Data breaches

The council is committed to processing your data in line with the relevant data protection legislation. We will ensure your data is kept safe and secure.


A breach takes place if someone’s personal data is either accidentally or intentionally lost, stolen, disclosed, destroyed or altered when it shouldn’t be. It’s also a breach if someone can’t access their data over a period of time.

Minimising risk

Breaches can not only have an impact on the individuals concerned, but also affect the efficiency of the service and our reputation. The council has strict policies and procedures in place to manage, minimise and mitigate the impact of any breach as quickly and as efficiently as possible.

Find more information about data protection.

Informing you

We are only required to inform you of a breach when it is likely to result in a high risk to your rights and freedoms. In this event we will contact you without delay.

Examples are:

  • discrimination
  • identity theft or fraud
  • financial loss
  • damage to reputation

Reporting to the Regulator (Information Commissioner's Office - ICO)

In certain circumstances the council is obliged to proactively report significant data breaches to the ICO within 72 hours.

If you become aware of a breach

If you know or suspect that a breach has occurred please, without undue delay, complete our online form.

You can also contact the Data Protection Officer

Find information on the council's data retention schedule.

Last updated 09 November 2023