How we use your personal information
Shropshire Fire and Rescue Service (SFRS) is responsible for controlling how your personal data is used. You can contact the Data Protection Officer by email or by writing to the address at the end of this notice.
The Fire and Rescue Services Act 2004 lists our four core tasks:
- Community safety
- Fire-fighting
- Attending road traffic accidents
- Attending other emergencies
When dealing with incidents we will record details of the people involved to enable us to keep people safe and carry out investigations. We use details of people who may be at more risk of suffering an incident to help us target the help we can provide towards them.
Please be aware that when you contact us using the 999 emergency number all calls are recorded and we will ask for personal and location information such as name, contact details and where you are calling us from. This information will be collected via telephone by a member of our fire control staff. Some information may be collected automatically by our command and control system such as your name, the mobile telephone number you are calling from and the location. If you are calling from a landline, it will automatically record the landline telephone number and the billing address for that number.
Information relating to emergency incidents is used under statutory powers to manage and record incidents and investigate if necessary. We may collect medical information to support the ambulance service in providing care to you. Your information may be passed to other organisations to help them in their emergency response. We may use the information you have provided to contact you should we should we need to obtain further information from you about the incident you reported. Reviews of voice recordings will only be done by Fire Control staff and will only be for appropriate and relevant purposes such as incident management, training or quality assurance.
Purpose of processing your personal information
We process personal information to enable us undertake prevention, protection and emergency services to the communities that we serve. Personal data can be collected particularly for firefighting and emergency services which includes managing responses to fire, incidents and traffic accidents, maintaining our own records and accounts including the management of fire service assets. To summarise the reasons why we collect personal data include:
- managing responses to fire
- incidents and traffic accidents
- Fire Prevention, (awareness, advice and guidance)
- Fire investigation
- Carrying out home safety visits for employment and staff training purposes
- Checking the quality and effectiveness of our services
- Investigating any concerns or complaints about our services
- Research and planning of new services
- Emergency contact information
- Agreements you may have with the fire and rescue service.
SFRS as part of the national framework and are required to forward statistical information to government agencies but this data has no personal or identifiable individual data within the information provided.
Body Worn Video Cameras
SFRS use body worn camera recording equipment (recording image and sounds where necessary) for the purpose of:
- Supporting compliance with Incident Command National Operational Guidance (N.O.G)
- Assisting in learning and sharing of best practice
- Supporting the decision logging process during operational incidents
- Improving operational decision making
- Providing real-time images to enable faster, more effective command decisions.
- Providing a safe and secure environment for staff
- Protecting the community
- Providing evidence to support investigations
- Providing evidence to support legal arguments
- Protecting Authority property
- To help meet the statutory duty under the Civil Contingencies Act 2004 to maintain operational functionality and interoperability with other responders at all times
and to meet the following legal basis for processing:
6(1)(c) – Processing is necessary for compliance with a legal obligation
6(1)(d) – Processing is necessary to protect the vital interests of a data subject or another person
6(1)(e) – Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
9(2)(g) – Processing is necessary for reasons of substantial public interest on the basis of Union or Member State law which is proportionate to the aim pursued and which contains appropriate safeguards.
Non-evidential recordings shall be stored for 30 days maximum, after which they will be securely destroyed.
Incident Command Unit Video Devices
SFRS are implementing the use of Incident Command Unit camera recording equipment (recording image and sounds where necessary) for the purpose of:
- Supporting compliance with Incident Command National Operational Guidance (N.O.G)
- Assisting in learning and sharing of best practice
- Supporting the decision logging process during operational incidents
- Improving operational decision making
- Providing real-time images to enable faster, more effective command decisions.
- Providing evidence to support investigations
- Providing evidence to support legal arguments
- Protecting Authority property
- To help meet the statutory duty under the Civil Contingencies Act 2004 to maintain operational functionality and interoperability with other responders at all times
and to meet the following legal basis for processing:
6(1)(d) – Processing is necessary to protect the vital interests of a data subject or another person
6(1)(e) – Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
9(2)(g) – Processing is necessary for reasons of substantial public interest on the basis of Union or Member State law which is proportionate to the aim pursued and which contains appropriate safeguards.
