Privacy notice – Smokefree

North Somerset Council is registered with the Information Commissioner’s Office for the purposes of processing personal data.  The Smokefree North Somerset service is administrated on behalf of North Somerset Council by GP surgeries and pharmacies throughout North Somerset.

The information you provide will be held and used in accordance with the requirements of UK and European data protection law.  The information will form part of your Smokefree North Somerset account, and held for two years after your first contact with the service with each new quit attempt.

Unless otherwise agreed with you, we will only collect the minimum personal data required to deliver the service, which includes name, date of birth, address, ethnicity, whether you are pregnant, current employment status and whether you pay for prescriptions or not.

The information will be used for the administration of the Smokefree service, a voluntary service designed to improve your health and wellbeing.  The processing of this information is lawful as it is necessary to protect the vital interests of a living person, in accordance with GDPR Article 6(1)(d).  We require the special category information in order to monitor the delivery of the service, identify additional services that may be of assistance to you, and we need pregnancy status to ensure correct provision of certain smoking cessation medications, in the public interest, in accordance with Article 9(2)(g) of GDPR.

We will not use your personal information in a way that may cause you unwarranted nuisance.  Failure to provide the information means that we are unable to offer smoking cessation support to individuals as information is required for health and safety reasons.

The information provided will be shared with your GP or referring professional to ensure your ongoing progress is recorded in your file.  The information will also be shared with Public Health teams in local authorities in the South West and the NHS Clinical Care Group, in an anonymised format for statistical and monitoring purposes.

We may lawfully disclose information to public sector agencies to prevent or detect fraud or other crime, or to support the national fraud initiatives and protect public funds under the Local Audit and Accountability Act 2014.  Under the conditions of the Digital Economy Act 2017, we may also share personal data provided to us with other public authorities as defined in the Act, for the purposes of fraud or crime detection or prevention, to recover monies owed to us, to improve public service delivery, or for statistical research.  We do not share the information with other organisations for commercial purposes.

You have the right to see the personal data we process about you, as well as the right of rectification and restriction (of destruction of records only).  For details of how to make such a request, please click here.

If you have any questions or concerns about the way we process your personal data, our Data Protection Officer can be contacted at DPO@n-somerset.gov.uk