Website and telephone payments Sunday 19 May
Our website and telephone payment systems are unavailable between 9am and 2pm on Sunday 19 May. You will not be able to pay for any council services on our website or over the phone during this time.
This privacy notice is designed to help you understand how and why North Yorkshire Council processes your personal data in order to detect crime and protect public funds. This notice should be read in conjunction with our corporate privacy notice.
North Yorkshire Council is a ‘data controller’ as defined by Article 4(7) of the UK General Data Protection Regulation (UK GDPR). The council’s counter fraud service is carried out by Veritau.
For more information you can visit the Veritau website.
The council has appointed Veritau to be its Data Protection Officer. Their contact details are:
Information Governance Office
Veritau
West Offices
Station Rise
York
North Yorkshire
YO1 6GA
Email: infogov@northyorks.gov.uk
Tel: 01904 552848
The counter fraud team will use any personal data that the council holds in order to detect and/or prevent criminal activity. This includes, but is not necessarily limited to:
The counter fraud team will also use any ‘special category’ data that the council holds in order to detect and/or prevent criminal activity. This includes, but not necessarily limited to:
The counter fraud team may also use any ‘criminal conviction data’ that the council may hold in relation to you.
The counter fraud team will also create information based on their investigations. This could include, but is not necessarily limited to:
The council has a duty to protect public funds. The counter fraud team will use your data to investigate any potential errors and/or fraudulent activity which could lead (but is not limited to) generation of invoices, recovery of monies and prosecution and/or court action being pursued.
NYC participates in an exercise every two years called the National Fraud Initiative (NFI) to promote the proper spending of public money. This is a data matching exercise organised and managed by the Cabinet Office.
Every council in England takes part by providing information relating to the customers and services they supply. The Cabinet Office matches the databases together looking for suspicious details. We then investigate the details the Cabinet Office sends back to us.
For more information you can view the code of data matching practice for the national fraud initiative government page.
Normally every individual whose data is included is informed about NFI, in accordance with our data protection policy and the Cabinet Office's code of practice. This notice, along with disclaimers on the council’s data collection forms, fulfils that duty.
The council also undertakes internal data matching exercises as well as regional data matching with neighbouring authorities. This is to further help protect public funds from misuse and identify fraud.
This means that we may use your personal data from one and match it against your data from another organisation. Any information we disclose to or receive from neighbouring authorities is governed by a strict information sharing agreement.
We may get information about you from certain third parties, or give them information to:
These third parties include the Department for Work and Pensions, Her Majesty's revenues and customs, other government departments and other local authorities. We may also provide information for data matching exercises with the Cabinet Office, the Department for Work and Pensions and credit reference agencies as the law allows.
We may also pass information to the police or another law enforcement agency if we believe a crime has been, or is likely to be, committed.
We will keep electronic records for up to six years on conclusion of their use (for example, at the point an investigation is ended).
Where we collect or process information for data matches purposes, we review each project on its own merits and may delete records within six years if it is no longer relevant to hold bulk data which has been used for matching.
North Yorkshire Council relies on the following lawful basis to process your personal data for the purposes of crime prevention and/or detection:
When processing special category data, the council will rely on the following lawful basis:
UK GDPR Article 9(2) (g) – processing is necessary for reasons of substantial public with processing meeting Schedule 1, Part 2 of the Data Protection Act 2018 as below:
This is in pursuance with the following legislative texts:
For more information about how we use your data, including your privacy rights and the complaints process, please see our corporate privacy notice.