This is an HTML version of an attachment to the Freedom of Information request 'Databases held by BCC'.

FULL PRIVACY NOTICE  
December 2009 
 
USING YOUR PERSONAL DATA 
 
As a Local Authority, Birmingham City Council collect, holds and processes a considerable 
amount of information, including personal information about the citizens it serves, to allow it to 
provide services effectively. 
 
The Council recognises that this information is important to the citizens and that it is 
responsible to the citizens for the information it holds about them. As such, it takes seriously 
its responsibilities to ensure that any personal information it collects and uses is done so 
proportionately, correctly and safely. 
 
For information about what is personal data please see the Information Commissioner’s web 
site: www.ico.gov.uk
 
The Council collects, holds and uses personal data to allow it to provide services on behalf of 
the citizens of the City of Birmingham. These services include, amongst others, providing 
schools and educational facilities within the city; providing care and support for vulnerable 
individuals and their families; maintaining and improving the environment of the city and 
protecting the citizens generally. 
 
For more detailed information as to the services provided by the Council, please see 
www.birmingham.gov.uk
 
In deciding what personal data to collect, hold and use, the Council is committed to ensuring 
that it will :- 
  
•  recognise that any personal data handled by Birmingham City Council is  held on 
behalf of that person and that we ensure we respect that responsibility; 
•  adopt and maintain high standards in respect of the handling and use of that personal 
data; 
•  only collect, hold and use personal data where it is necessary and proportionate to do 
so; 
•  securely delete any personal data when no longer needed; 
•  keep your personal data secure and safe;  
•  not unnecessarily and without good reason, infringe the privacy of the citizens of 
Birmingham; 
•  consider and address the privacy risks first when  planning to use or hold personal 
information in new ways, such as when introducing new systems; 
•  be open with individuals about how we use their information and who we give it to; 
•  make it easy for individuals to access and correct their personal information; 
•  ensure that there is effective safeguards and systems in place to make sure personal 
information is kept securely and does not fall into the wrong hands; 
•  provide training to staff who handle personal information and treat it as a disciplinary 
matter if they misuse or don’t look after personal information properly; 
•  put appropriate financial and human resources into looking after personal information 
to make sure we can live up to our promises; 
•  regularly check that we are living up to our promises and report on how we are doing. 
 
The Council may disclose personal data to third parties, but only where it is necessary, either 
to comply with a legal obligation, or where permitted under the Data Protection Act, e.g. 

where the disclosure is necessary for the purposes of the prevention and/or detection of 
crime, or where it is necessary to allow a third party working for or on behalf of the Council.  
 
The Council will strive to ensure that any personal data in its care will be kept safe and that 
where your information is disclosed to a third party, Birmingham City Council will seek to 
ensure that the third party has sufficient systems and procedures in place to prevent the loss 
of personal data. 
 
Where the Council seeks to disclose sensitive personal data, such as medical details, to third 
parties, we will do so only with your prior express consent or where we are legally required to 
do. 
 
Birmingham City Council will use your personal data for a limited number of purposes, and at 
all times within the rules set out in the Data Protection Act 1998. 
 
We will process personal data for the following purposes:- 
 
1. 
for the purpose to which you provided the information. e.g. processing 
information given on a benefit claim form for the purpose of processing your 
benefit claim, and to monitor the Council’s performance in responding to your 
request; 
 
2. 
to allow the Council to be able to communicate and provide services appropriate 
to your needs, e.g. to be able to arrange suitable access arrangements where the 
citizen has mobility difficulties.  
 
3. 
to ensure that the council meets its legal requirements, including obligations 
imposed under Equality Legislation and Health and Safety Acts; 
 
4. 
where necessary for the Council’s Law Enforcement functions, e.g. licensing, 
planning enforcement, trading standards, food safety, etc, where Birmingham City 
Council is legally obliged to undertake such processing; 
 
5. 
where the processing is necessary for Birmingham City Council to comply with its 
legal obligations, e.g. the prevention and/or detection of crime. 
 
6. 
to process financial transactions including grants, payments and benefits 
involving Birmingham City Council,  or where Birmingham City Council is acting 
on behalf of other government bodies, e.g. Department for Works and Pensions;  
 
7. 
where you have consented to the processing;  
 
8. 
where necessary to protect individuals from harm or injury; or  
 
9. 
where otherwise permitted under the Data Protection Act 1998, e.g. disclosure to 
comply with legal obligations. For further information on the Data Protection Act 
see www.ico.gov.uk 
 
Birmingham City Council may also use your personal data, after it has been anonymised, to 
allow the statistical analysis of data to allow the Council to effective target and plan the 
provision of services.  
 
