The Council, in the course of carrying out its functions, will collect and record information from individuals, internal service areas and external organisations. These records can be in a number of forms, for example -
- Communications from customers;
- Emails and attendance notes;
- Financial Information, including invoices;
- Confidential information;
- Statements and reports;
- Legal documents, including contracts and deeds; or
- Information relating to various types of applications.
This information can be in both hard copy and electronic form. The Council is required to have and to implement a records retention and disposal policy. For further information, please see the Lord Chancellor’s Code of Practice on the Management of Records issued under the Freedom of Information Act 2000 section 46.
In addition, the Data Protection Act 2018 (DPA) provides that personal data processed for any purpose must be kept for no longer than is necessary for that purpose or purposes. This is reinforced by the General Data Protection Regulation (GDPR) which provides that personal data should be kept for no longer than is necessary and that time limits should be established by the controller for erasure or for a periodic review.