Creditors privacy notice

Find out how Stirling Council uses personal data by checking the Council’s website at the following address:

https://www.stirling.gov.uk/privacy-statement/

Our website contains a Register of Data Processing which lists all the different ways
in which the Council uses personal data.

This Privacy Notice provides more information about just one of those processes.

The Council has a Data Protection Officer to make sure it is complying with data protection laws.

They can be contacted at:

Data Protection Officer
Stirling Council
Old Viewforth
14-20 Pitt Terrace
Stirling
FK8 2ET

Email: dataprotection@stirling.gov.uk
Telephone: 01786 404040

To create providers, which can be companies or individuals who are due payment from Stirling Council, and to process accurate payments.

Personal data is about companies or individual people who are due to be paid money from Stirling Council in relation to services provided or insurance claims.

Personal Data Used

Name

Full Postal Address

Email address

Telephone Numbers

Bank Details

VAT Registration Number 

Company Number as registered with Companies House

Data relating to criminal convictions and offences is also processed. 

We process this data to comply with a legal obligation.

All services provide information on who they want payments made to and creditors staff may follow this up by requesting information direct from the company or individual who are due to be paid.

Personal data can also be passed from an external company or organisation but will have been the responsibility of the service who have advised that payment is due. Creditors following financial regulations will check that companies have bank accounts and ensure that the information is accurate.

• Spreadsheets stored within Corporate Services Shared Directory.
• E-financials
• Easybuy
• Paper copies

Personal data is retained for 6 years from end of the relevant tax year

We are legally obliged to safeguard public funds, so we are required to verify and check your details internally for fraud prevention.  We may share this information with other public bodies (and also receive information from these other bodies) from fraud checking purposes.

We are also legally obliged to share certain data with other public bodies, such as DWP, HMRC & Police and will do so where the law requires this.  We will also generally comply with requests from specific information from other regulatory and law enforcement bodies where this is necessary and appropriate.

Your information is also analysed internally to help us improve our service.  This is covered in our Fraud Privacy Statement. 

You have the following rights under data protection laws. If you have a request under any of these rights, you can make a subject access request.

• The right of access – You have the right to request information we hold about you. This is known as a subject access request and is free of charge. We must respond within one month, although this can be extended to three months if the information is complex.
  
  
• The right to rectification - You are entitled to have your information rectified if it is factually inaccurate or incomplete. We must respond to your request within one month. If we decide to take no action, we will tell you why and let you know about your right of complaint to the UK Information Commissioner
  
  
• The right to erasure - You have the right to ask us to delete your information or stop using it. It will not always be possible for us to comply with your request, for example, if we have a legal obligation to keep the information. If we decide to take no action, we will tell you why and let you know about your right of complaint to the UK Information Commissioner.
  
  
• The right to restrict processing - You have the right to restrict how your data is processed in certain circumstances, for example, if the information is not accurate. If a restriction is applied, we can retain just enough information to ensure that the restriction is respected in future. We must tell you if we decide to lift a restriction on processing.
  
  
• The right to data portability – You have the right to object to processing, if we are processing your personal data with your consent, and it is held in a structured, commonly used, machine-readable form, you have a right to ask us to transmit it to another data controller so they can use it. This right does not apply if we process your personal data as part of our public task.
  
  
• The right to object - You can object to your information being used for profiling, direct marketing or research purposes.
  
  
• You have rights in relation to automated decision making and profiling - to reduce the risk that a potentially damaging decision is taken without human intervention.

If you want to complain about or comment on how we have processed your personal information, you should email dataprotection@stirling.gov.uk

If you are still unhappy with how the council handled your complaint, you can contact the UK Information Commissioner's Office at:

The Information Commissioner,
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire SK9 5AF

Phone: 0303 123 1113

You can find further information on the Information Commissioners Office website.