 
 


SINGLE CUSTOMER RECORD 
Birmingham City Council is working on improving how it provides services to the citizens of 
Birmingham. 
In order to assist the Council in providing relevant services more quickly when required, and 
in an effective and efficient manner, it is creating an information hub. 
The information hub will contain a single customer record, comprising of your name, address, 
date of birth and gender, together with some information which can be used to confirm your 
identity. It is envisaged that the single customer record will record a brief summary of your 
contact with the Council, e.g. that you called the Council about a missed bin collection. 
The Single Customer Record will not contain extensive details of the services you have 
received. However, the single customer record will also act as an index to other council 
databases, but will be able to feed information into a number of council systems, including:- 
Libraries    Waste 
Management 
Leisure 
services   Trading 
Standards 
Adult 
Social 
Care 
  Corporate 
Finance 
Benefits 
    Council 
Tax; 
To do this, the Information hub will take your name, address, date of birth and gender from 
the above council systems to create the single customer record. 
This list is continuingly being updated, and an up-to-date list is available on Birmingham City 
Council’s web site. 
This will allow you to notify the Council once and have that information feed into a number of 
Council systems, e.g. where you change your address, so that rather than you having to 
notify each individual Council department of the change of address, by reporting the change 
of address to one Council department, a number of Council departments will be notified. 
However, this will only be done with your express consent. 
The Single Customer Record will also allow the council to respond to any queries you may 
have in respect of the provision of services more quickly and efficiently.  By linking into a 
number of Council systems, any query or issue can be investigated more quickly. However, 
any access to such Council systems will only take place in response to any query or 
instruction received by yourself, and only where such access is necessary to answer or 
respond to the query or issue raised by yourself. 
CHILDREN’S DATA GENERALLY 
 
The Council provides a number of services to children, from leisure and cultural services to 
education and child care services, which requires it to process children’s data. 
The Council will create and hold a Single Customer Record for children.  For children under 
the age of 12 or where it is believed that the child does not understand what he/she is 
consenting to, this will normally require the consent of a child’s parent or guardian to allow the 
Council to process this data.  
 
 

For young people aged between 12 and 16, we will accept their consent, without requiring the 
consent of their parent or guardian, as being valid in respect of the use, processing and 
sharing of less sensitive information, e.g. registering for culture events and activities.  Clearly, 
the decision as to whether a child has the capacity to give valid informed consent will require 
the consideration of additional factors and, in some cases, professional judgement.  These 
considerations will include: 
•  Cases of anti social behaviour involving children 
•  Vulnerable or ‘at risk’ children 
•  Mental health or other incapacity issues 
•  Ability to pay for services, such as leisure activities 
•  Health and safety considerations, for example, agreement from parents to participate 
in activities that require the provision of further information, e.g. medical issues, 
disability, etc.,  
 
For individuals over 16, we will accept their consent as being valid in respect of the use, 
processing and sharing of all their personal data. 
 
For further information, please see the council’s guidance note on the use of children’s 
personal data. 
DATA MATCHING 
Data Matching involves comparing computer records held by one body against other 
computer records held by the same or another body to see how far they match. This is usually 
personal information. 
Birmingham City Council undertakes Data Matching, where necessary, for a number of 
purposes, to comply with legal requirements placed on the Council. 
These include to:  
1. 
detect and prevent crime / fraud; and 
2. 
assist in Emergency response management. 
 
DETECT AND PREVENT CRIME / FRAUD 
Birmingham City Council is required by law to protect the public funds it administers. We 
process and share the information provided to us for the following purposes:- 
Council employee Payroll 
 
 
Electoral Register 
 
Council employee Pensions 
 
 
Student Loans 
 
Housing  
 
 
 
 
Supported Care (Home Residents and  
 
 
 
 
 
 
Care Home Residents) 
 
Transport passes, including residents’  
Insurance Claimants 
parking and blue badges 
      Housing 
and 
Council 
Tax 
Benefits 
Licences, e.g. market trader/ operator,   
 
taxi driver and (new) personal licences 
Council Tax 
to supply alcohol. 
 
 Leisure 
 
 
 
Property (Planning, Business Rates) 
Libraries 
 

to prevent and/or detect potential fraud and crime, by both conducting our own Data Matching 
as well as sharing this information with other public bodies, such as; the Audit Commission, 
the Department for Work and Pensions, other Local Authorities Revenues and Customs and 
the Police. 
The Audit Commission appoints an auditor to audit the accounts of Birmingham City Council, 
and also conducts its own data matching exercise. 
Computerised data matching allows potentially fraudulent claims, transactions, applications 
and payments to be identified. Where a match is found and two or more records have 
contradictory or conflicting information, the inconsistency will require further investigation. No 
assumption can be made as to whether there is fraud, error or other explanation until an 
investigation is carried out. Regardless, the data matching process is a proven way of helping 
to ensure that records are up to date and accurate. 
The Audit Commission currently requires local authorities to participate in a data matching 
exercise to assist in the prevention and/or detection of fraud. We are legally required to 
provide particular sets of Data to the Audit Commission for matching for each exercise, and 
these are set out in the Audit Commission’s guidance which is located at www.audit-
commission.gov.uk/nfi