Non-evidential recordings shall be stored for 30 days maximum, after which they will be securely destroyed.
Fixed Installation Video Systems (Building CCTV)
SFRS use fixed installation/building camera recording equipment (recording images only) for the purpose of:
- The prevention and detection of crime
- Provide safe and secure working environments for all personnel, visitors, contractors, volunteers on Service premises
- To assist during investigations including disciplinary investigation
- Complaint investigations
- Supporting any investigations of accidents and other incidents
- Identifying vehicle movement problems around the site
- To assist in the early identification of loss of operational equipment, enabling prompt replacement and a return to operational ability.
- Promote improved behaviours or mitigate instances of digression from policy or safe working practices
- Manage and control access to our premises
- Provide images to our partners when legitimately requested
and to meet the following legal basis for processing:
6(1)(e) – Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
9(2)(g) – Processing is necessary for reasons of substantial public interest on the basis of Union or Member State law which is proportionate to the aim pursued and which contains appropriate safeguards.
Vehicle mounted CCTV Systems
SFRS use vehicle mounted CCTV/camera recording equipment (recording images only) for the purpose of:
- The prevention and detection of crime
- Fire investigation
- Accident investigation
- Complaint investigation
- To assist in the early identification of loss of operational equipment, enabling prompt replacement and a return to operational ability.
- Learning, development and training aid for operational tactics and command.
- Promote community safety and education
- Provide images to our partners when legitimately requested
and to meet the following legal basis for processing:
6(1)(e) – Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
9(2)(g) – Processing is necessary for reasons of substantial public interest on the basis of Union or Member State law which is proportionate to the aim pursued and which contains appropriate safeguards.
All recordings will be processed securely by SFRS and will not be shared with any external organisations unless required/permitted to do so by law.
Drones
SFRS use drone equipment to stream and record aerial video and still images for the purpose of:
- Support compliance with Incident Command National Operational Guidance (NOG)
- Assist in learning and sharing of best practice
- Support the decision logging process during operational incidents
- Improve operational decision making, operational learning and operational assurance
- Provide real-time images to enable faster, more effective command decisions.
- Provide a safe and secure environment for staff
- Protect the community
- Provide evidence to support investigations
- Provide evidence to support legal arguments
- Protect Authority property
- To help meet the statutory duty under the Civil Contingencies Act 2004 to maintain operational functionality and interoperability with other responders at all times
and to meet the following legal basis for processing:
6(1)(d) – Processing is necessary to protect the vital interests of a data subject or another person
6(1)(e) – Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
9(2)(f) – Processing is necessary for the establishment, exercise or defence of legal claims or where courts are acting in their judicial capacity
9(2)(g) – Processing is necessary for reasons of substantial public interest on the basis of Union or Member State law which is proportionate to the aim pursued and which contains appropriate safeguards.
All recordings will be processed securely by SFRS and will not be shared with any external organisations unless required/permitted to do so by law.
Non-evidential recordings shall be stored for 30 days maximum, after which they will be securely destroyed.
The data we may collect about you
To deliver our services effectively, we may need to collect and process personal data about you. Personal data refers to any information with which a living individual can be identified. Individual identification can be by the information alone or in conjunction with other information in the possession of the ‘The Authority’. For more information about our retention policy please contact the Planning and Programmes Officer: 01743 260 200 or email enquiries@shropshirefire.gov.uk.
Types of personal data
- Individual details : Name, address, other contact details (e.g. email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment and training history, family details including their relationship to you.
- Special categories of personal data: Certain categories of personal data have additional protection under the GDPR. The categories are health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric or data concerning sex life or sexual orientation.
Legal basis for processing your personal data
We have the right to process your personal data if at least one of the following applies:
- Processing is necessary for carrying out legitimate public duties of a Fire and Rescue Service as defined in the Fire and Rescue Services Act 2004.
