Concessionary Fares Scheme - Privacy notices by service area

Privacy notice name
Concessionary Fares Scheme
Introduction

The following information provides details on how we may collect, use and where appropriate share personal information in relation to planning in accordance with the General Data Protection Regulations (GDPR).

It should be read in conjunction with the Council’s privacy notice document.

Hartlepool Borough Council will collect your personal information for the purposes of assessing your eligibility to a travel permit under the ENCTS and subsequent provision of the travel permit 

What personal information we collect

We will collect, store and use the following categories of personal information about you:

  • Name, address and date of birth
  • A photograph of you
  • Contract details
  • Details of any disability relative to assessing your application – if required
  • In the case of applicants applying under the disability criteria, if required, a detailed assessment of your medical details and how they affect your ability to walk 
Collection of sensitive personal information

We will collect information categorised as sensitive in order to carry out our legal obligations and in line with our data protection policy. This may include information such as:

  • Your Health details – if applicable

Processing of the information is necessary for the purposes of carrying out the obligations and in exercising specific rights. (article 9 (2)b) 

How your personal information is collected

We collect personal information when you apply for a ENCTS travel permit through online systems and through face to face contact with yourself 

How we use your personal information

Most commonly, we will use your personal information in the following circumstances:

  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  • processing is necessary for compliance with a legal obligation to which the controller is subject. 
Situations in which we will use your personal data

We will use your personal data in:

Reason for processing Legal basis
Assessing your eligibility to the ENCTS  Legal: Transport Act 2000 (as modified by the Concessionary Bus Travel Act 2007) 
Reviewing your eligibility to entitlement under the scheme Legal: Transport Act 2000 (as modified by the Concessionary Bus Travel Act 2007) 

 

If you don't want to provide personal information

Unfortunately if you do not provide the information as described above we will be unable to assess your eligibility to the ENCTS.

Sharing with third parties

It may be necessary to share your information with other third partied organisations in order to assess your eligibility to the scheme These may include:

  • K2 Physiocare
  • GP Surgeries 
Which third parties process my personal information? 

The following third party organisations may process information about you:

  • Northgate Public Services – The Council’s IT provider Northgate may have to access the system on occasions where there is a fault
  • K2 Physiocare
  • GP Surgeries
National Fraud initiative 

This authority/organisation is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for; auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.  

The Cabinet Office is responsible for carrying out data matching exercises.  

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

We participate in the Cabinet Office’s National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office for matching for each exercise, as detailed here.

The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under the Data Protection Act 2018.

Data matching by the Cabinet Office is subject to a Code of Practice.

View further information on the Cabinet Office’s legal powers and the reasons why it matches particular information. Further information on data matching Telephone: 01429266522 

Data retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal information are available in our retention schedules.

Rights of access, correction and erasure

Under certain circumstances, by law you have the right to:

  • have inaccurate or incomplete date we hold on you corrected
  • request the erasure of personal data we hold
  • object to processing
  • request the restriction of processing of your personal data
  • request the transfer of your personal data
  • request access to your personal information

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact the Data Protection Officer in writing.

For further information on your rights please visit our GDPR web page