Parking Services (Penalty Charge Notices) privacy notice
Our core data protection obligations and commitments are set out in the council's primary privacy notice.
This notice provides additional privacy information for Bury Council Parking Services - Penalty Charge Notices (PCNs) issued under Traffic Management Act 2004 and Transport Act 2000.
We take your privacy very seriously therefore we urge you to read this policy because it contains important information about us and:
- the personal information we collect about you
- what we do with your information
- who your information may be shared with
We require this data for statutory reasons under the Traffic Management Act 2004 (and associated regulations) and the Transport Act 2000, (and associated regulations, notably the Bus Lane Contraventions (Penalty Charges, Adjudication and Enforcement) (England) Regulations 2005)
Categories of personal data
In order to carry out these purposes we collect the following information about you:
- vehicle registration mark
When a vehicle is seen in contravention of bus lane or parking regulations:
- we will contact the DVLA to obtain the Registered Keeper details to issue a Penalty Charge Notice/Notice to Owner
- if the vehicle is hired/leased then we request a copy of the hire/lease agreement from the Registered Keeper of the vehicle to enable the transfer of liability
- if the Registered Keeper has sold the vehicle, then we can obtain details of the New Keeper from the Registered Keeper at the time of contravention
Legal basis for processing
The Keeper/Hirer details are obtained to enable the Council to enforce the Penalty Charge Notice/Notice to Owner under the Statutory Process in place.
For information about the statutory process please visit www.patrol-uk.info
We may share personal information about you with the following types of organisations:
- law enforcement agencies in connection with any investigation to help prevent unlawful activity
- the Traffic Penalty Tribunal
- the Traffic Enforcement Centre
- Collection Agency
- NSL Services Group
- Cobalt Telephone Technologies
- Northgate Public Services
- other Local Authorities
The information will be shared internally for the better performance and efficiency of Council services.
Keeping your information secure
We will use technological and organisation measures to keep your information secure. These measures may include the following examples:
- all data is stored on a database on a secure server which is password protected
- all payment processing is done using PCI compliant systems
Data is stored for a period of up to 6 years or for as long as cases remain outstanding.
What rights do you have?
The data protection legislation provides you with 8 rights, in regards to your personal data. These are: the right to be informed, the right of access, the right to rectification, the right to erase, the right to restrict processing, the right to data portability, the right to object and the rights in relation to automated decision making and profiling.
Right of access
You have a right to request a copy of your information. You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy please:
- email or write to us (using the contact details below)
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill)
- let us know the information you want a copy of, including any account or reference numbers, if you have them
Subject access requests can be made by completing and returning our subject access form by post or by email: Subject Access request form [103kb]
Right to correct any mistakes in your information
You can request us to correct any mistakes in your information which we hold, free of charge. If you would like to do this, please:
- write to the Data Protection Officer, Bury Council, Town Hall, Knowsley Place, Bury. BL9 0SW.
- let us have enough information to identify you (e.g. account number, name, vehicle registration details), and
- let us know the information that is incorrect and what it should be replaced with
Right to be forgotten
You have the right to be forgotten so you can ask for your personal information to be deleted where:
- it is no longer needed for the reason why it was collected in the first place
- you have removed your consent for us to use your information and we do not have to keep your information for legal reasons
If we have shared your personal information with others, we will do what we can to make sure those using your personal information comply with your request for erasure. We may not be able to delete your personal data if it is needed for legal reasons, for reasons of public health, public interest or for medical purposes.
If you are unhappy with how the data controller has processed your data, or if you feel they have acted in a way that has breached your data protection rights you have the right to complain to the Information Commissioner's Office.
We may update or revise this Privacy Notice at any time so please refer to the version published on our website for the most up to date details.