About data protection

The Data Protection Act 2018 and the European General Data Protection Regulation (GDPR) control how we use your personal information.

We follow strict rules called data protection principles. We must make sure information is:

  • used fairly, lawfully, and in a transparent manner
  • only used for the purpose collected
  • adequate, relevant and not excessive
  • accurate and up to date
  • kept for no longer than is necessary
  • kept safe and secure

You can have access to information that we hold about you by making a subject access request.

If you have any questions or concerns about the way we process your personal data, our Data Protection Officer can be contacted at DPO@n-somerset.gov.uk

If you wish to make a complaint about how we handle your personal data, we ask that you give our Data Protection Officer the opportunity to respond in the first instance, but you are not obliged to do this.  You can make your complaint directly to the Information Commissioner’s Office