The use of data by the Audit Commission in a data matching exercise is carried out with 
statutory authority under its powers in Part 2A of the Audit Commission Act 1998. It does not 
require the consent of the individuals concerned under the Data Protection Act 1998. 
Data Matching by the Audit Commission is subject to a Code of Practice. This may be found 
at www.audit-commission.gov.uk/nfi/codeofdmp.asp
For further information on the Audit Commission’s legal powers and the reasons why it 
matches particular information, see www.audit-commission.gov.uk/nfi/fptext.asp
For further information about data matching at Birmingham City Council, please contact either 
Birmingham Audit  
Email: xxxxxxxxxxxxxxx@xxxxxxxxxx.xxx.xx
or the Corporate Information Governance Unit at 1st Floor, Lancaster Circus, Birmingham 
Email: xxx.xxxxxxx@xxxxxxxxxx.xxx.xx
Tel: 
0121 303 4876 
 
EMERGENCY RESPONSE MANAGEMENT 
Data Matching may also be used to assist the Council in responding to emergencies or major 
accidents, by allowing the Council, in conjunction with the emergency services, to identify 
individuals who may need additional support in the event of e.g. an emergency evacuation. 
In addition, further data matching may be undertaken on a directorate level. Please see the 
respective directorate’s web site for any additional directorate specific privacy policies. 
 
EQUALITIES 

Birmingham City Council may use information about your ethnic background, first language, 
gender, sexual orientation and age (“equalities data”) for the purposes of compiling statistical 
data about the population of the city at large and the take up council services by various 
groups, both to assist in complying with the race relations act and other equality legislation 
and to assist the council in the effective planning and provision of future services. 
Such statistical data or statistical analysis will not allow the identification of any specific 
individual nor will it have any impact on any individual’s entitlement to council services and 
facilities. 
Such equalities data may also be used to allow the council to provide sufficient assistance 
where required, e.g. to provide translation services or access facilities, e.g. induction hearing 
loop, where appropriate. 
YOUR RIGHTS 
You have the right to request that Birmingham City Council cease processing your personal 
data in relation to any Council service, including the Single Customer Record. Where 
possible, Birmingham City Council will seek to comply with your request but there may be 
some situations where it will not be able to do this, e.g. where Birmingham City Council is 
required to hold or processing information to comply with a legal requirement. However, this 
may cause delays or hinder the Council’s ability to provide services to you. 
You are also legally entitled to request access to any records held by Birmingham City 
Council about yourself, including the Single Customer Record. Again, Birmingham City 
Council will seek to comply with your request but there may be some situations where it will 
not be able to do this in full, e.g. where information held was given in confidence. For further 
information about either requesting access to your personal data or to cease processing 
personal data please contact the Council’s Corporate Information Governance Unit. 
Whilst Birmingham City Council tries to ensure that any personal data it holds about you is 
correct, there may be situations where the information it holds is no longer accurate. If this is 
the case, please contact the department holding the information or the Corporate Data 
Protection Unit so that any errors can be investigated and corrected. 
Birmingham City Council will not use your personal data for third party marketing purposes 
without your prior express consent.  
It will not pass any personal data on to third parties, other than those who either process 
information on our behalf or because of a legal requirement, and it will only do so, where 
possible, after Birmingham City Council has ensured that sufficient steps have been taken to 
protect the personal data by the recipient. 
 
FURTHER INFORMATION 
At all times, Birmingham City Council will comply with the legal requirements set out by the 
Data Protection Act 1998 in relation to the collection, holding and processing of your personal 
data. 
If you would like to know more or have any concerns about how your information is being 
processed please contact the Corporate Information Governance Unit. 
If you require general information about the data protection act, information is available on the 
information commissioner’s web site, www.ico.gov.uk,  

 
 
CHANGES TO THIS PRIVACY NOTICE
 
 
Birmingham City Council will continually review and update this privacy notice to reflect 
changes in our services and feedback from service users, as well as to comply with changes 
in the law. When such changes occur, we will revise the "last updated" date at the top of this 
notice. If there are substantial changes to this statement or in how Birmingham City Council 
will use your personal information, we will advertise the updated notice both on the front page 
of the Birmingham City Council web site and in Council offices. 
 
Birmingham City Council encourages you to periodically visit the Council’s web site to review 
this notice and to be informed of how Birmingham City Council is protecting your information. 
 
 

Document Outline