- Explicit consent is required for carrying out incidental activities that help us in carrying out our public duty of improving, protecting and saving lives.
- Processing is necessary for collaborating with public organisations such as the police and ambulance service in undertaking public safety functions.
- For recruitment, employment, social security purposes or a collective agreement.
- Processing is carried out by a non-profit body with a political, philosophical, religious or trade union aim provided:
- the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes); and
- there is no disclosure to a third party without consent.
Working for us
If you work or volunteer for us then we will use your personal data to manage your employment. Details of job applicants are destroyed 6 months after the post is filled.
We keep details of former employees and volunteers for 6 years after they have left.
Your Rights
Subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data which the "SFRS" holds about you;
- The right to request that the "SFRS” corrects any personal information if it is found to be inaccurate or out of date;
- The right to erasure of your personal data where it is no longer necessary for the "SFRS” to retain such data;
- The right to withdraw consent to the processing of your data at any time;
- The right to request that the "SFRS" to transmit your data another organisation where applicable;
- Where there is a dispute in relation to the accuracy or processing of your personal data, you have the right to request a restriction is placed on further processing;
- The right to object to the processing of personal data where applicable. However, as the "SFRS" will mainly be processing data based on the performance of a statutory duty in the public interest, there are limits to this right.
Where we ask for your consent we will at the time tell you how you can remove your consent in future.
If you would like a copy of the information we hold about you please contact us to ask for it. If anything needs changing or you want us to remove your personal information then please let us know, we will reply as quickly as possible. It may not always be possible to delete your personal information. If we cannot delete your information, we will let you know why. We will also try to limit how we process your details. To make a request for your personal information please contact the Data Protection Officer using the details shown at the end of this notice.
How we share your information
If we feel another organisation may be able to help keep you safe then we may share your details with them. The types of organisations we share information with include health services, local government, charities and other support groups. We may share the personal details of employees and volunteers with other companies that provide us services such as training and other support.
Legal Basis for Sharing
We will only share your information when there is a legal basis for doing so, which will be set out in the Privacy Notice specific to the area where we are processing the information.
Using our web site
When you visit our web site Google Analytics places a small file called a 'cookie' on your computer. This helps us see which pages you visited; it is not possible for Google or us to identify you personally from these cookies.
National Fraud Initiative
We are required by law to protect the public funds we administer. We may share information given to us with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud. The Cabinet Office carries out a national data matching exercise called the National Fraud Initiative (NFI). Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This usually relates to personal information. From October 2012 a new requirement was introduced to submit personal identifiers such as contact details. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it indicates that there's an inconsistency that requires further investigation. No assumption can be made as to whether there is fraud, error or something else until an investigation is carried out.
The Cabinet Office currently requires us to participate in a data matching exercise to assist in the prevention and detection of fraud. We're required to provide particular sets of data to the Cabinet Office for matching for each exercise. These are set out in its guidance, which can be found on their website.
From 1 April 2015 the NFI will be conducted using the data matching powers bestowed on the minister for the Cabinet Office by Part 6 of the Local Audit and Accountability Act 2014. It doesn't require the consent of the individuals concerned under the data protection legislation.
Data matching by the Audit Commission is subject to a code of practice.
For further information on the Cabinet Office's legal powers and the reasons why it matches particular information, take a look at its Fair Processing Agreement. For further information on data matching at this authority, please contact Head of Finance, Joanne Coadey on 01743 260215
Complaints
If you would like to complain about the way your information has been used then please visit the contact us page on our web site or write to:
Data Protection Officer,
Telford & Wrekin Council,
5th Floor A,
Darby House,
Lawn Central,
Town Centre,
Telford,
TF3 4JA
Data Protection Officer email: Robert.Montgomery@telford.gov.uk
You can also contact the Information Commissioner's Office to complain by visiting their web site at www.ico.org.uk/ visiting their contact page, telephoning 0303 123 1113 / writing to:
Information Commissioner's Office
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire,
SK9 5AF