust
St. George's Hospital, Corporation Street, Stafford ST16 3SR

Data Protection Officer
Cannock Chase Clinical Commissioning Group
2 Staffordshire Place, Stafford ST16 2LP

Data Protection Officer
East Staffs CCG
Edwin House, Second Avenue, Burton-on-Trent DE14 2WF

Data Protection Officer
North Staffs CCG
Smithfield One Building, Leonard Coates Way, Stoke-on-Trent ST1 4FA

Data Protection Officer
Stafford & Surrounds CCG
2 Staffordshire Place, Stafford ST16 2LP

Data Protection Officer
South East Staffs & Seisdon Peninsula CCG
Second Floor, Marmion House, Lichfield Street, Tamworth, Staffordshire B79 7BZ

Data Protection Officer
Stoke-on-Trent CCG
Smithfield One Building, Leonard Coates Way, Stoke-on-Trent ST1 4FA