What services are being provided?
Department/ Directorate: Emergency Planning, Environment and Economy
The Emergency Planning Service deliver the Local Authority’s statutory responsibilities and duties as a Category 1 Emergency Responder as set out by the Civil Contingencies Act (CCA) 2004. THE CCA 2004 relates to civil protection and contingency (emergency) planning.
The local authority must plan and prepare for, respond to, and recovery from emergencies.
The statutory duties placed on the local authority as a Category 1 responder includes the anticipation and assessment of risks, production of plans for the purpose of controlling or mitigating the impact of emergency incidents and business disruptions as well as effectively responding to, and recovering from, an emergency.
View the full list of statutory duties for Category 1 and 2 responders.
What personal data do we need from you?
The Emergency Planning Service holds and maintains the contact details of organisations and individuals who can help provide emergency relief services which may be called upon in the event of an emergency, for example the contact details of key holders of pre-designated rest centres.
The Emergency Planning Service commit to use anonymised data where ever possible during the risk assessment and planning process. However, during an emergency, in order to protect individuals from harm and to fulfil our statutory duties, we may collect and use, but not limited to the following personal data:
- telephone numbers
- address
- postcode
- emergency contact details
- date of birth
- common identifier number / NHS Number / Social Care Reference Number
Special category (sensitive) data
In order that we may deliver emergency response services appropriate to your needs we may also ask for the following ‘special category’ (sensitive) information about you which may include, but not limited to:
- health
- gender
We may also receive personal information about you from others
The CCA and accompanying regulations (Regulations 45 to 54 of The Civil Contingencies Act 2004 (Contingency Planning) Regulations 2005) places a duty on Category 1 and 2 responders to share information upon request which relates to the performance of their duties or functions relating to the preparedness, response and recovery stages of an emergency. Personal data can be requested and the responder receiving the request must comply unless an exemption applies.
To help us provide emergency response services appropriate to your needs we may receive personal information about from others including, but not limited to, Category 1 and Category 2 responders, such as:
- other Dorset Council departments/directorates e.g. Social Care and the Dorset Waste Partnership
- family members
- community members
- care providers
- emergency services
- NHS agencies
- utility companies
- other local authorities
Who will be using your personal information?
To help us provide effective emergency response and to ensure we provide the services appropriate to your needs both during an incident and throughout the longer-term recovery period the following organisation or departments may use the information you provide:
- Dorset Council Adult’s and Children’s Social Care
- Dorset Council Geographical Information Systems (GIS) in the instances of vulnerability mapping
- health providers
The Data Controller is Dorset Council
Dorset Council may use an additional external information technology provider (if appropriate – e.g. Servelec for Social Care) which will process your data (a data processor) for these and related activities.
What will your information be used for and what is the lawful basis for requesting and using it?
Your information will be used for:
- The purposes of delivering effective emergency response, protecting the citizens of Dorset from harm.
Note: If we cannot use your data we may not be able to provide you with these services, etc.
Our Lawful or legal basis for using your information can be found here.
Article 6.1(e) of the GDPR: “Public Task” “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller”, or
Article 6.1(d) of the GDPR: “Vital interests” “processing is necessary in order to protect the vital interests of the data subject or of another natural person”, and;
Authorised by the Civil Contingencies Act 2004.
With which other organisations may we share your data?
In some cases we may have to share your personal information with other agencies such as:
The CCA and accompanying regulations (Regulations 45 to 54 of The Civil Contingencies Act 2004 (Contingency Planning) Regulations 2005) places a duty on Category 1 and 2 responders to share information upon request which relates to the performance of their duties or functions relating to the preparedness, response and recovery stages of an emergency. Personal data can be requested and the responder receiving the request must comply unless an exemption applies.
To help us provide emergency response services appropriate to your needs the following organisations or departments, but not limited to, may use the information you provide:
- emergency services
- NHS agencies
- other local authorities
- social care
- voluntary organisations
Will your data be stored in, processed or accessible from countries outside the UK, EU or EEA countries?
No, your data will not be stored in, processed or accessible from countries outside the UK, EU or EEA countries.
How long will we keep your data?
We review personal data held for the purposes of emergency response activation at a minimum every three years and will destroy the personal data if it has been superseded. If your personal data was acquired during an emergency incident we will endeavour to delete your data as soon as our use has concluded.
For legal and operational reasons Dorset Council will retain all data/relating to emergencies for 3 years at which point retention will be reviewed.
Our use of your data will be subject to your legal rights as described at the Information Commissioner's Office.
Visit the following links for more information about Privacy Law, our obligations and your Rights.
Your Data Matters - Information Commissioners Office (ICO)
The ICO Guide to the General Data Protection Regulation (GDPR)
If you have concerns over the way we are asking for or using your personal data, please raise the matter with our Data Protection Officer:
If you still have concerns following our response you have the right to raise the matter with the Information Commissioners Office
Published date - 10 October 2018
Review date - 1 April 2019