Safeguarding measures
The Council takes your privacy seriously and we take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place both technically and by means of training and policies. The Council also has annual independent technical health checks and system audits.
Shared Service
OneSource is a shared back-office support service providing Payroll and Legal Services on behalf of London Borough of Newham and London Borough of Havering. OneSource is not a separate legal entity, it is the name of the joint service managed directly by the Council’s. Any personal data shared is covered by an agreement between the two Council’s. However, each Council remains the data controller for the personal data that OneSource managers on their behalf.
Use of 'cookies'
The Council’s website uses cookies. 'Cookies' are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. For example, we use cookies to analyse and track how you interact with our website and portal. This helps us to improve our website and deliver a better more personalised service.
Links to other websites
Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access those using links from our website.
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Transferring your information outside of Europe
On exceptional occasions we transfer data outside of the UK and Europe. The information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, application support, the use of a hosted solution or a social care matter. If data is hosted or transferred we ensure that the council is compliant with the data protection laws and that there is adequate and appropriate protection of the data.
As the UK will be subject to Article 45 of the GDPR, data transfers will only be permissible if we comply with one of the following:
- Transfers will be permissible if the country is approved to have an adequate level of data protection and formally accepted as an ‘adequate’ third country
- Transfers can be made if the UK makes use of model contractual clauses (approved by the European Commission and/or the relevant Supervisory Authority)
- Transfers can be made if the UK makes use of ad-hoc contractual clauses (approved by the relevant Supervisory Authority)
- Transfers may be made on the basis of approved codes of conduct/approved certification mechanisms; or Supervisory Authority agreed binding corporate rules (BCRs) may be used to transfer data to/from the UK, when dealing with transfers between organization within a corporate group ( probably not applicable to Councils).
