OneAccount privacy notice - Privacy notices

What personal information do we collect?

We will ask you to provide the following data when you register for a OneAccount.

  • Title
  • First name
  • Last name
  • Email address
  • Address
  • Telephone number

Individual online services will ask for more specific information relating to the service you apply, pay or report for. Please refer to the service specific privacy policy included on instruction pages.

Alternatively, you can view all departmental privacy policies online.

View all privacy policies
 

Why do we process personal data?

We will use your information to:

  • Create an account when you register for OneAccount
  • Contact you about your OneAccount, such as if you have a incomplete registration, your account is dormant and we need to notify you that it will be closed and password resets etc
  • Send email notifications when you sign up to alerts
  • Display your next bin collection dates using the address registered to your OneAccount
  • Link to your Council Tax account if you request it to be linked to your OneAccount so you can access information regarding your council tax account
  • Link to your Benefits account if you request it to be linked to your OneAccount so you can access information regarding your benefits account
  • Analyse and report on the number of accounts (anonymised data)

Runnymede Borough Council complies with its obligations under the GDPR by keeping personal data up to date; by storing it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

Who has access to your personal data?

We do not share your OneAccount data with any other organisation.

Please refer to departmental privacy policies for personal data captured on individual online services. 
 

How do we protect personal data?

The council takes the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its authorised employees or individuals working on behalf of the council in the performance of their duties.

We protect data we collect online using the following security methods:

  • encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code, or what is called a 'cypher'. The hidden information is said to then be 'encrypted'
  • pseudonymisation, meaning that we will use a different name so we can hide parts of your personal information from view.
  • controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
  • training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong
     
How long do we keep your personal data?

There is often a legal reason for keeping your personal information for a set period, so we try to include all of these in our corporate Retention & Disposal schedule and they are often explained within each service-related Privacy Notice.

For each service, the schedule lists how long your information may be kept for. This ranges from months for some records to decades for more sensitive records.

Incomplete OneAccount registrations
If you have an unregistered account, we will write to you once to give you advice on how to complete your registration. If you do not complete the registration process within a month of the reminder, we will delete your email address and person information relating to your initial registration. 

Deleted OneAccount’s
If you decide to delete your OneAccount you can call 01932 838383 who will be able to verify your details and process the deletion of your OneAccount.  We will delete your account however any data collected relating to a service you have applied for, paid for or reported will be retained within the council’s systems in line with the service specific privacy policy and retention periods.
 

Your rights

As a data subject, you have a number of rights, including access to your data. A request for access can be made via our website or by sending an email to foi@runnymede.gov.uk

Data Protection Subject Access Request(SAR) | Introduction – Runnymede Borough Council

To find out more about your rights please see the ‘Your Rights’ section of our main privacy statement

If you believe that Runnymede Borough Council has not complied with your data protection rights, you should initially try to resolve it with the relevant department.

If you are unable to resolve the issue to your satisfaction contact our Data Protection Officer (DPO) who will investigate. If you remain dissatisfied with the outcome of the DPO’s review you can make a complaint to the Information Commissioner. You can find out further information on making a complaint to the Information Commissioner on their website Information Commissioner's Office (ICO)