The Data Protection Team

The Data Protection Team is made up of the Data Protection Officer, the Information Rights Officer and the Information Assurance Manager.

Data Protection Officer

The Data Protection Officer (DPO) monitors the Council's compliance with the General Data Protection Regulation (GDPR).

Contact the DPO if you wish to:

  • Report a personal data breach

A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes.

You can report a personal data breach to DPO@guildford.gov.uk

All requests for information will be handled in line with our Corporate Customer Charter.

For further information, please contact the Data Protection Officer.

The DPO:

  • Is independent
  • Reports to Senior Management
  • Monitors the Council's compliance with the GDPR.

Information Rights Officer

The Information Rights Officer (IRO) can advise you on your rights to our information. Laws that affect your information rights and privacy include the General Data Protection Regulation (GDPR), Data Protection law, the Freedom of Information Act 2000 and the Human Rights Act 1998.

Contact the IRO if you wish to:

  • Find out if you have a right to information under the Freedom of Information Act 2000 - or if the information relates to the environment, the Environmental Information Regulations 2004
  • Access your information rights as set out under GDPR: the right to be informed, the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and rights in relation to automated decision making and profiling
  • Enquire about the way the Council uses personal information
  • Report an unauthorised disclosure of information or a breach in the Council's information security

All requests for information will be handled in line with our Corporate Customer Charter.

For further information please contact the Information Rights Officer.

The IRO is also responsible for:

  • Promoting transparency within the Council
  • Overseeing our publication scheme (required under the Freedom of Information Act)
  • Making sure that we have a suitable records retention policy
  • Advising staff and councillors on how to use personal information legally and how to manage records in line with other legislation such as the Freedom of Information Act

Information Assurance Manager

The Information Assurance Manager supports the Service Assurance function in implementing the Information and Communications Technology (ICT) security vision, model and principles across all of Guildford Borough Council, ensuring compliance with Payment Card Industry Data Security Standard, General Data Protection Regulation and other appropriate industry standards, to support the organisational strategy.

The Information Assurance Manager works with the ICT department to guide the selection and deployment of technical controls to meet specific security requirements, and defines processes and standards to ensure that security configurations are maintained.   The Information Assurance Manager is also responsible for managing Guildford Borough Council through the implementation of ISO27001.